下一页 上一页 目录

8. 维护

保持其正常运行。

除了保持 named 运行之外,你还需要执行一项维护任务。那就是保持 root.hints 文件更新。最简单的方法是使用 dig 命令。首先,不带任何参数运行 dig,你将获得根据你自己的服务器的 root.hints 文件。然后,使用 dig @根服务器 向列出的根服务器之一查询。你会注意到输出看起来非常像一个 root.hints 文件。将其保存到一个文件(dig @e.root-servers.net . ns >root.hints.new),并用它替换旧的 root.hints 文件。

记住在替换缓存文件后重新加载 named

Al Longyear 发给我一个脚本,可以自动运行来更新 root.hints。安装一个 crontab 条目以每月运行一次,然后就不用管它了。该脚本假设你的邮件系统正常工作,并且定义了邮件别名 hostmaster。你必须修改它以适应你的设置。

#!/bin/sh
#
# Update the nameserver cache information file once per month.
# This is run automatically by a cron entry.
#
# Original by Al Longyear
# Updated for BIND 8 by Nicolai Langfeldt
# Miscelanious error-conditions reported by David A. Ranch
# Ping test suggested by Martin Foster
# named up-test suggested by Erik Bryer.
#
(
 echo "To: hostmaster <hostmaster>"
 echo "From: system <root>"

 # Is named up? Check the status of named.
 case `rndc status 2>&1` in
    *refused*)
        echo "named is DOWN. root.hints was NOT updated"
        echo
        exit 0
        ;;
 esac

 PATH=/sbin:/usr/sbin:/bin:/usr/bin:
 export PATH
 # NOTE: /var/named must be writable only by trusted users or this script 
 # will cause root compromise/denial of service opportunities.
 cd /var/named 2>/dev/null || {
    echo "Subject: Cannot cd to /var/named, error $?"
    echo
    echo "The subject says it all"
    exit 1
 }

 # Are we online?  Ping a server at your ISP
 case `ping -qnc 1 some.machine.net 2>&1` in
   *'100% packet loss'*)
        echo "Subject: root.hints NOT updated.  The network is DOWN."
        echo
        echo "The subject says it all"
        exit 1
        ;;
 esac

 dig @e.root-servers.net . ns >root.hints.new 2> errors

 case `cat root.hints.new` in
   *NOERROR*)
        # It worked
        :;;
   *)
        echo "Subject: The root.hints file update has FAILED."
        echo
        echo "The root.hints update has failed"
        echo "This is the dig output reported:"
        echo
        cat root.hints.new errors
        exit 1
        ;;
 esac

 echo "Subject: The root.hints file has been updated"
 echo
 echo "The root.hints file has been updated to contain the following   
information:"
 echo
 cat root.hints.new

 chown root.root root.hints.new
 chmod 444 root.hints.new
 rm -f root.hints.old errors
 mv root.hints root.hints.old
 mv root.hints.new root.hints
 rndc restart
 echo
 echo "The nameserver has been restarted to ensure that the update is complete."
 echo "The previous root.hints file is now called   
/var/named/root.hints.old."
) 2>&1 | /usr/lib/sendmail -t
exit 0

你们中的一些人可能已经了解到 root.hints 文件也可以通过 ftp 从 Internic 获取。请不要使用 ftp 来更新 root.hints,上述方法对网络和 Internic 都更友好。

下一页 上一页 目录