Bind9 工作目錄沒設對,竟然也不報錯的詭異邏輯
分享完整連結 //n.sfs.tw/m10604
分享連結 Bind9 工作目錄沒設對,竟然也不報錯的詭異邏輯@精讚(文章歡迎轉載,請尊重版權註明連結來源)
2019-08-12 02:30:39 By 張○○
今天弄Freebsd 系統中的BIND9(BIND 9.11.8 OS FreeBSD 11.2-RELEASE-p10)
遇到兩個詭異的問題,第一個我覺得根本就是個混蛋玩意,
抱怨一
事情是這樣的,在他提供的設定檔範例(named.conf.sample)中有這樣的說明,為了怕有人英文不好懶得看,我特別用綠字翻翻譯:
/* Serving the following zones locally will prevent any queries
for these zones leaving your network and going to the root
name servers. This has two significant advantages:
1. Faster local resolution for your users
2. No spurious traffic will be sent from your network to the roots
簡單的來說就是設定一些黑洞網域(blackhole zone),防止這些查詢造成根網域的困擾,還能加速你的使用者查詢速度。
*/
// RFCs 1912, 5735 and 6303 (and BCP 32 for localhost)
zone "localhost" { type master; file "/usr/local/etc/namedb/master/localhost-forward.db"; };
zone "127.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/localhost-reverse.db"; };
zone "255.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
// RFC 1912-style zone for IPv6 localhost address (RFC 6303)
zone "0.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/localhost-reverse.db"; };
// "This" Network (RFCs 1912, 5735 and 6303)
zone "0.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
// Private Use Networks (RFCs 1918, 5735 and 6303)
zone "10.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "16.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "17.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "18.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "19.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "20.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "21.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "22.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "23.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "24.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "25.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "26.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "27.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "28.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "29.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
...
只是設定檔,還有很多大概200個我略過 ....
真是厲害了我的國好棒棒我馬上就高潮了,可是當我心歡喜悅的啟動的時後,他竟然向我報錯:
咦?!明明是你的範例耶…
service named restart
named not running? (check /var/run/named/pid).
/usr/local/etc/namedb/named.conf:1029: writeable file '/usr/local/etc/namedb/master/localhost-reverse.db': already in use: /usr/local/etc/namedb/named.conf:1025
/usr/local/etc/namedb/named.conf:1032: writeable file '/usr/local/etc/namedb/master/empty.db': already in use: /usr/local/etc/namedb/named.conf:1026
/usr/local/etc/namedb/named.conf:1035: writeable file '/usr/local/etc/namedb/master/empty.db': already in use: /usr/local/etc/namedb/named.conf:1026
/usr/local/etc/namedb/named.conf:1036: writeable file '/usr/local/etc/namedb/master/empty.db': already in use: /usr/local/etc/namedb/named.conf:1026
/usr/local/etc/namedb/named.conf:1037: writeable file '/usr/local/etc/namedb/master/empty.db': already in use: /usr/local/etc/namedb/named.conf:1026
/usr/local/etc/namedb/named.conf:1038: writeable file '/usr/local/etc/namedb/master/empty.db': already in use: /usr/local/etc/namedb/named.conf:1026
/usr/local/etc/namedb/named.conf:1039: writeable file '/usr/local/etc/namedb/master/empty.db': already in use: /usr/local/etc/namedb/named.conf:1026
/usr/local/etc/namedb/named.conf:1040: writeable file '/usr/local/etc/namedb/master/empty.db': already in use: /usr/local/etc/namedb/named.conf:1026
只是一樣的錯誤,不同的是行號,還有很多大概200個我略過 ....
我馬上就意識到他說,你一個檔案只能給一個ZONE用,多的不可以。
花了三個小時找解決方案,失敗
明明以前在linux 都是正常,一個檔案可以給很多個ZONE使用,到這裡就不行??
我放棄,
只好使出大絕招:註解。
抱怨二
這和上面一樣,經由上面的經驗,我知道系統在啟動的時候,會去查找你的ZONE檔有沒有被重覆使用。
嗯嗯,我做了筆記
所以當我設定一個正常的檔案的時候,由上面和以前的經驗,我以為,他肯定會去檢查我的檔案。
然後我就快樂的啟動服務了,後來發現我的記錄都沒有回應?
明明我的記錄都寫得很正常,
我用的named-checkzone, named-checkconf他都說很OK
馬的,最後才發現我的工作目錄沒有設定正確
明明我的ZONE檔都不存在你都讀不到了,竟然沒有報錯,這是怎樣?
剛剛重覆不行,現在沒有卻可以,什麼邏輯
明明在linux 都是正常,到這裡就不行??
浪費我一小時在找錯…
因為很氣,氣到我寫這篇
[Linux] 如何能知道我是什麼時候安裝的?
linux想知道什麼時候裝系統的?
地圖填色的網站
我們想為國家填色不需要小畫家,這個網站能幫助你
[Linux] 列出所有目錄及所占空間的方法
想知道目錄下的所有目錄所占的空間大小?
[Linux] grep 排除特定字串
使用 -v 參數可以讓grep排除特定字串的方法
git為什麼pull會失敗?
git pull為何會失敗,出現Aborting...?
解決nginx server reached pm.max_children setting的問題
這近建置的 docker+php8+nginx 運作一段時間後就壞掉了,查看log出現max_children錯誤,怎麼解決?