天天看點
傳回

Linux雙線路切換(四)

四.實作DNS功能

修改 /etc/hosts

Linux雙線路切換(四)

xxpost.com為域名,還有一個xxpost.com域名是一個申請好的國際域名,此處沒有寫出來。

guangdian.xxpost.com和wangtong.xxpost.com為連接配接外網的兩個ISP提供商的位址。

注意:域名解析的順序由/etc/host.conf 指定,先從hosts解析, 再從bind解析。

Multi on為多IP域名設定。

修改 /etc/resolv.conf

nameserver xxpost.com

nameserver guangdian.xxpost.com

nameserver wangtong.xxpost.com

先由本機域名伺服器xxpost.com搜尋,再從其他域名伺服器搜尋。

修改 /etc/named.conf

這是一個連結檔案,原檔案位于 /var/named/chroot/etc/)

//

// named.conf for Red Hat caching-nameserver

options {

        directory "/var/named";

        dump-file "/var/named/data/cache_dump.db";

        statistics-file "/var/named/data/named_stats.txt";

        /*

         * If there is a firewall between you and nameservers you want

         * to talk to, you might need to uncomment the query-source

         * directive below.  Previous versions of BIND always asked

         * questions using port 53, but BIND 8.1 uses an unprivileged

         * port by default.

         */

         // query-source address * port 53;

        allow-query { any;};

        recursion no;

        forwarders {202.102.224.68;};

        forward only;

};

// a caching only nameserver config

controls {

        inet 127.0.0.1 allow { localhost; } keys { rndckey; };

acl "cncip"{//建立通路清單。

58.16.0.0/16;

58.17.0.0/17;

58.17.128.0/17;

58.18.0.0/16;

58.19.0.0/16;

58.20.0.0/16;

58.22.0.0/15;

58.240.0.0/15;

58.242.0.0/15;

58.246.0.0/15;

58.248.0.0/13;

60.0.0.0/13;

60.8.0.0/15;

60.10.0.0/16;

60.11.0.0/16;

60.12.0.0/16;

60.13.0.0/18;

60.13.128.0/17;

60.14.0.0/15;

60.16.0.0/13;

60.24.0.0/14;

60.28.0.0/15;

60.30.0.0/16;

60.31.0.0/16;

60.208.0.0/13;

60.216.0.0/15;

60.218.0.0/15;

60.220.0.0/14;

61.48.0.0/13;

61.133.0.0/17;

61.134.96.0/19;

61.134.128.0/17;

61.135.0.0/16;

61.137.128.0/17;

61.138.0.0/17;

61.138.128.0/18;

61.139.128.0/18;

61.148.0.0/15;

61.156.0.0/16;

61.159.0.0/18;

61.161.0.0/18;

61.161.128.0/17;

61.162.0.0/16;

61.163.0.0/16;

61.167.0.0/16;

61.168.0.0/16;

61.176.0.0/16;

61.179.0.0/16;

61.181.0.0/16;

61.182.0.0/16;

61.189.0.0/17;

202.96.0.0/18;

202.96.64.0/21;

202.96.72.0/21;

202.97.128.0/18;

202.97.224.0/21;

202.97.240.0/20;

202.98.0.0/21;

202.98.8.0/21;

202.99.64.0/19;

202.99.96.0/21;

202.99.128.0/19;

202.99.160.0/21;

202.99.168.0/21;

202.99.176.0/20;

202.99.208.0/20;

202.99.224.0/21;

202.99.232.0/21;

202.99.240.0/20;

202.102.128.0/21;

202.102.224.0/21;

202.102.232.0/21;

202.106.0.0/16;

202.107.0.0/17;

202.108.0.0/16;

202.110.0.0/17;

202.111.128.0/18;

203.93.8.0/24;

203.93.192.0/18;

210.13.128.0/17;

210.14.160.0/19;

210.14.192.0/19;

210.15.32.0/19;

210.15.96.0/19;

210.15.128.0/18;

210.21.0.0/16;

210.52.128.0/17;

210.53.0.0/17;

210.53.128.0/17;

210.74.96.0/19;

210.74.128.0/19;

210.82.0.0/15;

218.8.0.0/14;

218.12.0.0/16;

218.21.128.0/17;

218.24.0.0/14;

218.56.0.0/14;

218.60.0.0/15;

218.67.128.0/17;

218.68.0.0/15;

218.104.0.0/14;

219.154.0.0/15;

219.156.0.0/15;

219.158.0.0/17;

219.158.128.0/17;

219.159.0.0/18;

220.252.0.0/16;

221.0.0.0/15;

221.2.0.0/16;

221.3.0.0/17;

221.3.128.0/17;

221.4.0.0/16;

221.5.0.0/17;

221.5.128.0/17;

221.6.0.0/16;

221.7.0.0/19;

221.7.32.0/19;

221.7.64.0/19;

221.7.96.0/19;

221.8.0.0/15;

221.10.0.0/16;

221.11.0.0/17;

221.11.128.0/18;

221.11.192.0/19;

221.12.0.0/17;

221.12.128.0/18;

221.13.0.0/18;

221.13.64.0/19;

221.13.96.0/19;

221.13.128.0/17;

221.14.0.0/15;

221.192.0.0/15;

221.194.0.0/16;

221.195.0.0/16;

221.196.0.0/15;

221.198.0.0/16;

221.199.0.0/19;

221.199.32.0/20;

221.199.128.0/18;

221.199.192.0/20;

221.200.0.0/14;

221.204.0.0/15;

221.206.0.0/16;

221.207.0.0/18;

221.207.64.0/18;

221.207.128.0/17;

221.208.0.0/14;

221.212.0.0/16;

221.213.0.0/16;

221.216.0.0/13;

222.128.0.0/14;

222.132.0.0/14;

222.136.0.0/13;

222.160.0.0/15;

222.162.0.0/16;

222.163.0.0/19;};

view "CNC" { //利用BIND9的特殊功能VIEW(視圖),該功能能夠對不同的通路對象傳回不同的IP。

match-clients {"cncip";125.42.176.199;};

recursion yes;

zone "." IN {

        type hint;

        file "named.ca";

zone "localdomain" IN {

        type master;

        file "localdomain.zone";

        allow-update { none; };

zone "localhost" IN {

        file "localhost.zone";

zone "0.0.127.in-addr.arpa" IN {

        file "named.local";

zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {

        file "named.ip6.local";

zone "255.in-addr.arpa" IN {

        file "named.broadcast";

zone "0.in-addr.arpa" IN {

        file "named.zero";

zone "xxpost.com" IN {//添加正向解析域

        file "xxpost.com.cnc.hosts";

#       allow-transfer {125.42.176.199;};

        forwarders{ };

zone "176.42.125.in-addr.arpa" IN {//添加反向解析域。

        file "xxpost.com.cnc.local";

include "/etc/rndc.key";

view "OTHERS" {//建立通路清單。

match-clients { any; };

recursion no;

        file "xxpost.com.hosts";

#        allow-transfer {219.150.222.36;};

zone "222.150.219.in-addr.arpa" IN {//添加反向解析域。

        file "xxpost.com.local";

建立網通正反向解析域檔案

xxpost.com.cnc.hosts為網通線路域名正向解析域檔案

[root@xxpost named]# vi xxpost.com.cnc.hosts

$TTL    86400

@       IN SOA xxpost.com. admin.xxpost.com.(

                2007062012

                3H

                15M

                1W

                1D)

@       IN NS   dns1.xxpost.com.

        IN A    125.42.176.199

dns1    IN A    125.42.176.199

www     IN CNAME        dns1.xxpost.com.

mail    IN CNAME        dns1.xxpost.com.

ftp     IN CNAME        dns1.xxpost.com.

dns     IN CNAME        dns1.xxpost.com.

xxpost.com.cnc.local為網通線路域名反向解析域檔案

[root@xxpost named]# vi xxpost.com.cnc.local

$TTL 86400

        20070622;

        28800;

        14400;

        3600000;

        86400);

        IN NS dns1.xxpost.com.

10      IN PTR dns1.xxpost.com.

10      IN PTR [url]www.xxpost.com.[/url]

10      IN PTR mail.xxpost.com.

10      IN PTR ftp.xxpost.com.

100     IN PTR dns.xxpost.com.

建立電信正反向解析域檔案

xxpost.com.hosts為電信線路域名正向解析域檔案

[root@xxpost named]# vi xxpost.com.hosts

                2007062013

@       IN NS   dns2.xxpost.com.

        IN A    219.150.222.36

dns2    IN A    219.150.222.36

www     IN CNAME        dns2.xxpost.com.

mail    IN CNAME        dns2.xxpost.com.

ftp     IN CNAME        dns2.xxpost.com.

dns     IN CNAME        dns2.xxpost.com.

xxpost.com.local為電信線路域名反向解析域檔案

[root@xxpost named]# vi xxpost.com.local

        20070621;

        IN NS dns2.xxpost.com.

10      IN PTR dns2.xxpost.com.

重新啟動DNS服務,或重新加載域名解析規則

# /etc/init.d/named stop

# /etc/init.d/named start

# /etc/init.d/named restart

# /etc/init.d/named reload

查詢域名測試

[root@xxpost named]# nslookup

> server

Default server: xxpost.com

Address: 125.42.176.199#53

Default server: guangdian.xxpost.com

Address: 219.150.222.33#53

Default server: wangtong.xxpost.com

Address: 125.42.176.193#53

> [url]www.xxpost.com[/url]

Server:         xxpost.com

Address:        125.42.176.199#53

[url]www.xxpost.com [/url] canonical name = dns1.xxpost.com.

Name:   dns1.xxpost.com

Address: 125.42.176.199

> 125.42.176.199

** server can't find 199.176.42.125.in-addr.arpa: NXDOMAIN

測試不是很成功,而且要想讓其他地方的網通線路快速登陸網站的話,需要把DNS改成本伺服器的位址。

網絡 Linux 職場 休閑 切換
上一篇: cisco VoIP軟電話配置實驗
下一篇: ADSL線路維護故障分析

繼續閱讀