IT技术互动交流平台

BIND主从模式下实现View智能寻线

作者:星矢  发布日期:2013-08-23 10:18:30

DNS域名解析基本过程


 


 

DNS主从模式下实现VIEW智能寻线


网络拓扑图如下:

 


 

实现步骤如下:


1、主DNS

主配置文件 /etc/named.conf

 

acl innet { 
        192.168.1.0/24; 
        127.0.0.0/8; 
}; 
options { 
        directory "/var/named"; 
        allow-recursion { innet; }; 
        notify  yes; 
        querylog yes; 
}; 
logging { 
        channel query_log { 
                file "/var/log/named/bind_query.log" versions 5 size 10M; 
                severity dynamic; 
                print-category yes; 
                print-time yes; 
                print-severity yes; 
        }; 
        channel xfer_log { 
                file "/var/log/named/transfer.log" versions 3 size 10k; 
                severity debug 3; 
                print-time yes; 
        }; 
        category queries { query_log; }; 
        category xfer-out { xfer_log; }; 
}; 
view telecomsync { 
        match-clients { 192.168.1.111; }; 
        allow-transfer { 192.168.1.111; }; 
        zone "soulboy.com" IN { 
        type master; 
        file "telecom.soulboy.com.zone"; 
        }; 
}; 
view unicomsync { 
        match-clients {  192.168.1.112;  }; 
        allow-transfer { 192.168.1.112; }; 
        zone "soulboy.com" IN { 
        type master; 
        file "unicom.soulboy.com.zone"; 
        }; 
}; 
view telecom { 
        match-clients { innet; }; 
        zone "soulboy.com" IN { 
        type master; 
        file "telecom.soulboy.com.zone"; 
        }; 
}; 
view unicom { 
        match-clients {  any;  }; 
        zone "soulboy.com" IN { 
        type master; 
        file "unicom.soulboy.com.zone"; 
        }; 
};

正向区域文件/var/named/telecom.soulboy.com.zone

 

$TTL 43200 
@       IN      SOA     ns1.soulboy.com.  admin.soulboy.com.    ( 
                        2013040202 
                        1H 
                        10M 
                        7D 
                        1D      ) 
                IN      NS      ns1 
                IN      NS      ns2 
                IN      MX  10  mail 
ns1             IN      A       192.168.1.104 
ns2             IN      A       192.168.1.110 
mail            IN      A       192.168.1.105 
www             IN      A       192.168.1.106 
ftp             IN      CNAME   www 
*.soulboy.com.  IN      A       192.168.1.140 
fin             IN      NS      ns1.fin 
ns1.fin         IN      A       192.168.1.160

正向区域文件/var/named/unicom.soulboy.com.zone


 

$TTL 43200
@       IN      SOA     ns1.soulboy.com.  admin.soulboy.com.    ( 
                        2013040202
                        1H 
                        10M 
                        7D 
                        1D      ) 
                IN      NS      ns1 
                IN      NS      ns2 
                IN      MX  10  mail 
ns1             IN      A       192.168.1.104
ns2             IN      A       192.168.1.110
mail            IN      A       192.168.1.115
www             IN      A       192.168.1.116
ftp             IN      CNAME   www 
*.soulboy.com.  IN      A       192.168.1.140
fin             IN      NS      ns1.fin 
ns1.fin         IN      A       192.168.1.160

2、辅助DNS(区域文件自动同步)


主配置文件 /etc/named.conf

 

acl innet { 
        192.168.1.0/24; 
        127.0.0.0/8; 
}; 
options { 
        directory "/var/named"; 
        allow-recursion { innet; }; 
        notify  yes; 
        querylog yes; 
}; 
logging { 
        channel query_log { 
                file "/var/log/named/bind_query.log" versions 5 size 10M; 
                severity dynamic; 
                print-category yes; 
                print-time yes; 
                print-severity yes; 
        }; 
        channel xfer_log { 
                file "/var/log/named/transfer.log" versions 3 size 10k; 
                severity debug 3; 
                print-time yes; 
        }; 
        category queries { query_log; }; 
        category xfer-out { xfer_log; }; 
}; 
view telecom { 
        match-clients { innet; }; 
        transfer-source 192.168.1.111; 
        zone "soulboy.com" IN { 
        type slave; 
        file "slaves/telecom.soulboy.com.zone"; 
        masters { 192.168.1.104; }; 
        allow-transfer { none; }; 
        }; 
}; 
view unicom { 
        match-clients { any; }; 
        transfer-source 192.168.1.112; 
        zone "soulboy.com" IN { 
        type slave; 
        file "slaves/unicom.soulboy.com.zone"; 
        masters { 192.168.1.104; }; 
        allow-transfer { none; }; 
        }; 
};

3、子域(fin.soulboy.com)

主配置文件 /etc/named.conf

 

options { 
        directory "/var/named"; 
}; 
zone "." IN { 
        type hint; 
        file "named.ca"; 
}; 
zone "localhost" IN { 
        type master; 
        file "named.localhost"; 
        allow-transfer { none; }; 
}; 
zone "0.0.127.in-addr.arpa" IN { 
        type master; 
        file "named.loopback"; 
        allow-transfer { none; }; 
}; 
zone "fin.soulboy.com" IN { 
        type master; 
        file "fin.soulboy.com.zone"; 
}; 
zone "soulboy.com" IN { 
        type forward; 
        forward first; 
        forwarders      { 192.168.1.104; }; 
};

正向区域配置文件/var/named/fin.soulboy.com.zone


 

$TTL 600 
@       IN      SOA     ns1.fin.soulboy.com.    admin.fin.soulboy.com. ( 
        2013050105 
        1H 
        5M 
        2D 
        6H  ) 
                IN      NS      ns1 
                IN      MX  10  mail 
ns1             IN      A       192.168.1.160 
mail            IN      A       192.168.1.166 
www             IN      A       192.168.1.160



 

4、测试

客户端使用辅助DNS解析:

   View会根据客户端IP(172.168.1.10)智能的为其选择匹配的区域文件unicom.soulboy.com.zone(解析地址应为192.168.1.116),结果如下图:

 


 

路由器使用辅助DNS解析:

   View会根据路由器IP(192.168.1.254)智能的为其选择匹配的区域文件telecom.soulboy.com.zone(解析地址应为192.168.1.106),结果如下图:

至此足可证明主从DNS工作正常,没有问题。

客户端使用辅助DNS解析子域(fin.soulboy.com),结果如下图:

 


 

路由器使用复制DNS解析子域(www.fin.soulboy.com),结果如下图:

 

 
 

至此足以证明主从DNS和子域(fin.soulboy.com)工作正常,没有问题。

 

 

 

Tag标签: BIND   主从模式  
  • 专题推荐

About IT165 - 广告服务 - 隐私声明 - 版权申明 - 免责条款 - 网站地图 - 网友投稿 - 联系方式
本站内容来自于互联网,仅供用于网络技术学习,学习中请遵循相关法律法规