首页 » Linux基础 » 配置DNS的Split分离解析

配置DNS的Split分离解析

 
暂无评论 11,449次浏览
Split分离解析:当收到客户机的DNS查询请求时,根据客户机的来源地址提供不同的解析结果。
试用场景:访问压力大的网站,使用CDN提供的内容分发网络。
配置步骤:
1.建立地址库文件,hbp.com.zone1,hbp.com.zone2,代码分别如下:
[root@desktop ~]# cat /var/named/hbp.com.zone1
$TTL 1D
@ IN SOA @ rname.invalid. (
 0 ; serial
 1D ; refresh
 1H ; retry
 1W ; expire
 3H ) ; minimum
 NS @
 IN A 192.168.200.2
mail IN A 192.168.200.20
mail IN MX 10 192.168.200.20 
www In A 192.168.200.20

[root@desktop ~]# cat /var/named/hbp.com.zone2
$TTL 1D
@ IN SOA @ rname.invalid. (
 0 ; serial
 1D ; refresh
 1H ; retry
 1W ; expire
 3H ) ; minimum
 NS @
 IN A 192.168.200.2
mail IN A 192.168.100.20
mail IN MX 10 192.168.100.20 
www In A 192.168.100.20

2.定义acl列表,只用定义一个因为其他的全部使用any;
3.配置view视图,调用不同的地址库文件;
步骤2和3的代码如下,注意配置view视图,之后所有的zone区域必须在view视图之内:

[root@desktop ~]# cat /etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//

options {
 listen-on port 53 { any; };
 listen-on-v6 port 53 { ::1; };
 directory "/var/named";
 dump-file "/var/named/data/cache_dump.db";
 statistics-file "/var/named/data/named_stats.txt";
 memstatistics-file "/var/named/data/named_mem_stats.txt";
 allow-query { any; };
 recursion yes;

 dnssec-enable no;
 dnssec-validation no;
 dnssec-lookaside auto;

 /* Path to ISC DLV key */
 bindkeys-file "/etc/named.iscdlv.key";

 managed-keys-directory "/var/named/dynamic";
};

logging {
 channel default_debug {
 file "data/named.run";
 severity dynamic;
 };
};
acl "mylan"{
 192.168.200.1;192.168.200.2;192.168.200.100;192.168.200.100;
};
view "mylan"{
 match-clients{mylan;};
 
 zone "hbp.com" IN {
 type master;
 file "hbp.com.zone1" ;
 };
 zone "*" IN {
 type forward;
 forwarders {192.168.1.1;};
 };
};
view "other"{
 match-clients{any;};
 zone "hbp.com" IN {
 type master;
 file "hbp.com.zone2" ;
 };

 zone "*" IN {
 type forward;
 forwarders {192.168.1.1;};
 };
};


#include "/etc/named.rfc1912.zones";
#include "/etc/named.root.key";

4.重启named服务,测试,在192.168.200.2上测试,如下图:

双击查看大图

在其他IP上测试结果如下图:

双击查看大图

 

原文链接:配置DNS的Split分离解析,转载请注明来源!

0