15DNS视图 学习笔记
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了15DNS视图 学习笔记相关的知识,希望对你有一定的参考价值。
view 视图,逻辑的DNS服务器,不一样的请求有意返回不一样的值
目标:120段解析返回120段的IP,其他解析返回130段IP
1、安装bind
[[email protected] ~]# yum -y install bind
2、配置主配置文件
[[email protected] ~]# sed "/^\//d" /etc/named.conf
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { 192.168.0.0/16; };
recursion yes;
/* Path to ISC DLV key */
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
include "/etc/named.rfc1912.zones";
3、配置区域数据文件
[[email protected] ~]# sed "/^\//d" /etc/named.rfc1912.zones
view net120 {
match-clients { 192.168.120.0/24; };
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost.localdomain" IN {
type master;
file "named.localhost";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "named.localhost";
allow-update { none; };
};
zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.loopback";
allow-update { none; };
};
zone "1.0.0.127.in-addr.arpa" IN {
type master;
file "named.loopback";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.empty";
allow-update { none; };
};
zone "kaiyuandiantang.com" IN {
type master;
file "kaiyuandiantang.com.net120";
};
};
view net130 {
match-clients { any; };
zone "kaiyuandiantang.com" IN {
type master;
file "kaiyuandiantang.com.net130";
};
};
[[email protected] ~]#
4、配置数据库文件
[[email protected] named]# cat kaiyuandiantang.com.net120
$TTL 600
@ IN SOA ns1.kaiyuandiantang.com. admin.kaiyuandiantang.com. (
2017090801
1H
5M
3D
12H
)
IN NS ns1
IN MX 10 mail
ns1 IN A 192.168.130.120
mail IN A 192.168.120.10
www IN A 192.168.120.20
[[email protected] named]#
[[email protected] named]# cat kaiyuandiantang.com.net130
$TTL 600
@ IN SOA ns1.kaiyuandiantang.com. admin.kaiyuandiantang.com. (
2017090801
1H
5M
3D
12H
)
IN NS ns1
IN MX 10 mail
ns1 IN A 192.168.130.120
mail IN A 192.168.130.10
www IN A 192.168.130.20
[[email protected] named]#
5、修改权限启动服务
[[email protected] named]# chown root:named kaiyuandiantang.com.net1*
[[email protected] named]# chmod 640 kaiyuandiantang.com.net1*
[[email protected] named]# named-checkconf
[[email protected] named]# named-checkzone kaiyuandiantang.com kaiyuandiantang.com.net120
zone kaiyuandiantang.com/IN: loaded serial 2017090801
OK
[[email protected] named]# named-checkzone kaiyuandiantang.com kaiyuandiantang.com.net130
zone kaiyuandiantang.com/IN: loaded serial 2017090801
OK
[[email protected] named]# service named start
Generating /etc/rndc.key: [ OK ]
Starting named: [ OK ]
[[email protected] named]# tail /var/log/messages
Sep 8 16:41:44 localhost named[3202]: zone 0.in-addr.arpa/IN/net120: loaded serial 0
Sep 8 16:41:44 localhost named[3202]: zone 1.0.0.127.in-addr.arpa/IN/net120: loaded serial 0
Sep 8 16:41:44 localhost named[3202]: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN/net120: loaded serial 0
Sep 8 16:41:44 localhost named[3202]: zone kaiyuandiantang.com/IN/net120: loaded serial 2017090801
Sep 8 16:41:44 localhost named[3202]: zone localhost.localdomain/IN/net120: loaded serial 0
Sep 8 16:41:44 localhost named[3202]: zone localhost/IN/net120: loaded serial 0
Sep 8 16:41:44 localhost named[3202]: managed-keys-zone ./IN/net120: loaded serial 0
Sep 8 16:41:44 localhost named[3202]: zone kaiyuandiantang.com/IN/net130: loaded serial 2017090801
Sep 8 16:41:44 localhost named[3202]: managed-keys-zone ./IN/net130: loaded serial 0
Sep 8 16:41:44 localhost named[3202]: running
[[email protected] named]#
6、测试
在120段测试
[[email protected] ~]# dig -t A www.kaiyuandiantang.com
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> -t A www.kaiyuandiantang.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7067
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;www.kaiyuandiantang.com. IN A
;; ANSWER SECTION:
www.kaiyuandiantang.com. 600 IN A 192.168.120.20
;; AUTHORITY SECTION:
kaiyuandiantang.com. 600 IN NS ns1.kaiyuandiantang.com.
;; ADDITIONAL SECTION:
ns1.kaiyuandiantang.com. 600 IN A 192.168.130.120
;; Query time: 8 msec
;; SERVER: 192.168.130.120#53(192.168.130.120)
;; WHEN: Fri Sep 8 16:44:23 2017
;; MSG SIZE rcvd: 91
[[email protected] ~]#
在130段测试
[[email protected] named]# dig -t A www.kaiyuandiantang.com
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6_9.4 <<>> -t A www.kaiyuandiantang.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32502
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;www.kaiyuandiantang.com. IN A
;; ANSWER SECTION:
www.kaiyuandiantang.com. 600 IN A 192.168.130.20
;; AUTHORITY SECTION:
kaiyuandiantang.com. 600 IN NS ns1.kaiyuandiantang.com.
;; ADDITIONAL SECTION:
ns1.kaiyuandiantang.com. 600 IN A 192.168.130.120
;; Query time: 0 msec
;; SERVER: 192.168.130.120#53(192.168.130.120)
;; WHEN: Fri Sep 8 16:43:37 2017
;; MSG SIZE rcvd: 91
[[email protected] named]#
本文出自 “开源殿堂” 博客,请务必保留此出处http://kaiyuandiantang.blog.51cto.com/10699754/1964393
以上是关于15DNS视图 学习笔记的主要内容,如果未能解决你的问题,请参考以下文章