dns-view (分網段智能解析)
對傳統dns而言,添加了acl和view,可使不同的ip或網段解析同一域名得出不同的結果,在安全上和負載均衡上能起到一定的作用
# mount /dev/cdrom /media/cdrom
# cd /media/cdrom/Server
# rpm -ivh bind-9.3.6-4.p1.el5_4.2.i386.rpm
# rpm -ivh bind-utils-9.3.6-4.p1.el5_4.2.i386.rpm
# rpm -ivh bind-chroot-9.3.6-4.p1.el5_4.2.i386.rpm
# rpm -ivh caching-nameserver-9.3.6-4.p1.el5_4.2.i386.rpm
# vi /var/named/chroot/etc/named.conf
acl internal {
192.168.1.0/24;
};
acl external {
172.16.0.0/24
options {
directory "/var/named";
forwarders {192.168.1.1;};
view internal {
match-clients {192.168.1.10;};
zone "yang.com" IN {
type master;
file "yang.com.zone";
zone "10.1.168.192.in-addr.arpa" IN {
file "192.168.1.10.arpa";
view external {
matchclients {!192.168.1.10;192.168.1.12;}; (不用1.10解析,用1.12解析)
zone "yang.com" IN {
file "ming.com.zone";
zone "12.1.168.192.in-addr.arpa" IN {
file "192.168.1.12.arpa";
:wq
# chown named /var/named/chroot/etc/named.conf
# vi /var/named/chroot/var/named/yang.com.zone
$TTL 86400
@ IN SOA yang.com. ns1.yang.com. (
2009022001
4H
30M
12H
1D
)
@ IN NS ns1.yang.com.
IN NS 192.168.1.10
mail IN MX 10 mail.yang.com.
ns1 IN A 192.168.1.10
mail IN A 192.168.1.10
www IN A 192.168.1.10
study IN A 192.168.1.10
* IN A 192.168.1.10
# chown named /var/named/chroot/var/named/yang.com.zone
# vi /var/named/chroot/var/named/192.168.1.10.arpa
@ IN SOA yang.com. ns1.yang.com. (
2009022002
4H
30M
12H
1D
IN NS ns1.yang.com.
IN A 192.168.1.10
# chown named /var/named/chroot/var/named/192.168.1.10.arpa
# vi /var/named/chroot/var/named/ming.com.zone
IN NS 192.168.1.12
ns1 IN A 192.168.1.12
mail IN A 192.168.1.12
www IN A 192.168.1.12
study IN A 192.168.1.12
* IN A 192.168.1.12
IN A 192.168.1.12
# chown named /var/named/chroot/var/named/192.168.1.12.arpa
# service named restart
注:192.168.1.12上也要做dns的,傳統dns即可。
本文轉自linux部落格51CTO部落格,原文連結http://blog.51cto.com/yangzhiming/863882如需轉載請自行聯系原作者
yangzhimingg
![linux-svn解除安裝與安裝[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)