又又搬家
1、我自己访问和管理貌似要快点;
2、可以做L2TP/IPSec PSK的VPN,ssh转发和pptp似乎不能满足某些时候的需求,哈哈
3、对于XEN架构的VPS来说,价格还不错,有兴趣也去看看吧:Colo2VM
Dear Customer,
We'd like to inform you that HighVPS has been acquired by OSHS Ltd (Open Source Hosting Solutions Limited). OSHS (http://www.oshs.co.uk) operates a number of online brands providing shared/reseller web hosting, virtual private servers, dedicated servers, server management, audio/video streaming, as well Linux/Unix consulting.
In terms of your changes, for some of you; we will be migrating VMs from present server nodes to new server nodes. Once the migration has been completed, you will receive details of your new VPS, your VPS control panel, and your new VPS IP/s.
We will then be migrating your client details from http://manage.highvps.com/ to http://www.opensourcehostingsolutions.com/client/ so that we can consolidate client portal systems at our central location to provide the fastest and most efficient customer support.
Finally, we hope this new development brings you an improved level of customer service, as we continue business as usual.
If you have any questions, please reply to this email.
Regards,
HighVPS Customer Services.
提几点希望:
1、价格不要涨啊
2、母鸡时间给我弄对了!
3、co.uk!母鸡不要搬到uk去了哦?!网络、母鸡性能要保持呀
4、提供功能丰富点的Control Panel吧
作为域名NS记录指向的DNS服务器,不同于开放给公众的DNS服务器,不需要提供本机配置域名之外的域名解析。当DNS解析的域名本机中没有的时候,就会发起递归(recursion)或者转发(forward)到远程DNS去查询。
递归:本机直接从根服务器上寻找对应域名的NS记录,再由本机到NS指向的服务器中查询记录
转发:本机将解析请求转发到指定的服务器去解析,将转发服务器的响应结果直接反馈给查询者
BIND9默认打开递归查询和关闭转发功能,如何彻底关闭递归,就成了主要问题,设置中还发现一些有趣的问题。
测试平台:Debian 5.0.4
BIND9版本:BIND 9.5.1.dfsg.P3-1+lenny1
配置文件:/etc/bind/named.conf.options
1、只设置“recursion no;”
C:\>nslookup
> server 192.168.99.104
> www.google.com
Server: [192.168.99.104]
Address: 192.168.99.104
Name: www.google.com
Served by:
- K.ROOT-SERVERS.NET
- I.ROOT-SERVERS.NET
- L.ROOT-SERVERS.NET
- B.ROOT-SERVERS.NET
- M.ROOT-SERVERS.NET
- G.ROOT-SERVERS.NET
- F.ROOT-SERVERS.NET
- A.ROOT-SERVERS.NET
- J.ROOT-SERVERS.NET
- C.ROOT-SERVERS.NET
服务器虽然没有进行递归查询,但是还是响应了客户端根服务器的地址。如何彻底关闭呢,这个问题折腾了很久,未果。BIND9的文档(http://www.bind9.net/manual/bind/9.3.2/Bv9ARM.ch06.html)中有这样的描述:
recursion
If yes, and a DNS query requests recursion, then the server will attempt to do all the work required to answer the query. If recursion is off and the server does not already know the answer, it will return a referral response. The default is yes. Note that setting recursion no does not prevent clients from getting data from the server's cache; it only prevents new data from being cached as an effect of client queries. Caching may still occur as an effect the server's internal operation, such as NOTIFY address lookups. See also fetch-glue above.
allow-recursion
Specifies which hosts are allowed to make recursive queries through this server. If not specified, the default is to allow recursive queries from all hosts. Note that disallowing recursive queries for a host does not prevent the host from retrieving data that is already in the server's cache.
可问题是,这个cache如何关闭呢?文档里没有详细描述,找了很久,发现个配置allow-query-cache,这个似乎在官方的文档中没有呢?
2、同时设置“recursion no;”和"allow-query-cache { none; };"
C:\>nslookup
> server 192.168.99.104
> www.google.com
Server: [192.168.99.104]
Address: 192.168.99.104
*** [192.168.99.104] can't find www.google.com: Query refused
彻底关闭了递归查询,拒绝响应,达到目的。
3、只设置"allow-recursion { none; };"
测试结果同2
这是在后来改配置的时候偶尔发现的,allow-recursion貌似不需要关闭cache。一直认为allow-recursion和recursion是完全一样的,看来不是这样。当然,这个也许是我的测试有限。
附1:转发BIND9默认是关闭的,如果需要声明可以在named.conf.options这样写
forwarders {};
forward only;
附2:如何关闭BIND9对于ls命令功能,对于有slave或者特殊需要的,用ip替换none即可
allow-transfer { none; };