用到了bind 9的view功能,按ip地址解析不同的地址
dns服务器地址:dns.test.com 192.168.0.211
web服务器地址: 192.168.0.100 192.168.0.200
电信地址:192.168.0.210 解析为192.168.0.100
网通地址:192.168.0.213 解析为192.168.0.200
bind的主配置文件 named.conf
//定义全局配置选项
options {
//配置文件工作目录
directory"/var/named";
//域名转发器
forwarders {
192.168.0.1;
};
};
key "rndc-key" {
algorithm hmac-md5;
secret "dT68MZ0x70oXNKQ59NFpeQ==";
};
//rndc命令使用的控制通道
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
//ip地址访问列表
acl "telecom" {
192.168.0.210;
};
acl "cnc" {
192.168.0.213;
};
//使用view功能时,所有zone必须包含在view里面
//电信
view "telecom" {
//匹配acl列表
match-clients { "telecom"; };
//递归查询
recursion yes;
//定义根区声明
zone "." IN {
type hint;
file "named.ca";
};
//定义localhost正向解析区声明
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
//定义test.com正向解析区声明
zone "test.com" IN {
type master;
file "test.zone.telecom";
allow-update { none; };
};
zone "0.168.192.in-addr.arpa" IN {
type master;
file "0.168.192.arpa";
allow-update { none; };
};
};
//网通
view "cnc" {
match-clients { "cnc"; };
recursion yes;
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "test.com" IN {
type master;
file "test.zone.cnc";
allow-update { none; };
};
zone "0.168.192.in-addr.arpa" IN {
type master;
file "0.168.192.arpa";
allow-update { none; };
};
};
电信地址的zone文件 test.zone.telecom
//定义出这个记录档案面的各项记录的预设TTL 值
$TTL 86400
//ORIGIN设定﹐说明下面的记录源出何处
$ORIGIN test.com.
//"@"代表$ORIGIN后面的域名test.com
//以"."结尾的域名FQDN,如无"."则系统会在后面加上"@"代表的域名
@ 1D IN SOA test.com. root.test.com (
42
3H
15M
1W
1D )
1D IN NS dns.test.com.
dns 1D IN A 192.168.0.211
www 1D IN A 192.168.0.100
网通地址的zone文件 test.zone.cnc
$TTL 86400
$ORIGIN test.com.
@ 1D IN SOA test.com. root.test.com (
42
3H
15M
1W
1D )
1D IN NS dns.test.com.
dns 1D IN A 192.168.0.211
www 1D IN A 192.168.0.200
反向解析文件 0.168.192.arpa
$TTL 86400
@ IN SOA test.com root.test.com. (
1997022700
28800
14400
3600000
86400 )
IN NS dns.test.com.
100 IN PTR .
200 IN PTR .
211 IN PTR dns.test.com.
里面不能缺少dns的PTR记录,否则在客户端用nslookup命令查询时会有错误提示 :
** Can't find server name for address 192.168.0.211: Non-existent domain
*** Default servers are not available
Default Server: UnKnown
Address: 192.168.0.211
正确的提示为:
Default Server: dns.test.com
Address: 192.168.0.211
阅读(2123) | 评论(0) | 转发(0) |