On Jul 28, 2011, at 8:27 AM, uifid...@gmail.com wrote:
> I'm trying to config a bind server which could answering queries (at
> least from 127.0.0.1 and 192.168.18.128) like "dig kia.czj" but I
> failed to. perhaps my ignorance about match-clients and
> match-destinations statements failed my attempt, or more likely, "SOA
> and NS of localhost. seems wrong".
Your SOA and NS records are fine for a testing or other small private
environment.
> It should be
> localhost.localdomain.And I used to think the $origin statement is not
> necessary, the idea about the zone name could be got from named.conf.
Your understanding was correct.
The problem is that the ACL "localhost" in named.conf does not mean what it
means pretty much everywhere else. It is not a synonym for 127.0.0.1. Instead,
it means the local system, including all available network interfaces.
It's evident that you're testing on your name server directly. The server's
address is 192.168.18.128. So your query is getting filed into the first view,
and thus never gets to the second.
To fix this, you could either remove the localhost_resolver view that Red Hat
provides, or else change "localhost" in the first view to "127.0.0.1". I
recommend removing the extraneous view, since you're obviously not intending to
use it.
Chris Buxton
BlueCat Networks
> 2011/7/28 Alan Clegg <acl...@isc.org>:
>> On 7/28/2011 4:16 AM, uifid...@gmail.com wrote:
>>
>>> view localhost_resolver {
>>> match-clients { localhost; };
>>> match-destinations { localhost; };
>>> recursion yes;
>>> include "/etc/named.rfc1912.zones";
>>> };
>>> view czj {
>>> match-clients { 192.168.18.128; localhost; };
>>> match-destinations { 192.168.18.128; localhost; };
>>> recursion yes;
>>> zone "czj" {
>>> type master;
>>> file "czj.zone";
>>> };
>>> };
>>
>>> named-checkzone named-checkconf passed
>>
>> These check syntax but not semantics. As someone else pointed out, it
>> looks like your zone file is messed up a bit. Additionally, the views
>> above have both match-clients and match-destinations which I doubt you
>> want, and you have localhost listed in both...
>>
>> What is it that you are trying to do and we might be able to help you
>> out some...
>>
>> AlanC
>>
>>
>> _______________________________________________
>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
>> unsubscribe from this list
>>
>> bind-users mailing list
>> bind-users@lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users
>>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
