_cabelo_
(usa Debian)
Enviado em 07/12/2007 - 11:19h
Galera eu só estou perguntando pois nao sei mais onde recorrer. Ja faz uns 15 dias que estou procurando na net devoter seguido uns 20 ou 30 tutorias e nao conseiguo fazer funcionar o meu servidor de nomes.
Eu tenho um dominio e que colocar ele para ser acessado por todos pois vou criar um server de mail segue as configuraçoes.
Servidor Mandriva 2007
Bind 9.alguma coisa
arquivos de configuraçao
named.conf
// (oe) Loosely based on the document below and from production server configurations.
//
http://www.cymru.com/Documents/secure-bind-template.html
// secret must be the same as in /etc/rndc.conf
include "/etc/rndc.key";
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { mykey; };
};
// Access lists (ACL's) should be defined here
include "/etc/bogon_acl.conf";
include "/etc/trusted_networks_acl.conf";
// Define logging channels
include "/etc/logging.conf";
options {
version "";
directory "/var/named";
dump-file "/var/tmp/named_dump.db";
pid-file "/var/run/named.pid";
statistics-file "/var/tmp/named.stats";
zone-statistics yes;
// datasize 256M;
coresize 100M;
// fetch-glue no;
// recursion no;
// recursive-clients 10000;
auth-nxdomain yes;
query-source address * port *;
listen-on port 53 { any; };
cleaning-interval 120;
transfers-in 20;
transfers-per-ns 2;
lame-ttl 0;
max-ncache-ttl 10800;
// forwarders { first_public_nameserver_ip; second_public_nameserver_ip; };
// allow-update { none; };
// allow-transfer { any; };
// Prevent DoS attacks by generating bogus zone transfer
// requests. This will result in slower updates to the
// slave servers (e.g. they will await the poll interval
// before checking for updates).
notify no;
// notify explicit;
// also-notify { secondary_name_server };
// Generate more efficient zone transfers. This will place
// multiple DNS records in a DNS message, instead of one per
// DNS message.
transfer-format many-answers;
// Set the maximum zone transfer time to something more
// reasonable. In this case, we state that any zone transfer
// that takes longer than 60 minutes is unlikely to ever
// complete. WARNING: If you have very large zone files,
// adjust this to fit your requirements.
max-transfer-time-in 60;
// We have no dynamic interfaces, so BIND shouldn't need to
// poll for interface state {UP|DOWN}.
interface-interval 0;
// Uncoment these to enable IPv6 connections support
// IPv4 will still work
// listen-on { none; };
// listen-on-v6 { any; };
// allow-query { trusted_networks; };
allow-recursion { trusted_networks; };
// Deny anything from the bogon networks as
// detailed in the "bogon" ACL.
blackhole { bogon; };
};
// workaround stupid stuff... (OE: Wed 17 Sep 2003)
zone "ac" { type delegation-only; };
zone "cc" { type delegation-only; };
zone "com" { type delegation-only; };
zone "cx" { type delegation-only; };
zone "lv" { type delegation-only; };
zone "museum" { type delegation-only; };
zone "net" { type delegation-only; };
zone "nu" { type delegation-only; };
zone "ph" { type delegation-only; };
zone "sh" { type delegation-only; };
zone "tm" { type delegation-only; };
zone "ws" { type delegation-only; };
zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "master/localdomain.zone";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "master/localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "reverse/named.local";
allow-update { none; };
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "reverse/named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "reverse/named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "reverse/named.zero";
allow-update { none; };
};
zone "exemplo.gov.br" IN {
type master;
file "/etc/bind/db.exemplo";
};
db.exemplo
$TTL 86400
@ IN SOA servidor. root.exemplo.gov.br. (
2006040645 3H 15M 1W 1D )
IN NS exemplo.gov.br.
IN MX 10 exemplo.gov.br.
Localhost IN A 127.0.0.1
exemplo.gov.br. IN A 201.XX.XX.XX
www IN A 201.XX.XX.XX
ftp IN A 201.XX.XX.XX
mail IN A 201.XX.XX.XX
com essas configuraçoes dou um named-checkzone e esta tudo correto mas quando eu dou um dig ocorre isso
dig exemplo.gov.br @201.XX.XX.XX
; <<>> DiG 9.4.0 <<>> exemplo.gov.br @201.XX.XX.XX
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 35130
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;exemplo.gov.br. IN A
;; Query time: 4 msec
;; SERVER: 201.XX.XX.XX#53(201.XX.XX.XX)
;; WHEN: Fri Dec 7 11:14:31 2007
;; MSG SIZE rcvd: 35
esse erro q me intriga e o nslookup tb da erro este aqui
nslookup exemplo.gov.br
Server: 201.XX.XX.XX
Address: 201.XX.XX.XX#53
** server can't find exemplo.gov.br.servidor.exemplo.gov.br: SERVFAIL
ja nao sei mais o que fazer
peço encarecidamente que me deem uma maozinha ai pra conseguir arrumar isso
Desde ja agradeço
_cabelo_