Problem1 :
root@jeremy-VirtualBox:/etc/bind# /etc/init.d/bind9 restart
* Stopping domain name service... bind9 rndc: connect failed: 127.0.0.1#953: connection refused
[ OK ]
* Starting domain name service... bind9 [fail]
Solution :
默认安装BIND9以后,是无法直接使用 ndc 或 rndc 命令的。
先重新生成 rndc.conf
rndc-confgen > /etc/rndc.conf
将 rndc.conf 下面注释部分 Copy 到 /etc/rndc.key 文件中(必须将前面的#去掉)。
如:
# key "rndc-key" {
# algorithm hmac-md5;
# secret "xbPNyGOcwJp8pEJDLo26cQ==";
# };
#
# controls {
# inet 127.0.0.1 port 953
# allow { 127.0.0.1; } keys { "rndc-key"; };
# };
如果 /etc/named.conf 中包含有 controls 这一Section,先注释掉。
然后在后面添加一行 include "/etc/rndc.key";
这样做是为了安全考虑,否则可以直接copy到 named.conf 文件中。
inet / port 的意思是,在 本机运行一个 rndc 监听端口 ,允许本机执行 ndc 或 rndc 命令。
[root@example etc]# named -g
12-May-2010 11:15:03.197 starting BIND 9.3.6-P1-RedHat-9.3.6-4.P1.el5 -g
12-May-2010 11:15:03.211 adjusted limit on open files from 4096 to 1048576
12-May-2010 11:15:03.211 found 1 CPU, using 1 worker thread
12-May-2010 11:15:03.212 using up to 4096 sockets
12-May-2010 11:15:03.266 loading configuration from '/etc/named.conf'
12-May-2010 11:15:03.270 using default UDP/IPv4 port range: [1024, 65535]
12-May-2010 11:15:03.271 using default UDP/IPv6 port range: [1024, 65535]
12-May-2010 11:15:03.288 listening on IPv4 interface lo, 127.0.0.1#53
12-May-2010 11:15:03.311 listening on IPv4 interface eth1, 192.168.1.108#53
12-May-2010 11:15:03.312 listening on IPv4 interface vmnet1, 192.168.157.1#53
12-May-2010 11:15:03.313 listening on IPv4 interface vmnet8, 172.16.237.1#53
12-May-2010 11:15:03.336 listening on IPv4 interface virbr0, 192.168.122.1#53
12-May-2010 11:15:03.337 binding TCP socket: address in use
12-May-2010 11:15:03.395 command channel listening on 127.0.0.1#953
12-May-2010 11:15:03.396 ignoring config file logging statement due to -g option
12-May-2010 11:15:03.396 couldn't open pid file '/var/run/named/named.pid': Permission denied
[root@example etc]# chmod 777 /var/run/named/
[root@example etc]# named -g (檢查有無錯誤)
12-May-2010 11:24:08.058 starting BIND 9.3.6-P1-RedHat-9.3.6-4.P1.el5 -g
12-May-2010 11:24:08.059 adjusted limit on open files from 4096 to 1048576
12-May-2010 11:24:08.059 found 1 CPU, using 1 worker thread
12-May-2010 11:24:08.060 using up to 4096 sockets
12-May-2010 11:24:08.119 loading configuration from '/etc/named.conf'
12-May-2010 11:24:08.146 using default UDP/IPv4 port range: [1024, 65535]
12-May-2010 11:24:08.189 using default UDP/IPv6 port range: [1024, 65535]
12-May-2010 11:24:08.196 listening on IPv4 interface lo, 127.0.0.1#53
12-May-2010 11:24:08.198 listening on IPv4 interface eth1, 192.168.1.108#53
12-May-2010 11:24:08.198 listening on IPv4 interface vmnet1, 192.168.157.1#53
12-May-2010 11:24:08.223 listening on IPv4 interface vmnet8, 172.16.237.1#53
12-May-2010 11:24:08.224 listening on IPv4 interface virbr0, 192.168.122.1#53
12-May-2010 11:24:08.224 binding TCP socket: address in use
12-May-2010 11:24:08.273 command channel listening on 127.0.0.1#953
12-May-2010 11:24:08.273 ignoring config file logging statement due to -g option
12-May-2010 11:24:08.277 running
--------------------
Problem 2 : bash: etc/rndc.conf:Permission denied
Solution:
sudo sbin/rndc-confgen > etc/rndc.conf的前半部分权限的对的,只是后半部分不对。而不是一开始自己以为的使用named用户。
修改root用户密码:
sudo passwd root
输入当前普通用户的密码后,便可重新设置root密码
切换用户角色,su - 进入root用户
输入root新设置的密码后,顺利进入root权限,以后的操作就方便多了。
在root权限下,执行
sbin/rndc-confgen > etc/rndc.conf
顺利生成rndc.conf控制命令的key文件(注:符号指向:’>’是覆盖,’>>’是添加)
----------------------
Problem3 : named -g 產生
21-Jun-2013 17:08:17.705 /etc/bind/named.conf:15: expected quoted string near '“'
Solution :
(“)砍倒掉重打(")