BIND主從模式下實現View智能尋線

時間  2019-12-30
標籤 bind 主從 模式 實現 view 智能 简体版
原文   原文鏈接

DNS域名解析基本過程
bash


DNS主從模式下實現VIEW智能尋線
網絡

網絡拓撲圖以下:ide

實現步驟以下:
oop

一、主DNS測試

主配置文件 /etc/named.confspa

acl innet {
        192.168.1.0/24;
        127.0.0.0/8;
};
options {
        directory "/var/named";
        allow-recursion { innet; };
        notify  yes;
        querylog yes;
};
logging {
        channel query_log {
                file "/var/log/named/bind_query.log" versions 5 size 10M;
                severity dynamic;
                print-category yes;
                print-time yes;
                print-severity yes;
        };
        channel xfer_log {
                file "/var/log/named/transfer.log" versions 3 size 10k;
                severity debug 3;
                print-time yes;
        };
        category queries { query_log; };
        category xfer-out { xfer_log; };
};
view telecomsync {
        match-clients { 192.168.1.111; };
        allow-transfer { 192.168.1.111; };
        zone "soulboy.com" IN {
        type master;
        file "telecom.soulboy.com.zone";
        };
};
view unicomsync {
        match-clients {  192.168.1.112;  };
        allow-transfer { 192.168.1.112; };
        zone "soulboy.com" IN {
        type master;
        file "unicom.soulboy.com.zone";
        };
};
view telecom {
        match-clients { innet; };
        zone "soulboy.com" IN {
        type master;
        file "telecom.soulboy.com.zone";
        };
};
view unicom {
        match-clients {  any;  };
        zone "soulboy.com" IN {
        type master;
        file "unicom.soulboy.com.zone";
        };
};

正向區域文件/var/named/telecom.soulboy.com.zonedebug

$TTL 43200
@       IN      SOA     ns1.soulboy.com.  admin.soulboy.com.    (
                        2013040202
                        1H
                        10M
                        7D
                        1D      )
                IN      NS      ns1
                IN      NS      ns2
                IN      MX  10  mail
ns1             IN      A       192.168.1.104
ns2             IN      A       192.168.1.110
mail            IN      A       192.168.1.105
www             IN      A       192.168.1.106
ftp             IN      CNAME   www
*.soulboy.com.  IN      A       192.168.1.140
fin             IN      NS      ns1.fin
ns1.fin         IN      A       192.168.1.160

正向區域文件/var/named/unicom.soulboy.com.zone
3d

$TTL 43200
@       IN      SOA     ns1.soulboy.com.  admin.soulboy.com.    (
                        2013040202
                        1H
                        10M
                        7D
                        1D      )
                IN      NS      ns1
                IN      NS      ns2
                IN      MX  10  mail
ns1             IN      A       192.168.1.104
ns2             IN      A       192.168.1.110
mail            IN      A       192.168.1.115
www             IN      A       192.168.1.116
ftp             IN      CNAME   www
*.soulboy.com.  IN      A       192.168.1.140
fin             IN      NS      ns1.fin
ns1.fin         IN      A       192.168.1.160


二、輔助DNS(區域文件自動同步)
blog

主配置文件 /etc/named.conf路由

acl innet {
        192.168.1.0/24;
        127.0.0.0/8;
};
options {
        directory "/var/named";
        allow-recursion { innet; };
        notify  yes;
        querylog yes;
};
logging {
        channel query_log {
                file "/var/log/named/bind_query.log" versions 5 size 10M;
                severity dynamic;
                print-category yes;
                print-time yes;
                print-severity yes;
        };
        channel xfer_log {
                file "/var/log/named/transfer.log" versions 3 size 10k;
                severity debug 3;
                print-time yes;
        };
        category queries { query_log; };
        category xfer-out { xfer_log; };
};
view telecom {
        match-clients { innet; };
        transfer-source 192.168.1.111;
        zone "soulboy.com" IN {
        type slave;
        file "slaves/telecom.soulboy.com.zone";
        masters { 192.168.1.104; };
        allow-transfer { none; };
        };
};
view unicom {
        match-clients { any; };
        transfer-source 192.168.1.112;
        zone "soulboy.com" IN {
        type slave;
        file "slaves/unicom.soulboy.com.zone";
        masters { 192.168.1.104; };
        allow-transfer { none; };
        };
};


三、子域(fin.soulboy.com)

主配置文件 /etc/named.conf

options {
        directory "/var/named";
};
zone "." IN {
        type hint;
        file "named.ca";
};
zone "localhost" IN {
        type master;
        file "named.localhost";
        allow-transfer { none; };
};
zone "0.0.127.in-addr.arpa" IN {
        type master;
        file "named.loopback";
        allow-transfer { none; };
};
zone "fin.soulboy.com" IN {
        type master;
        file "fin.soulboy.com.zone";
};
zone "soulboy.com" IN {
        type forward;
        forward first;
        forwarders      { 192.168.1.104; };
};

正向區域配置文件/var/named/fin.soulboy.com.zone

$TTL 600
@       IN      SOA     ns1.fin.soulboy.com.    admin.fin.soulboy.com. (
        2013050105
        1H
        5M
        2D
        6H  )
                IN      NS      ns1
                IN      MX  10  mail
ns1             IN      A       192.168.1.160
mail            IN      A       192.168.1.166
www             IN      A       192.168.1.160


四、測試

客戶端使用輔助DNS解析:

   View會根據客戶端IP(172.168.1.10)智能的爲其選擇匹配的區域文件unicom.soulboy.com.zone(解析地址應爲192.168.1.116),結果以下圖:


路由器使用輔助DNS解析:

   View會根據路由器IP(192.168.1.254)智能的爲其選擇匹配的區域文件telecom.soulboy.com.zone(解析地址應爲192.168.1.106),結果以下圖:

至此足可證實主從DNS工做正常,沒有問題。


客戶端使用輔助DNS解析子域(fin.soulboy.com),結果以下圖:


路由器使用複製DNS解析子域(www.fin.soulboy.com),結果以下圖:

至此足以證實主從DNS和子域(fin.soulboy.com)工做正常,沒有問題。

相關文章
相關標籤/搜索
每日一句
    每一个你不满意的现在,都有一个你没有努力的曾经。
本站公眾號
   歡迎關注本站公眾號,獲取更多信息
聯繫我們 最近搜索 最新文章 沪ICP备13005482号-10 MyBatis教程 SQL 教程 MySQL教程 Java 教程 Thymeleaf 教程 Hibernate教程 Spring教程 Redis教程