<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-text-html" lang="x-unicode"> до недавнего времени
сервер работал нормально, ничего не изменялось, но в какой-то
момент началась мистика:<br>
<br>
ALTLinux p6<br>
Linux alpha.antares.org.ua 3.0.101-std-pae-alt0.M60P.1 #1 SMP Thu
Oct 24 17:47:59 UTC 2013 i686 GNU/Linux<br>
<br>
<b># rpm -q bind</b><br>
bind-9.3.6-alt7.M60P.1<br>
<br>
<b># cat /var/lib/bind/etc/local.conf </b><br>
acl "antares-lan" {<br>
192.168.1.0/24;<br>
};<br>
view "lan-in" in {<br>
match-clients { antares-lan; };<br>
allow-recursion { antares-lan; };<br>
recursion yes;<br>
additional-from-auth yes;<br>
additional-from-cache yes;<br>
<br>
include "/etc/rfc1912.conf";<br>
.....<br>
}<br>
view "external-in" in {<br>
match-clients { any; };<br>
recursion no;<br>
additional-from-auth no;<br>
additional-from-cache no;<br>
<br>
zone "antares.org.ua" IN {<br>
type master;<br>
file "wan.antares.org.ua";<br>
allow-update { none; };<br>
};<br>
...<br>
zone "sk-advokat.com" IN {<br>
type master;<br>
file "wan.sk-advokat.com";<br>
allow-update { none; };<br>
};<br>
<br>
zone "class.org.ua" IN {<br>
type master;<br>
file "wan.class.org.ua";<br>
allow-update { none; };<br>
};<br>
<br>
zone "nodebook.ru" IN {<br>
type master;<br>
file "wan.nodebook.ru";<br>
allow-update { none; };<br>
};<br>
}<br>
<br>
все зоны имеют приблизительно похожие описания<br>
<b># cat wan.sk-advokat.com </b><br>
$TTL 1D<br>
@ IN SOA ns.sk-advokat.com.
hostmaster.sk-advokat.com. (<br>
2014040301 ; serial<br>
12H ; refresh<br>
1H ; retry<br>
1W ; expire<br>
1D ; minimum TTL<br>
)<br>
NS ns.sk-advokat.com.<br>
NS ns2.trifle.net.<br>
MX 10 mail.sk-advokat.com.<br>
A 195.211.175.227<br>
ns A 195.211.175.227<br>
www A 195.211.175.227<br>
ftp A 195.211.175.227<br>
mail A 195.211.175.227<br>
smtp A 195.211.175.227<br>
pop A 195.211.175.227<br>
alpha A 195.211.175.227<br>
<br>
<b># ifconfig </b><br>
eth0 Link encap:Ethernet HWaddr 00:1D:92:63:9D:20 <br>
inet addr:192.168.1.1 Bcast:192.168.1.255
Mask:255.255.255.0<br>
inet6 addr: fe80::21d:92ff:fe63:9d20/64 Scope:Link<br>
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1<br>
RX packets:56688765 errors:0 dropped:0 overruns:0
frame:0<br>
TX packets:47175661 errors:0 dropped:0 overruns:0
carrier:0<br>
collisions:0 txqueuelen:1000 <br>
RX bytes:1873783574 (1.7 GiB) TX bytes:2425034595 (2.2
GiB)<br>
Interrupt:43 Base address:0x4000 <br>
<br>
eth2 Link encap:Ethernet HWaddr 00:19:5B:33:45:3E <br>
inet addr:10.2.105.125 Bcast:10.2.105.255
Mask:255.255.255.0<br>
inet6 addr: fe80::219:5bff:fe33:453e/64 Scope:Link<br>
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1<br>
RX packets:60264496 errors:0 dropped:2266 overruns:0
frame:0<br>
TX packets:81288185 errors:0 dropped:0 overruns:0
carrier:0<br>
collisions:0 txqueuelen:1000 <br>
RX bytes:32378157 (30.8 MiB) TX bytes:899885763 (858.1
MiB)<br>
Interrupt:19 Base address:0xe800 <br>
<br>
lo Link encap:Local Loopback <br>
inet addr:127.0.0.1 Mask:255.0.0.0<br>
inet6 addr: ::1/128 Scope:Host<br>
UP LOOPBACK RUNNING MTU:16436 Metric:1<br>
RX packets:169444 errors:0 dropped:0 overruns:0 frame:0<br>
TX packets:169444 errors:0 dropped:0 overruns:0
carrier:0<br>
collisions:0 txqueuelen:0 <br>
RX bytes:16884759 (16.1 MiB) TX bytes:16884759 (16.1
MiB)<br>
<br>
ppp0 Link encap:Point-to-Point Protocol <br>
inet addr:195.211.175.227 P-t-P:195.211.172.20
Mask:255.255.255.255<br>
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1400
Metric:1<br>
RX packets:55927506 errors:0 dropped:0 overruns:0
frame:0<br>
TX packets:68774268 errors:0 dropped:0 overruns:0
carrier:0<br>
collisions:0 txqueuelen:3 <br>
RX bytes:1099464908 (1.0 GiB) TX bytes:2024317769 (1.8
GiB)<br>
<br>
192.168.1.1 - это адрес интерфейса со стороны LAN<br>
10.2.105.125 (GW 10.2.105.1) - это серая сеть провайдера<br>
195.211.175.227 - реальный IP (через туннель)<br>
<br>
<b>после service bind restart смотрю в /var/log/messages</b><br>
Apr 3 14:25:52 alpha named[29484]: starting BIND 9.3.6-P1<br>
Apr 3 14:25:52 alpha named[29484]: using up to 4096 sockets<br>
Apr 3 14:25:52 alpha named[29484]: loading configuration from
'/etc/named.conf'<br>
Apr 3 14:25:52 alpha named[29484]: using default UDP/IPv4 port
range: [1024, 65535]<br>
Apr 3 14:25:52 alpha named[29484]: using default UDP/IPv6 port
range: [1024, 65535]<br>
Apr 3 14:25:52 alpha named[29484]: listening on IPv4 interface
lo, 127.0.0.1#53<br>
Apr 3 14:25:52 alpha named[29484]: listening on IPv4 interface
eth2, 10.2.105.125#53<br>
Apr 3 14:25:52 alpha named[29484]: listening on IPv4 interface
eth0, 192.168.1.1#53<br>
Apr 3 14:25:52 alpha named[29484]: listening on IPv4 interface
ppp0, 195.211.175.227#53<br>
Apr 3 14:25:52 alpha named[29484]: command channel listening on
127.0.0.1#953<br>
Apr 3 14:25:52 alpha named[29484]: zone 0.in-addr.arpa/IN/lan-in:
loaded serial 2009072800<br>
Apr 3 14:25:52 alpha named[29484]: zone
127.in-addr.arpa/IN/lan-in: loaded serial 2009072800<br>
Apr 3 14:25:52 alpha named[29484]: zone
1.168.192.in-addr.arpa/IN/lan-in: loaded serial 2010021601<br>
Apr 3 14:25:52 alpha named[29484]: zone
255.in-addr.arpa/IN/lan-in: loaded serial 2009072800<br>
Apr 3 14:25:52 alpha named[29484]: zone localdomain/IN/lan-in:
loaded serial 2009072800<br>
Apr 3 14:25:52 alpha named[29484]: zone localhost/IN/lan-in:
loaded serial 2009072800<br>
Apr 3 14:25:52 alpha named[29484]: zone antares.org.ua/IN/lan-in:
loaded serial 2013120901<br>
Apr 3 14:25:52 alpha named[29484]: zone
sk-advokat.com/IN/external-in: loaded serial 2014040301<br>
Apr 3 14:25:52 alpha named[29484]: zone
nodebook.ru/IN/external-in: loaded serial 2014011501<br>
Apr 3 14:25:52 alpha named[29484]: zone
antares.org.ua/IN/external-in: loaded serial 2014010301<br>
Apr 3 14:25:52 alpha named[29484]: zone
class.org.ua/IN/external-in: loaded serial 2012100901<br>
Apr 3 14:25:52 alpha named[29484]: running<br>
Apr 3 14:25:52 alpha named[29484]: zone
class.org.ua/IN/external-in: sending notifies (serial 2012100901)<br>
Apr 3 14:25:52 alpha named[29484]: zone
antares.org.ua/IN/external-in: sending notifies (serial
2014010301)<br>
Apr 3 14:25:52 alpha named[29484]: zone
nodebook.ru/IN/external-in: sending notifies (serial 2014011501)<br>
Apr 3 14:25:52 alpha named[29484]: zone
sk-advokat.com/IN/external-in: sending notifies (serial
2014040301)<br>
Apr 3 14:25:52 alpha bind: named startup succeeded<br>
<br>
т.е. все стартовало успешно, BIND слушает на всех интерфейсах,<br>
и одна из зон работает нормально<br>
<b># nslookup antares.org.ua</b><br>
Server: 192.168.1.1<br>
Address: 192.168.1.1#53<br>
<br>
Name: antares.org.ua<br>
Address: 192.168.1.1<br>
<br>
но дальше пошли проблемы<br>
<b># nslookup sk-advokat.com</b><br>
Server: 192.168.1.1<br>
Address: 192.168.1.1#53<br>
<br>
Non-authoritative answer: <------------------------ ПОЧЕМУ?<br>
Name: sk-advokat.com<br>
Address: 195.211.175.227<br>
<br>
<b># nslookup class.org.ua</b><br>
Server: 192.168.1.1<br>
Address: 192.168.1.1#53<br>
<br>
** server can't find class.org.ua: NXDOMAIN<br>
<br>
<b># nslookup nodebook.ru</b><br>
Server: 192.168.1.1<br>
Address: 192.168.1.1#53<br>
<br>
** server can't find nodebook.ru: NXDOMAIN<br>
<br>
<br>
и еще НЕКОТОРЫЕ внешние адреса не хочет резолвить:<br>
<b># cat /etc/resolv.conf </b><br>
search antares.org.ua<br>
nameserver 192.168.1.1<br>
nameserver 10.2.105.1<br>
<br>
<b># nslookup altlinux.ru</b><br>
Server: 192.168.1.1<br>
Address: 192.168.1.1#53<br>
<br>
** server can't find altlinux.ru: NXDOMAIN<br>
<br>
<b># nslookup opennet.ru</b><br>
Server: 192.168.1.1<br>
Address: 192.168.1.1#53<br>
<br>
Non-authoritative answer:<br>
Name: opennet.ru<br>
Address: 77.234.201.242<br>
<br>
<br>
и еще наблюдаю в /var/log/messages много ругани, типа:<br>
Apr 7 12:41:58 alpha named[8666]: lame server resolving
'c.gtld-servers.net' (in 'NET'?): 192.52.178.30#53<br>
Apr 7 12:41:58 alpha named[8666]: lame server resolving
'l.gtld-servers.net' (in 'NET'?): 192.52.178.30#53<br>
Apr 7 12:41:58 alpha named[8666]: lame server resolving
'f.gtld-servers.net' (in 'NET'?): 192.52.178.30#53<br>
Apr 7 12:41:58 alpha named[8666]: lame server resolving
'k.gtld-servers.net' (in 'NET'?): 192.52.178.30#53<br>
Apr 7 12:41:58 alpha named[8666]: lame server resolving
'h.gtld-servers.net' (in 'NET'?): 192.52.178.30#53<br>
Apr 7 12:41:58 alpha named[8666]: lame server resolving
'e.gtld-servers.net' (in 'NET'?): 192.52.178.30#53<br>
Apr 7 12:41:58 alpha named[8666]: lame server resolving
'd.gtld-servers.net' (in 'NET'?): 192.52.178.30#53<br>
Apr 7 12:41:58 alpha named[8666]: lame server resolving
'g.gtld-servers.net' (in 'NET'?): 192.52.178.30#53<br>
Apr 7 12:41:58 alpha named[8666]: lame server resolving
'm.gtld-servers.net' (in 'NET'?): 192.52.178.30#53<br>
Apr 7 12:41:58 alpha named[8666]: lame server resolving
'j.gtld-servers.net' (in 'NET'?): 192.52.178.30#53<br>
Apr 7 12:41:58 alpha named[8666]: lame server resolving
'i.gtld-servers.net' (in 'NET'?): 192.52.178.30#53<br>
есть подозрение, что BIND не может соединиться с внешними NS.<br>
может у провайдера 53 порты где-то зарезались?<br>
или я ошибаюсь?<br>
<br>
и еще:<br>
Apr 7 12:41:58 alpha named[8666]: network unreachable resolving
'c.gtld-servers.net/AAAA/IN': 2001:503:a83e::2:30#53<br>
Apr 7 12:41:58 alpha named[8666]: network unreachable resolving
'f.gtld-servers.net/AAAA/IN': 2001:503:a83e::2:30#53<br>
Apr 7 12:41:58 alpha named[8666]: network unreachable resolving
'g.gtld-servers.net/AAAA/IN': 2001:503:a83e::2:30#53<br>
Apr 7 12:41:58 alpha named[8666]: network unreachable resolving
'h.gtld-servers.net/AAAA/IN': 2001:503:a83e::2:30#53<br>
Apr 7 12:41:58 alpha named[8666]: network unreachable resolving
'k.gtld-servers.net/AAAA/IN': 2001:503:a83e::2:30#53<br>
Apr 7 12:41:58 alpha named[8666]: network unreachable resolving
'l.gtld-servers.net/AAAA/IN': 2001:503:a83e::2:30#53<br>
Apr 7 12:41:58 alpha named[8666]: network unreachable resolving
'm.gtld-servers.net/AAAA/IN': 2001:503:a83e::2:30#53<br>
Apr 7 12:41:58 alpha named[8666]: network unreachable resolving
'm.gtld-servers.net/AAAA/IN': 2001:503:231d::2:30#53<br>
Apr 7 12:41:58 alpha named[8666]: network unreachable resolving
'd.gtld-servers.net/AAAA/IN': 2001:503:a83e::2:30#53<br>
Apr 7 12:41:58 alpha named[8666]: network unreachable resolving
'e.gtld-servers.net/AAAA/IN': 2001:503:a83e::2:30#53<br>
это я понимаю, из-за отсутствия у меня IPv6<br>
<br>
у меня полное непонимание что могло измениться и из-за чего
проблемы, а главное что делать?<br>
ПОМОГИТЕ ПОЖАЛУЙСТА! может кто-то сталкивался.</div>
</body>
</html>