通过我的日志,我刚刚意识到我的服务器的某些部分可能会受到损害,虽然不是Bind 9的专家,但我不确定要纠正什么以防止这种情况：

Oct 24 14:16:50 ip151 named[54864]: error (network unreachable) resolving 'www.gamasutra.com/A/IN': 2001:4800:7814:0:5008:8553:ff04:b151#53
Oct 24 14:16:50 ip151 named[54864]: error (network unreachable) resolving 'www.kitchenworksinc.com/A/IN': 2607:f208:302::2d#53
Oct 24 14:16:50 ip151 named[54864]: error (network unreachable) resolving 'gyogynovenyek-gyogyteak.com/A/IN': 2607:f0d0:1101:16f::6#53
Oct 24 14:16:50 ip151 named[54864]: error (network unreachable) resolving 'www.kitchenworksinc.com/AAAA/IN': 2607:f208:302::2d#53
Oct 24 14:16:50 ip151 named[54864]: error (network unreachable) resolving 'www.kitchenworksinc.com/A/IN': 2607:f208:206::2d#53
Oct 24 14:16:50 ip151 named[54864]: error (network unreachable) resolving 'www.kitchenworksinc.com/AAAA/IN': 2607:f208:206::2d#53
Oct 24 14:16:50 ip151 named[54864]: error (network unreachable) resolving 'gyogynovenyek-gyogyteak.com/AAAA/IN': 2607:f0d0:1101:16f::6#53
Oct 24 14:16:51 ip151 named[54864]: validating @0x7f4e1405ce60: www.gamasutra.com A: no valid signature found
Oct 24 14:16:51 ip151 named[54864]:  validating @0x7f4e1c5befc0: gamasutra.com SOA: no valid signature found
Oct 24 14:16:51 ip151 named[54864]:  validating @0x7f4e2008e200: www.gamasutra.com NSEC: no valid signature found
Oct 24 14:16:54 ip151 named[54864]: error (network unreachable) resolving 'www.utrinski.mk/A/IN': 2001:678:1::2#53
Oct 24 14:16:54 ip151 named[54864]: error (network unreachable) resolving 'www.utrinski.mk/AAAA/IN': 2001:678:1::2#53
Oct 24 14:16:54 ip151 named[54864]: error (network unreachable) resolving 'www.utrinski.mk/A/IN': 2001:628:453:bb::4#53
Oct 24 14:16:54 ip151 named[54864]: error (network unreachable) resolving 'www.utrinski.mk/AAAA/IN': 2001:628:453:bb::4#53
Oct 24 14:16:54 ip151 named[54864]: error (connection refused) resolving 'www.utrinski.mk/A/IN': 194.149.137.168#53
Oct 24 14:16:54 ip151 named[54864]: error (connection refused) resolving 'www.utrinski.mk/AAAA/IN': 194.149.137.168#53
Oct 24 14:16:59 ip151 named[54864]: validating @0x7f4e241324c0: www.biblioteksforeningen.org AAAA: no valid signature found
Oct 24 14:16:59 ip151 named[54864]: validating @0x7f4e0ccf4060: www.biblioteksforeningen.org A: no valid signature found
Oct 24 14:16:59 ip151 named[54864]: validating @0x7f4e0ccf4060: biblioteksforeningen.org A: no valid signature found
Oct 24 14:17:04 ip151 named[54864]: error (network unreachable) resolving 'dsac.cn/DS/IN': 2001:dc7::1#53

看起来我的服务器是垃圾邮件,其名称解析来自未知的人.如果我理解正确,我需要做的是将我的服务器设置为某种私有.

我很抱歉,如果我没有使用正确的术语,我只是想在它成为我主持的网站的真正问题之前快速解决这个问题.

谢谢

更新1：
-route§的结果是：

Destination                    Next Hop                   Flag Met Ref Use If
[::]/96                        [::]                       !n   1024 0     0 lo
0.0.0.0/96                     [::]                       !n   1024 0     0 lo
2002:x00::/24                  [::]                       !n   1024 0     0 lo
2002:xf00::/24                 [::]                       !n   1024 0     0 lo
2002:x9fe::/32                 [::]                       !n   1024 0     0 lo
2002:xc10::/28                 [::]                       !n   1024 0     0 lo
2002:x0a8::/32                 [::]                       !n   1024 0     0 lo
2002:x000::/19                 [::]                       !n   1024 0     0 lo
3ffe:xfff::/32                 [::]                       !n   1024 0     0 lo
[::]/0                         [::]                       !n   -1  113233992 lo
localhost/128                  [::]                       Un   0   116069755 lo
ipxxx.ip-17x-3x-4x.eu/128      [::]                       Un   0   1 14444 lo
ff00::/8                       [::]                       U    256 0     0 ens18
[::]/0                         [::]                       !n   -1  113233992 lo

更新2

我只是通过以下更改修改了named.conf文件(文件中清楚地解释了所有内容,我应该首先看一下)

options {
    listen-on port 53 {
        any;
        };
//  listen-on-v6 port 53 {
//      any;
//      };

我评论了最后3行,因为我在我的网站上没有处理任何IP V6.

还修改了从yes到no的那一行：

`/* 
 - If you are building an AUTHORITATIVE DNS server,do NOT enable recursion.
 - If you are building a RECURSIVE (caching) DNS server,you need to enable 
   recursion. 
 - If your recursive DNS server has a public IP address,you MUST enable access 
   control to limit queries to your legitimate users. Failing to do so will
   cause your server to become part of large scale DNS amplification 
   attacks. Implementing BCP38 within your network would greatly
   reduce such attack surface 
*/`
    recursion no;

它似乎不会影响我的任何网站.
结果,我的日志现在看起来像这样：

Oct 24 15:10:57 ip151 named[40819]: client 127.0.0.1#58400 (www.dunyadinleri.com): query (cache) 'www.dunyadinleri.com/AAAA/IN' denied
Oct 24 15:10:57 ip151 named[40819]: client 127.0.0.1#58400 (www.dunyadinleri.com): query (cache) 'www.dunyadinleri.com/A/IN' denied
Oct 24 15:10:57 ip151 named[40819]: client 127.0.0.1#17750 (ujquery.org): query (cache) 'ujquery.org/A/IN' denied
Oct 24 15:10:57 ip151 named[40819]: client 127.0.0.1#17750 (ujquery.org): query (cache) 'ujquery.org/AAAA/IN' denied
Oct 24 15:10:57 ip151 named[40819]: client 127.0.0.1#58400 (adsl.aruba.it): query (cache) 'adsl.aruba.it/A/IN' denied
Oct 24 15:10:57 ip151 named[40819]: client 127.0.0.1#58400 (adsl.aruba.it): query (cache) 'adsl.aruba.it/AAAA/IN' denied
Oct 24 15:10:57 ip151 named[40819]: client 127.0.0.1#58400 (www.microscopy-uk.org.uk): query (cache) 'www.microscopy-uk.org.uk/A/IN' denied

route -6

::/0                           2001:xxxx:xxxx:196::1      UG   1024 8   874 eth0