DNS中view的實現

[root@localhost /var/named]# ll

total 32

-rw-r–r–. 1 root ?root ??173 Jan 20 14:46 magedu.com.zone

-rw-r–r–. 1 root ?root ??173 Jan 20 14:46 magedu.com.zone1

-rw-r–r–. 1 root ?root ??173 Jan 20 14:46 magedu.com.zone2

[root@localhost /var/named]# chown named magedu.com.zone*

[root@localhost /var/named]# chown named magedu.com.zone*

編輯區域數據庫文件

[root@localhost ~]# vim /var/named/magedu.com.zone1

$TTL 86400

magedu.com. ????IN ?????SOA ????dnssrv1 ding.163.com ???( 12 60 600 86400 10800 )

NS ?????dnssrv1

dnssrv1 A ??????192.168.119.159

websrv1 A ??????8.8.8.8

www ????CNAME ??websrv1

[root@localhost ~]# vim /var/named/magedu.com.zone2

$TTL 86400

magedu.com. ????IN ?????SOA ????dnssrv1 ding.163.com ???( 12 60 600 86400 10800 )

NS ?????dnssrv1

dnssrv1 A ??????192.168.119.159

websrv1 A ??????6.6.6.6

www ????CNAME ??websrv1

編輯dns配置文件

[root@localhost /var/named]# vim /etc/named.conf

acl beijingnet {192.168.119.129;};

acl tianjin {192.168.119.0/24;10.0.0.0/8;};

acl shanghainet {192.168.119.0/24;};

acl other {any;};

把/etc/named.conf文件中的

zone “.” IN {

type hint;

file “named.ca”;

};

遷移到/etc/named.rfc1912.zones中

[root@localhost ~]# vim /etc/named.rfc1912.zones

zone “.” IN {

type hint;

file “named.ca”;

};

acl 定義了不同的用戶訪問的不同的數據庫

有了view就需要把區域信息放入到view中

配置文件

[root@localhost /var/named]# vim /etc/named.conf

acl beijingnet {192.168.119.129;};

acl tianjin {192.168.119.0/24;10.0.0.0/8;};

acl shanghainet {192.168.119.0/24;};

acl other {any;};

options {

// ?????listen-on port 53 { 127.0.0.1; };

// ?????allow-query ????{ localhost; };

// ?????allow-transfer ?{192.168.119.136;};

view beijingview{

match-clients {beijingnet;};

zone “magedu.com” IN {

type master;

file “magedu.com.zone1“;

};

include “/etc/named.rfc1912.zones”;

};

include “/etc/named.root.key”;

view shanghaiview{

match-clients {shanghainet;};

zone “magedu.com” IN {

type master;

file “magedu.com.zone2“;

};

include “/etc/named.rfc1912.zones”;

};

view otherview{

zone “magedu.com” IN {

type master;

file “magedu.com.zone2“;

};

include “/etc/named.rfc1912.zones”;

};

檢查配置文件

[root@localhost /var/named]# named-checkconf

重新開啟服務

[root@localhost /var/named]# systemctl restart named

[root@localhost /var/named]# systemctl status named

• named.service – Berkeley Internet Name Domain (DNS)

Loaded: loaded (/usr/lib/systemd/system/named.service; disabled; vendor preset: disabled)

Active: active (running)?since Sat 2018-01-20 17:07:12 CST; 8s ago

測試

[root@localhost ~]# dig www.magedu.com @192.168.119.159

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6 <<>> www.magedu.com

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45164

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:

;www.magedu.com. IN A

;; ANSWER SECTION:

www.magedu.com. 86400 IN CNAME websrv1.magedu.com.

websrv1.magedu.com. 86400 IN A 8.8.8.8

;; AUTHORITY SECTION:

magedu.com. 86400 IN NS dnssrv1.magedu.com.

;; ADDITIONAL SECTION:

dnssrv1.magedu.com. 86400 IN A 192.168.119.159

;; Query time: 1 msec

;; SERVER: 192.168.119.159#53(192.168.119.159)

;; WHEN: Sat Jan 20 17:08:41 2018

;; MSG SIZE ?rcvd: 108

[root@localhost ~]#

在本機訪問

[root@localhost /var/named]# dig www.magedu.com @127.0.0.1

;; ANSWER SECTION:

www.magedu.com. 86400 IN CNAME websrv1.magedu.com.

websrv1.magedu.com. 86400 IN A 6.6.6.6