天天看点
返回

Linux双线路切换(四)

四.实现DNS功能

修改 /etc/hosts

Linux双线路切换(四)

xxpost.com为域名,还有一个xxpost.com域名是一个申请好的国际域名,此处没有写出来。

guangdian.xxpost.com和wangtong.xxpost.com为连接外网的两个ISP提供商的地址。

注意:域名解析的顺序由/etc/host.conf 指定,先从hosts解析, 再从bind解析。

Multi on为多IP域名设置。

修改 /etc/resolv.conf

nameserver xxpost.com

nameserver guangdian.xxpost.com

nameserver wangtong.xxpost.com

先由本机域名服务器xxpost.com搜索,再从其他域名服务器搜索。

修改 /etc/named.conf

这是一个链接文件,原文件位于 /var/named/chroot/etc/)

//

// named.conf for Red Hat caching-nameserver

options {

        directory "/var/named";

        dump-file "/var/named/data/cache_dump.db";

        statistics-file "/var/named/data/named_stats.txt";

        /*

         * If there is a firewall between you and nameservers you want

         * to talk to, you might need to uncomment the query-source

         * directive below.  Previous versions of BIND always asked

         * questions using port 53, but BIND 8.1 uses an unprivileged

         * port by default.

         */

         // query-source address * port 53;

        allow-query { any;};

        recursion no;

        forwarders {202.102.224.68;};

        forward only;

};

// a caching only nameserver config

controls {

        inet 127.0.0.1 allow { localhost; } keys { rndckey; };

acl "cncip"{//创建访问列表。

58.16.0.0/16;

58.17.0.0/17;

58.17.128.0/17;

58.18.0.0/16;

58.19.0.0/16;

58.20.0.0/16;

58.22.0.0/15;

58.240.0.0/15;

58.242.0.0/15;

58.246.0.0/15;

58.248.0.0/13;

60.0.0.0/13;

60.8.0.0/15;

60.10.0.0/16;

60.11.0.0/16;

60.12.0.0/16;

60.13.0.0/18;

60.13.128.0/17;

60.14.0.0/15;

60.16.0.0/13;

60.24.0.0/14;

60.28.0.0/15;

60.30.0.0/16;

60.31.0.0/16;

60.208.0.0/13;

60.216.0.0/15;

60.218.0.0/15;

60.220.0.0/14;

61.48.0.0/13;

61.133.0.0/17;

61.134.96.0/19;

61.134.128.0/17;

61.135.0.0/16;

61.137.128.0/17;

61.138.0.0/17;

61.138.128.0/18;

61.139.128.0/18;

61.148.0.0/15;

61.156.0.0/16;

61.159.0.0/18;

61.161.0.0/18;

61.161.128.0/17;

61.162.0.0/16;

61.163.0.0/16;

61.167.0.0/16;

61.168.0.0/16;

61.176.0.0/16;

61.179.0.0/16;

61.181.0.0/16;

61.182.0.0/16;

61.189.0.0/17;

202.96.0.0/18;

202.96.64.0/21;

202.96.72.0/21;

202.97.128.0/18;

202.97.224.0/21;

202.97.240.0/20;

202.98.0.0/21;

202.98.8.0/21;

202.99.64.0/19;

202.99.96.0/21;

202.99.128.0/19;

202.99.160.0/21;

202.99.168.0/21;

202.99.176.0/20;

202.99.208.0/20;

202.99.224.0/21;

202.99.232.0/21;

202.99.240.0/20;

202.102.128.0/21;

202.102.224.0/21;

202.102.232.0/21;

202.106.0.0/16;

202.107.0.0/17;

202.108.0.0/16;

202.110.0.0/17;

202.111.128.0/18;

203.93.8.0/24;

203.93.192.0/18;

210.13.128.0/17;

210.14.160.0/19;

210.14.192.0/19;

210.15.32.0/19;

210.15.96.0/19;

210.15.128.0/18;

210.21.0.0/16;

210.52.128.0/17;

210.53.0.0/17;

210.53.128.0/17;

210.74.96.0/19;

210.74.128.0/19;

210.82.0.0/15;

218.8.0.0/14;

218.12.0.0/16;

218.21.128.0/17;

218.24.0.0/14;

218.56.0.0/14;

218.60.0.0/15;

218.67.128.0/17;

218.68.0.0/15;

218.104.0.0/14;

219.154.0.0/15;

219.156.0.0/15;

219.158.0.0/17;

219.158.128.0/17;

219.159.0.0/18;

220.252.0.0/16;

221.0.0.0/15;

221.2.0.0/16;

221.3.0.0/17;

221.3.128.0/17;

221.4.0.0/16;

221.5.0.0/17;

221.5.128.0/17;

221.6.0.0/16;

221.7.0.0/19;

221.7.32.0/19;

221.7.64.0/19;

221.7.96.0/19;

221.8.0.0/15;

221.10.0.0/16;

221.11.0.0/17;

221.11.128.0/18;

221.11.192.0/19;

221.12.0.0/17;

221.12.128.0/18;

221.13.0.0/18;

221.13.64.0/19;

221.13.96.0/19;

221.13.128.0/17;

221.14.0.0/15;

221.192.0.0/15;

221.194.0.0/16;

221.195.0.0/16;

221.196.0.0/15;

221.198.0.0/16;

221.199.0.0/19;

221.199.32.0/20;

221.199.128.0/18;

221.199.192.0/20;

221.200.0.0/14;

221.204.0.0/15;

221.206.0.0/16;

221.207.0.0/18;

221.207.64.0/18;

221.207.128.0/17;

221.208.0.0/14;

221.212.0.0/16;

221.213.0.0/16;

221.216.0.0/13;

222.128.0.0/14;

222.132.0.0/14;

222.136.0.0/13;

222.160.0.0/15;

222.162.0.0/16;

222.163.0.0/19;};

view "CNC" { //利用BIND9的特殊功能VIEW(视图),该功能能够对不同的访问对象返回不同的IP。

match-clients {"cncip";125.42.176.199;};

recursion yes;

zone "." IN {

        type hint;

        file "named.ca";

zone "localdomain" IN {

        type master;

        file "localdomain.zone";

        allow-update { none; };

zone "localhost" IN {

        file "localhost.zone";

zone "0.0.127.in-addr.arpa" IN {

        file "named.local";

zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {

        file "named.ip6.local";

zone "255.in-addr.arpa" IN {

        file "named.broadcast";

zone "0.in-addr.arpa" IN {

        file "named.zero";

zone "xxpost.com" IN {//添加正向解析域

        file "xxpost.com.cnc.hosts";

#       allow-transfer {125.42.176.199;};

        forwarders{ };

zone "176.42.125.in-addr.arpa" IN {//添加反向解析域。

        file "xxpost.com.cnc.local";

include "/etc/rndc.key";

view "OTHERS" {//创建访问列表。

match-clients { any; };

recursion no;

        file "xxpost.com.hosts";

#        allow-transfer {219.150.222.36;};

zone "222.150.219.in-addr.arpa" IN {//添加反向解析域。

        file "xxpost.com.local";

创建网通正反向解析域文件

xxpost.com.cnc.hosts为网通线路域名正向解析域文件

[root@xxpost named]# vi xxpost.com.cnc.hosts

$TTL    86400

@       IN SOA xxpost.com. admin.xxpost.com.(

                2007062012

                3H

                15M

                1W

                1D)

@       IN NS   dns1.xxpost.com.

        IN A    125.42.176.199

dns1    IN A    125.42.176.199

www     IN CNAME        dns1.xxpost.com.

mail    IN CNAME        dns1.xxpost.com.

ftp     IN CNAME        dns1.xxpost.com.

dns     IN CNAME        dns1.xxpost.com.

xxpost.com.cnc.local为网通线路域名反向解析域文件

[root@xxpost named]# vi xxpost.com.cnc.local

$TTL 86400

        20070622;

        28800;

        14400;

        3600000;

        86400);

        IN NS dns1.xxpost.com.

10      IN PTR dns1.xxpost.com.

10      IN PTR [url]www.xxpost.com.[/url]

10      IN PTR mail.xxpost.com.

10      IN PTR ftp.xxpost.com.

100     IN PTR dns.xxpost.com.

创建电信正反向解析域文件

xxpost.com.hosts为电信线路域名正向解析域文件

[root@xxpost named]# vi xxpost.com.hosts

                2007062013

@       IN NS   dns2.xxpost.com.

        IN A    219.150.222.36

dns2    IN A    219.150.222.36

www     IN CNAME        dns2.xxpost.com.

mail    IN CNAME        dns2.xxpost.com.

ftp     IN CNAME        dns2.xxpost.com.

dns     IN CNAME        dns2.xxpost.com.

xxpost.com.local为电信线路域名反向解析域文件

[root@xxpost named]# vi xxpost.com.local

        20070621;

        IN NS dns2.xxpost.com.

10      IN PTR dns2.xxpost.com.

重新启动DNS服务,或重新加载域名解析规则

# /etc/init.d/named stop

# /etc/init.d/named start

# /etc/init.d/named restart

# /etc/init.d/named reload

查询域名测试

[root@xxpost named]# nslookup

> server

Default server: xxpost.com

Address: 125.42.176.199#53

Default server: guangdian.xxpost.com

Address: 219.150.222.33#53

Default server: wangtong.xxpost.com

Address: 125.42.176.193#53

> [url]www.xxpost.com[/url]

Server:         xxpost.com

Address:        125.42.176.199#53

[url]www.xxpost.com [/url] canonical name = dns1.xxpost.com.

Name:   dns1.xxpost.com

Address: 125.42.176.199

> 125.42.176.199

** server can't find 199.176.42.125.in-addr.arpa: NXDOMAIN

测试不是很成功,而且要想让其他地方的网通线路快速登陆网站的话,需要把DNS改成本服务器的地址。

网络 Linux 职场 休闲 切换
上一篇: cisco VoIP软电话配置实验
下一篇: ADSL线路维护故障分析

继续阅读