Oct 24 14:16:50 ip151 named[54864]: error (network unreachable) resolving 'www.gamasutra.com/A/IN': 2001:4800:7814:0:5008:8553:ff04:b151#53 Oct 24 14:16:50 ip151 named[54864]: error (network unreachable) resolving 'www.kitchenworksinc.com/A/IN': 2607:f208:302::2d#53 Oct 24 14:16:50 ip151 named[54864]: error (network unreachable) resolving 'gyogynovenyek-gyogyteak.com/A/IN': 2607:f0d0:1101:16f::6#53 Oct 24 14:16:50 ip151 named[54864]: error (network unreachable) resolving 'www.kitchenworksinc.com/AAAA/IN': 2607:f208:302::2d#53 Oct 24 14:16:50 ip151 named[54864]: error (network unreachable) resolving 'www.kitchenworksinc.com/A/IN': 2607:f208:206::2d#53 Oct 24 14:16:50 ip151 named[54864]: error (network unreachable) resolving 'www.kitchenworksinc.com/AAAA/IN': 2607:f208:206::2d#53 Oct 24 14:16:50 ip151 named[54864]: error (network unreachable) resolving 'gyogynovenyek-gyogyteak.com/AAAA/IN': 2607:f0d0:1101:16f::6#53 Oct 24 14:16:51 ip151 named[54864]: validating @0x7f4e1405ce60: www.gamasutra.com A: no valid signature found Oct 24 14:16:51 ip151 named[54864]: validating @0x7f4e1c5befc0: gamasutra.com SOA: no valid signature found Oct 24 14:16:51 ip151 named[54864]: validating @0x7f4e2008e200: www.gamasutra.com NSEC: no valid signature found Oct 24 14:16:54 ip151 named[54864]: error (network unreachable) resolving 'www.utrinski.mk/A/IN': 2001:678:1::2#53 Oct 24 14:16:54 ip151 named[54864]: error (network unreachable) resolving 'www.utrinski.mk/AAAA/IN': 2001:678:1::2#53 Oct 24 14:16:54 ip151 named[54864]: error (network unreachable) resolving 'www.utrinski.mk/A/IN': 2001:628:453:bb::4#53 Oct 24 14:16:54 ip151 named[54864]: error (network unreachable) resolving 'www.utrinski.mk/AAAA/IN': 2001:628:453:bb::4#53 Oct 24 14:16:54 ip151 named[54864]: error (connection refused) resolving 'www.utrinski.mk/A/IN': 194.149.137.168#53 Oct 24 14:16:54 ip151 named[54864]: error (connection refused) resolving 'www.utrinski.mk/AAAA/IN': 194.149.137.168#53 Oct 24 14:16:59 ip151 named[54864]: validating @0x7f4e241324c0: www.biblioteksforeningen.org AAAA: no valid signature found Oct 24 14:16:59 ip151 named[54864]: validating @0x7f4e0ccf4060: www.biblioteksforeningen.org A: no valid signature found Oct 24 14:16:59 ip151 named[54864]: validating @0x7f4e0ccf4060: biblioteksforeningen.org A: no valid signature found Oct 24 14:17:04 ip151 named[54864]: error (network unreachable) resolving 'dsac.cn/DS/IN': 2001:dc7::1#53
看起来我的服务器是垃圾邮件,其名称解析来自未知的人.如果我理解正确,我需要做的是将我的服务器设置为某种私有.
我很抱歉,如果我没有使用正确的术语,我只是想在它成为我主持的网站的真正问题之前快速解决这个问题.
谢谢
更新1:
-route§的结果是:
Destination Next Hop Flag Met Ref Use If [::]/96 [::] !n 1024 0 0 lo 0.0.0.0/96 [::] !n 1024 0 0 lo 2002:x00::/24 [::] !n 1024 0 0 lo 2002:xf00::/24 [::] !n 1024 0 0 lo 2002:x9fe::/32 [::] !n 1024 0 0 lo 2002:xc10::/28 [::] !n 1024 0 0 lo 2002:x0a8::/32 [::] !n 1024 0 0 lo 2002:x000::/19 [::] !n 1024 0 0 lo 3ffe:xfff::/32 [::] !n 1024 0 0 lo [::]/0 [::] !n -1 113233992 lo localhost/128 [::] Un 0 116069755 lo ipxxx.ip-17x-3x-4x.eu/128 [::] Un 0 1 14444 lo ff00::/8 [::] U 256 0 0 ens18 [::]/0 [::] !n -1 113233992 lo
更新2
我只是通过以下更改修改了named.conf文件(文件中清楚地解释了所有内容,我应该首先看一下)
options { listen-on port 53 { any; }; // listen-on-v6 port 53 { // any; // };
我评论了最后3行,因为我在我的网站上没有处理任何IP V6.
还修改了从yes到no的那一行:
`/* - If you are building an AUTHORITATIVE DNS server,do NOT enable recursion. - If you are building a RECURSIVE (caching) DNS server,you need to enable recursion. - If your recursive DNS server has a public IP address,you MUST enable access control to limit queries to your legitimate users. Failing to do so will cause your server to become part of large scale DNS amplification attacks. Implementing BCP38 within your network would greatly reduce such attack surface */` recursion no;
它似乎不会影响我的任何网站.
结果,我的日志现在看起来像这样:
Oct 24 15:10:57 ip151 named[40819]: client 127.0.0.1#58400 (www.dunyadinleri.com): query (cache) 'www.dunyadinleri.com/AAAA/IN' denied Oct 24 15:10:57 ip151 named[40819]: client 127.0.0.1#58400 (www.dunyadinleri.com): query (cache) 'www.dunyadinleri.com/A/IN' denied Oct 24 15:10:57 ip151 named[40819]: client 127.0.0.1#17750 (ujquery.org): query (cache) 'ujquery.org/A/IN' denied Oct 24 15:10:57 ip151 named[40819]: client 127.0.0.1#17750 (ujquery.org): query (cache) 'ujquery.org/AAAA/IN' denied Oct 24 15:10:57 ip151 named[40819]: client 127.0.0.1#58400 (adsl.aruba.it): query (cache) 'adsl.aruba.it/A/IN' denied Oct 24 15:10:57 ip151 named[40819]: client 127.0.0.1#58400 (adsl.aruba.it): query (cache) 'adsl.aruba.it/AAAA/IN' denied Oct 24 15:10:57 ip151 named[40819]: client 127.0.0.1#58400 (www.microscopy-uk.org.uk): query (cache) 'www.microscopy-uk.org.uk/A/IN' denied