linux下DNS服务器之视图和轮询
案例4 视图 viwer
拓扑图:
1.查看帮助
[root@centos ~]# vim /usr/share/doc/bind-9.8.2/sample/etc/named.conf
[root@host2 ~]# cd /var/named/chroot/etc
2.[root@centos etc]# vim named.conf
添加视图:
36 view "lan-view"
37 {
38 zone "." IN {
39 type hint;
40 file "named.ca";
41 };
42 zone "ab.com" {
43 type master;
44 file "ab.com.lan";
45 };
46 include "/etc/named.rfc1912.zones";
47 };
48
49 view "internet-view"
50 {
51 zone "." IN {
52 type hint;
53 file "named.ca";
54 };
55 zone "ab.com" {
56 type master;
57 file "ab.com.internet";
58 };
59 };
60 //include "/etc/named.root.key";
61
3.
[root@centos chroot]# cd var/named/
[root@centos named]# cp -p named.localhost ab.com.lan
[root@centos named]# vim ab.com.lan
[root@centos named]# cp -p named.localhost ab.com.internet
[root@centos named]# vim ab.com.internet
4.
查看帮助
[root@centos ~]# man named.conf
ACL match
9 acl lan-user { 192.168.6.0/24; };
10 acl internet-user { any; };
编辑主配置文档named.conf :
[root@centos etc]# vim named.conf
5.内网测试:
用windows server 2003:
C:\Documents and Settings\Administrator>nslookup www.ab.com
DNS request timed out.
timeout was 2 seconds.
*** Can‘t find server name for address 192.168.6.6: Timed out
Server: UnKnown
Address: 192.168.6.6
Name: www.ab.com
Address: 192.168.6.50
6.防火墙配置(华为)
[H3C]int eth0/0
[H3C-Ethernet0/0]ip add 192.168.6.1 24
[H3C-Ethernet0/0]int eth0/4
[H3C-Ethernet0/4]ip add 61.130.130.1 24
[H3C]firewall zone trust
[H3C-zone-trust]add int eth0/0
The interface has been added to trust security zone.
[H3C-zone-trust]add int eth0/4
[H3C-zone-trust]dis ip routing-table
Routing Table: public net
Destination/Mask Protocol Pre Cost Nexthop Interface
61.130.130.0/24 DIRECT 0 0 61.130.130.1 Ethernet0/4
61.130.130.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0
127.0.0.0/8 DIRECT 0 0 127.0.0.1 InLoopBack0
127.0.0.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0
192.168.6.0/24 DIRECT 0 0 192.168.6.1 Ethernet0/0
192.168.6.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0
DNAT语句:
[H3C-Ethernet0/4]nat server protocol udp global 61.130.130.1 53 inside 192.168.6.6 53
7.用外网(61.130.130.0网段)的一台windows server 2003虚拟机测试:
C:\Documents and Settings\Administrator>nslookup www.ab.com
DNS request timed out.
timeout was 2 seconds.
*** Can‘t find server name for address 192.168.6.6: Timed out
Server: UnKnown
Address: 192.168.6.6
Name: www.ab.com
Address: 61.130.130.1
案例5 dns轮询
CDN 内容分发网络
[root@host2 ~]# cd /var/named/chroot/etc
[root@centos etc]# vim named.rfc1912.zones
zone "sina.com.cn" IN {
type master;
file "sina.com.cn.zone";
allow-update { none; };
};
[root@centos etc]# cd ..
[root@centos chroot]# cd var/named/
[root@centos named]# cp -p named.localhost sina.com.cn.zone
[root@centos named]# vim sina.com.cn.zone
C:\Documents and Settings\Administrator>nslookup www.sina.com.cn
DNS request timed out.
timeout was 2 seconds.
*** Can‘t find server name for address 192.168.6.6: Timed out
Server: UnKnown
Address: 192.168.6.6
Name: www.sina.com.cn
Addresses: 2.2.2.2, 1.1.1.1
测试:
C:\Documents and Settings\Administrator>ping www.sina.com.cn
Pinging www.sina.com.cn [1.1.1.1] with 32 bytes of data:
[root@centos ~]# ping www.sina.com.cn
PING www.sina.com.cn (2.2.2.2) 56(84) bytes of data.
From 192.168.6.6 icmp_seq=2 Destination Host Unreachable
本文出自 “linux日志服务器” 博客,请务必保留此出处http://8817074.blog.51cto.com/8807074/1407673
郑重声明:本站内容如果来自互联网及其他传播媒体,其版权均属原媒体及文章作者所有。转载目的在于传递更多信息及用于网络分享,并不代表本站赞同其观点和对其真实性负责,也不构成任何其他建议。
