Article Title: LinuxDNS server troubleshooting. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
Currently, most domain name servers of UNIX operating systems (UNIX, Linux, and BSD) are built using BIND. Because the DNS server is responsible for domain name resolution, its importance is self-evident. If domain name resolution cannot be performed in a Linux network, it is likely that a valid Domain Name Server is not specified locally. This is usually the case. Most DNS faults are caused by incorrect syntax of the configuration file or wrong address assigned to the computer.
DNS configuration file in Linux
The main DNS configuration files in Linux include the following.
/Etc/hosts: A list file of the host, including a list of known hosts in the local network. If the system IP address is not dynamically generated, you can use it.
/Etc/host. conf: The Conversion Program Control file that tells the network Domain Name Server how to find the host name (usually/etc/hosts, and then the name server. You can change it through netconf ). For simple host name resolution (Dot-based representation), before requesting a DNS or NIS network name server,/etc/hosts. conf usually tells the DNS program to check the domain name first.
/Etc/resolv. conf: the configuration file of the Conversion Program. When the configuration program requests the BIND domain name query service to query the host name, it must tell the program which Domain Name Server and IP address to use to complete this task.
The domain name service on Linux is controlled by the named daemon. This process obtains information from the master file/etc/named. conf, including a group of files that map host names to IP addresses. The following describes the details of the named configuration file family.
/Etc/named. conf: specifies the general name parameter in the master file, pointing to the information source of the domain database used by the server.
/Var/named. ca: the root domain configuration server points to the file and the root domain configuration server, which is used to notify the cache server of initialization.
/Var/named/localhost. zone: The forward domain name resolution file of the Localhost area, which is used to convert the local IP address (127.0.0.1) to the Localhost name of the sender.
/Var/named/name. local: The Reverse Domain name resolution file of the Localhost area, which is used to convert the Localhost name to the local return IP address (127.0.0.1 ).
/Var/named/name2ip. conf: The forward resolution file in the user configuration area, which maps the host name to the Zone file of the IP address.
/Var/named/ip2name. conf: the reverse resolution file of the user configuration area, which maps the IP address to the Zone file of the host name.
Linux DNS Fault Diagnosis
For DNS fault diagnosis, refer to the following steps.
(1) Check all records and confirm the spelling of the host name. Remember that the absolute address ends.
(2) If any modification is made to the partition file, you must modify the serial number in the SOA record, which will ensure that the server correctly uploads the file again.
(3) Confirm that the name and IP address entered in the primary area match the reverse pointer information in the reverse pointer file.
(4) check firewall related procedures.
(5) use command Check (ping, dig, nslookup, named-checkzone, named-checkconf ).
(6) Use Dlint software to check DNS faults.
Tool Application
1. Check the syntax and rules
Dlint is an open-source software dedicated to checking DNS configuration files. Running it requires the system to install Perl and Dig commands (a software package in BIND ).
To download and install the Dlint software, run the following command.
#wegt http://www.domtools.com/pub/Dlint1.4.0.tar.gz #gunzip Dlint1.4.0.tar.gz #tar vxf Dlint1.4.0.tar #cd Dlint1.4.0 #make install |
The system installs Dlint in the/usr/bin/directory.
Dlint first checks the spelling of the configuration file. The host name with A (Address) record must have a ptr (short for reverse resolution record) record. If the host name with A record does not have PTR, the configuration file cannot pass. Dlint can search for lost PTR records for A Records in the user configuration file. Dlint records whether each PTR record in the in-addr.arpa zone has A corresponding A record. Dlint recursively checks child bands to find their configuration problems. Dlint software can analyze any DNS zone.
2. Check the DNS server's working status
When maintaining the DNS server, the network administrator wants to know which users are using the DNS server and make statistics on the DNS status query. Generally, you can use Tcpdump-I eth0 port 53 to view the DNS query package. Tcpdump is a command line sniffing tool that displays all data packets passing through a network interface as needed for network administrators to detect the network. However, because the command line method is used, it may be difficult to analyze these packets. Here we can use DNStop to query the DNS server status.
DNStop relies on the Tcpdump and pcap libraries (libpcap) to intercept and filter packets transmitted over the network. Therefore, you need to check whether the system has installed the corresponding software. You can run the following command to check the data packets.
# Rpm-qa | grep Tcpdump; rpm-qa | grep libpcap
To download and install DNStop, run the following command.
# Wegt http://www.stearns.org/DNStop/DNStop-20040309-1.i386.rpm
# Rpm-ivh DNStop-20040309-1.i386.rpm
To view the DNS Network Traffic Through eth0, run the following command.
#DNStop -s eth0 0 new queries, 6 total queries Mon Jul 6 09:54:35 2004 Sources count % 192.168.0.117 4 66.7 192.168.0.143 1 16.7 192.168.0.42 1 16.7 |
When running DNStop, you can enter the following commands in sequence: s, d, t, 1, 2, 3, ctrl + r, ctrl + x, display different information in interactive mode.
1-(TLD) records top-level domain names to be queried.
2-(SLD) record the second-level domain name to be queried.
3-(SLD) records the queried third-level domain names.
S-(Source) records the Client IP Address Table that sends DNS queries.
D-(Destinations) records the IP address table of the target server for DNS query.
The detailed Query Type of the t-(Query Type) record.
Ctrl + r-record.
Ctrl + x-exit.
For more information, see man DNStop.
3. Other DNS integration tools
(1) nslookup
Nslookup (Name Server Lookup) is used to find the DNS records on the DNS Server. This command can specify the query type, check the DNS record survival time, and specify the DNS server to be used for explanation. Bind-utils must be installed to run nslookup. Nslookup has two modes: Interactive and non-interactive.
Error instance:
#nslookup *** Can't find server name for address 192.168.2.1: Timed out *** Default servers are not available Default Server: UnKnown Address: 192.168.2.1 |
Cause of error: if an error occurs, the command cannot be started. Common Errors are caused by incorrect database files or configuration files. For example, the file content is incorrect. Another major reason is that the server used to execute nslookup (for example, 192.168.2.1) cannot query its reverse solution (1.20.192.in-addr. arpa ).
Solution: add the reverse zone where the server IP is located (for example, ipv192.in-addr. arpa) and check whether there is an anti-solution project for the server.
[1] [2] Next page