DNS扫盲系列之六：擅用日志排除BIND故障

最新推荐文章于 2024-06-03 22:27:19 发布

weixin_30878361

最新推荐文章于 2024-06-03 22:27:19 发布

阅读量514

点赞数

CC 4.0 BY-SA版权

文章标签：运维 php 网络

原文链接：http://www.cnblogs.com/niuchunjian/p/3485721.html

本文介绍如何通过BIND的日志功能解决常见的域名解析问题。利用启动参数-g查看启动详情，及如何配置日志记录到文件中，以便实时监控并解决运行中的问题。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

DNS扫盲系列之六：擅用日志排除BIND故障

这么多年来耳闻目染，发现网友提出的几乎99%的问题本来是不需要求助就能解决的，追其根源是不擅于（或不知道）使用软件本身提供的运行日志来解决问题。本文就BIND服务器日志简要说明。这里假设一网友反映“启动named进程后配置的域名解析服务不工作”这一简单问题说明怎么使用named的日志来解决。

首先了解一个named启动参数:“-g”，这个参数可以使named启动过程的细节展现在面前，自然的哪里的问题就一目了然了。

[root@test ~]#named -gc /var/named/etc/named.conf 02-Jan-2010 11:05:54.687 starting BIND 9.5.1-P3 -gc /var/named/etc/named.conf 02-Jan-2010 11:05:54.687 found 1 CPU, using 1 worker thread 02-Jan-2010 11:05:54.688 using up to 4096 sockets 02-Jan-2010 11:05:54.697 loading configuration from '/var/named/etc/named.conf' 02-Jan-2010 11:05:54.698 /var/named/etc/named.conf:45: missing ';' before 'key' 02-Jan-2010 11:05:54.698 loading configuration: failure 02-Jan-2010 11:05:54.698 exiting (due to fatal error)

[ root @ test ~ ] #named -gc /var/named/etc/named.conf

02 - Jan - 2010 11 : 05 : 54.687 starting BIND 9.5.1 - P3 - gc / var / named / etc / named . conf

02 - Jan - 2010 11 : 05 : 54.687 found 1 CPU , using 1 worker thread

02 - Jan - 2010 11 : 05 : 54.688 using up to 4096 sockets

02 - Jan - 2010 11 : 05 : 54.697 loading configuration from '/var/named/etc/named.conf'

02 - Jan - 2010 11 : 05 : 54.698 / var / named / etc / named . conf : 45 : missing ';' before 'key'

02 - Jan - 2010 11 : 05 : 54.698 loading configuration : failure

02 - Jan - 2010 11 : 05 : 54.698 exiting ( due to fatal error )

我们看到日志提示在named.conf文件的第45行少写了“；”，好，问题找到了排除问题就简单了。打开named.conf把那个“；”补上。

[root@test ~]##named -gc /var/named/etc/named.conf 02-Jan-2010 11:06:33.807 starting BIND 9.5.1-P3 -gc /var/named/etc/named.conf 02-Jan-2010 11:06:33.807 found 1 CPU, using 1 worker thread 02-Jan-2010 11:06:33.808 using up to 4096 sockets 02-Jan-2010 11:06:33.817 loading configuration from '/var/named/etc/named.conf' 02-Jan-2010 11:06:33.819 using default UDP/IPv4 port range: [49152, 65535] 02-Jan-2010 11:06:33.819 using default UDP/IPv6 port range: [49152, 65535] 02-Jan-2010 11:06:33.821 no IPv6 interfaces found 02-Jan-2010 11:06:33.821 listening on IPv4 interface re0, 192.168.0.20#53 02-Jan-2010 11:06:33.822 listening on IPv4 interface re0, 192.168.0.10#53 02-Jan-2010 11:06:33.823 listening on IPv4 interface lo0, 127.0.0.1#53 02-Jan-2010 11:06:33.832 command channel listening on 127.0.0.1#953 02-Jan-2010 11:06:33.833 ignoring config file logging statement due to -g option 02-Jan-2010 11:06:33.840 zone 127.IN-ADDR.ARPA/IN: loaded serial 1 02-Jan-2010 11:06:33.840 zone test.com/IN: loaded serial 912200620 02-Jan-2010 11:06:33.841 running 02-Jan-2010 11:06:33.841 zone test.com/IN: sending notifies (serial 912200620)

[ root @ test ~ ] ##named -gc /var/named/etc/named.conf

02 - Jan - 2010 11 : 06 : 33.807 starting BIND 9.5.1 - P3 - gc / var / named / etc / named . conf

02 - Jan - 2010 11 : 06 : 33.807 found 1 CPU , using 1 worker thread

02 - Jan - 2010 11 : 06 : 33.808 using up to 4096 sockets

02 - Jan - 2010 11 : 06 : 33.817 loading configuration from '/var/named/etc/named.conf'

02 - Jan - 2010 11 : 06 : 33.819 using default UDP / IPv4 port range : [ 49152 , 65535 ]

02 - Jan - 2010 11 : 06 : 33.819 using default UDP / IPv6 port range : [ 49152 , 65535 ]

02 - Jan - 2010 11 : 06 : 33.821 no IPv6 interfaces found

02 - Jan - 2010 11 : 06 : 33.821 listening on IPv4 interface re0 , 192.168.0.20 #53

02 - Jan - 2010 11 : 06 : 33.822 listening on IPv4 interface re0 , 192.168.0.10 #53

02 - Jan - 2010 11 : 06 : 33.823 listening on IPv4 interface lo0 , 127.0.0.1 #53

02 - Jan - 2010 11 : 06 : 33.832 command channel listening on 127.0.0.1 #953

02 - Jan - 2010 11 : 06 : 33.833 ignoring config file logging statement due to - g option

02 - Jan - 2010 11 : 06 : 33.840 zone 127.IN - ADDR . ARPA / IN : loaded serial 1

02 - Jan - 2010 11 : 06 : 33.840 zone test . com / IN : loaded serial 912200620

02 - Jan - 2010 11 : 06 : 33.841 running

02 - Jan - 2010 11 : 06 : 33.841 zone test . com / IN : sending notifies ( serial 912200620 )

问题排除。上面方法适用于下列情形：

1. 安装BIND后调试named,看看有没有问题。 2. 出现致命错误named中断运行了。 3. 非重要DNS服务器，可以停机检查的。

对于正在运行的DNS服务器，不想让其停止运行，这时候要发现潜在问题再使用上述方法就不太适宜了。这就要求我们可以让named把日志记录到专门的文件内，供我们随时查询。具体操作是在named.conf配置log:

logging { channel warning { file "log/named.log" versions 3 size 2048k; severity warning; print-category yes; print-severity yes; print-time yes; }; channel query { file "log/query.log" versions 3 size 2048k; severity info; print-category yes; print-severity yes; print-time yes; }; category default { warning; }; category queries { query; }; };

logging {

channel warning

{ file "log/named.log" versions 3 size 2048k ;

severity warning ;

print - category yes ;

print - severity yes ;

print - time yes ;

} ;

channel query

{ file "log/query.log" versions 3 size 2048k ;

severity info ;

print - category yes ;

print - severity yes ;

print - time yes ;

} ;

category default { warning ; } ;

category queries { query ; } ;

} ;

这里我们让named把named运行日志和日常查询日志分别记录到named.log和query.log文件内。

最后测试一下解析是否正常了：

[root@test ~]#dig @localhost www.test.com ; <<>> DiG 9.5.1-P3 <<>> @localhost www.test.com ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45637 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;www.test.com. IN A ;; ANSWER SECTION: www.test.com. 3600 IN A 12.1.1.1 ;; AUTHORITY SECTION: test.com. 172800 IN NS ns2.test.com. test.com. 172800 IN NS ns1.test.com. test.com. 172800 IN NS ns3.test.com. ;; ADDITIONAL SECTION: ns1.test.com. 3600 IN A 12.2.2.2 ns2.test.com. 3600 IN A 12.3.3.3 ns3.test.com. 3600 IN A 12.4.4.4 ;; Query time: 29 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Sat Jan 2 11:48:03 2010 ;; MSG SIZE rcvd: 148