LINUX dns named 服务启动失败 高手来看看

[root@localhost named]# service named start
Starting named: [FAILED]

用tail /var/log/messages 看到如下信息

Jun 4 05:18:18 localhost named[6884]: /etc/named.conf:25: using specific query-source port suppresses port randomization and can be insecure.
Jun 4 05:18:18 localhost named[6884]: command channel listening on 127.0.0.1#953
Jun 4 05:18:18 localhost named[6884]: command channel listening on ::1#953
Jun 4 05:18:18 localhost named[6884]: the working directory is not writable
Jun 4 05:18:18 localhost named[6884]: zone 0.in-addr.arpa/IN/localhost_resolver: loaded serial 42
Jun 4 05:18:18 localhost named[6884]: zone 8.168.192.in-addr.arpa/IN/localhost_resolver: loaded serial 1997022700
Jun 4 05:18:18 localhost named[6884]: zone 255.in-addr.arpa/IN/localhost_resolver: loaded serial 42
Jun 4 05:18:18 localhost named[6884]: zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN/localhost_resolver: loaded serial 1997022700
Jun 4 05:18:18 localhost named[6884]: zone abc2.com/IN/localhost_resolver: loaded serial 42
Jun 4 05:18:18 localhost named[6884]: zone localhost/IN/localhost_resolver: loaded serial 42

1L 设置了没用

目录/var/named没有写入权限
修改一下:
chown -R root:named /var/named
另外配置文件/etc/named.conf也需要修改
chown root:named /etc/named.conf

安装 bind 软件包 1、安装 # yum -y install bind caching-nameserver 2、配置 下面的例子是以公网ip（172.16.0.80/29），局域网ip（192.168.0.0/24），域名（linuxde.net）作说明。在配置你自己的服务器时，请使用你自己的ip和域名。 # vim /etc/named.conf options { directory "/var/named"; # query range allow-query { localhost; 192.168.0.0/24; }; # transfer range allow-transfer { localhost; 192.168.0.0/24; }; # recursion range allow-recursion { localhost; 192.168.0.0/24; }; }; controls { inet 127.0.0.1 allow { localhost; } keys { rndckey; }; }; # here is the section for internal informations vimew "internal" { match-clients { localhost; 192.168.0.0/24; }; zone "." in { type hint; file "named.ca"; }; # set zones for internal zone "linuxde.net" in { type master; file "linuxde.net.lan"; allow-update { none; }; }; # set zones for internal zone "0.168.192.in-addr.arpa" in { type master; file "0.168.192.db"; allow-update { none; }; }; zone "localdomain" in { type master; file "localdomain.zone"; allow-update { none; }; }; zone "localhost" in { type master; file "localhost.zone"; allow-update { none; }; }; zone "0.0.127.in-addr.arpa" in { type master; file "named.local"; allow-update { none; }; }; zone "255.in-addr.arpa" in { type master; file "named.broadcast"; allow-update { none; }; }; zone "0.in-addr.arpa" in { type master; file "named.zero"; allow-update { none; }; }; }; vimew "external" { match-clients { any; }; zone "." in { type hint; file "named.ca"; }; # set zones for external zone "linuxde.net" in { type master; file "linuxde.net.wan"; allow-update { none; }; }; # set zones for external *note zone "80.0.16.172.in-addr.arpa" in { type master; file "80.0.16.172.db"; allow-update { none; }; }; }; include "/etc/rndc.key"; # *note : for how to write for reverse resolvimng, write network address reversely like below. the case for 192.168.0.0/24 network address? 192.168.0.0 range of network? 192.168.0.0 - 192.168.0.255 how to write? 0.168.192.in-addr.arpa case of 172.16.0.80/29 network address? 172.16.0.80 range of network? 172.16.0.80 - 172.16.0.87 how to write? 80.0.16.172.in-addr.arp 设置zones 创建zone文件以便服务器能解析域名ip。 1、内部zone文件 这个例子使用的是内网地址（192.168.0.0/24），域名(linuxde.net)，请根据自己的具体情况配置。 # vim /var/named/linuxde.net.lan $ttl 86400 @ in soa ns.linuxde.net. root.linuxde.net. ( 2007041501 ;serial 3600 ;refresh 1800 ;retry 604800 ;expire 86400 ;minimum ttl ) # define name server in ns ns.linuxde.net. # internal ip address of name server in a 192.168.0.17 # define mail exchanger in mx 10 ns.linuxde.net. # define ip address and hostname ns in a 192.168.0.17 2、外部zone文件 这个例子使用的是外网地址（172.16.0.80/29），域名（linuxde.net），请替换成自己的。 # vim /var/named/linuxde.net.wan $ttl 86400 @ in soa ns.linuxde.net. root.linuxde.net. ( 2007041501 ;serial 3600 ;refresh 1800 ;retry 604800 ;expire 86400 ;minimum ttl ) # define name server in ns ns.linuxde.net. # external ip address of name server in a 172.16.0.82 # define mail exchanger in mx 10 ns.linuxde.net. # define ip address and hostname ns in a 172.16.0.82 创建zone文件使服务器能够反向解析ip到域名。 3、内部zone文件 这个例子使用的是内网地址（192.168.0.0/24），域名（linuxde.net），请使用自己的设置替换。 # vim /var/named/0.168.192.db $ttl 86400 @ in soa ns.linuxde.net. root.linuxde.net. ( 2007041501 ;serial 3600 ;refresh 1800 ;retry 604800 ;expire 86400 ;minimum ttl ) # define name server in ns ns.linuxde.net. # define range that this domain name in in ptr linuxde.net. # define ip address and hostname in a 255.255.255.0 17 in ptr ns.linuxde.net. 4、外部zone文件 这例子使用外网地址（172.16.0.80/29），域名（linuxde.net），请替换成自己的。 # vim /var/named/80.0.16.172.db $ttl 86400 @ in soa ns.linuxde.net. root.linuxde.net. ( 2007041501 ;serial 3600 ;refresh 1800 ;retry 604800 ;expire 86400 ;minimum ttl ) # define name server in ns ns.linuxde.net. # define range that this domain name in in ptr linuxde.net. # define ip address and hostname in a 255.255.255.248 82 in ptr ns.linuxde.net. 启动bind 1、完成bind的配置后，在启动named之前，还需要建立chroot环境。 # yum -y install bind-chroot # /etc/rc.d/init.d/named start # chkconfig named on 2、操作检验 确认服务器已经正确解析域名或ip地址。 # dig ns.linuxde.net. ; <<>> dig 9.3.4 <<>> ns.linuxde.net. ;; global options: printcmd ;; got answer: ;; ->>header<<- opcode: query, status: noerror, id: 54592 ;; flags: qr aa rd ra; query: 1, answer: 1, authority: 1, additional: 0 ;; question section: ;ns.linuxde.net. in a ;; answer section: ns.linuxde.net. 86400 in a 192.168.0.17 ;; authority section: linuxde.net. 86400 in ns ns.linuxde.net. ;; query time: 0 msec ;; server: 192.168.0.17#53(192.168.0.17) ;; when: thu mar 8 19:35:19 2007 ;; msg size rcvd: 68 # dig -x 192.168.0.17 ; <<>> dig 9.3.4 <<>> -x 192.168.0.17 ;; global options: printcmd ;; got answer: ;; ->>header<<- opcode: query, status: noerror, id: 45743 ;; flags: qr aa rd ra; query: 1, answer: 1, authority: 1, additional: 1 ;; question section: ;17.0.168.192.in-addr.arpa. in ptr ;; answer section: 17.0.168.192.in-addr.arpa. 86400 in ptr ns.linuxde.net. ;; authority section: 0.168.192.in-addr.arpa. 86400 in ns ns.linuxde.net. ;; additional section: ns.linuxde.net. 86400 in a 192.168.0.17 ;; query time: 0 msec ;; server: 192.168.0.17#53(192.168.0.17) ;; when: thu mar 8 19:37:50 2007 ;; msg size rcvd: 107 配置从dns服务器 配置从dns服务器比较简单。下面的例子主dns是“ns.linuxde.net”，从dns是“ns.example.info”。 1、在主dns服务器的zone文件作如下配置 # vim /var/named/linuxde.net.wan $ttl 86400 @ in soa ns.linuxde.net. root.linuxde.net. ( # update serial 2007041501 ;serial 3600 ;refresh 1800 ;retry 604800 ;expire 86400 ;minimum ttl ) in ns ns.linuxde.net. # add name server in ns ns.example.info. in a 172.16.0.82 in mx 10 ns.linuxde.net. ns in a 172.16.0.82 # rndc reload server reload successful 2、配置从dns服务器 # vim /etc/named.conf # add these lines below zone "linuxde.net" in { type slave; masters { 172.16.0.82; }; file "slaves/linuxde.net.wan"; }; # rndc reload server reload successful # ls /var/named/slaves linuxde.net.wan # zone file in master dns has been just transfered 设置别名记录，如果你想为你的主机设置另一个名称，在zone文件定义cname记录 # vim /var/named/server-linux.info.wan $ttl 86400 @ in soa ns.server-linux.info. root.server-linux.info. ( # update serial 2007041501 ;serial 3600 ;refresh 1800 ;retry 604800 ;expire 86400 ;minimum ttl ) in ns ns.server-linux.info. in a 172.16.0.82 in mx 10 ns.server-linux.info. ns in a 172.16.0.82 # aliase in cname server's name ftp in cname ns.server-linux.info. # rndc reload server reload successful