分类: LINUX
2009-08-27 11:17:13
测试环境: CentOS 4.7
软件包: bind-9.2.4-28.el4.i386.rpm
bind-chroot-9.2.4-28.el4.i386.rpm
测试域名: 99roses.org
测试机器:
DNS服务器: 192.168.100.44
Web服务器: 192.168.100.3 192.168.100.4 192.168.100.100
客户机: 192.168.100.122(模拟网通) 192.168.100.45(模拟电信)
相关配置文件目录:
#主配置文件
/var/named/chroot/etc/named.conf
#网通地址池
/var/named/chroot/var/named/cnc_acl.conf
#电信地址池
/var/named/chroot/var/named/telecom_acl.conf
#域名配置文件
/var/named/chroot/var/named/cnc.def #网通段解析列表
/var/named/chroot/var/named/telecom.def #电信段解析列表
/var/named/chroot/var/named/any.def #其他段解析列表
#域名解析文件
/var/named/chroot/var/named/cnc/99roses.org #网通段域名解析文件
/var/named/chroot/var/named/telecom/99roses.org #电信段域名解析文件
/var/named/chroot/var/named/any/99roses.org #其他段域名解析文件
一、主配置文件:
options {
directory “/var/named”;
};
#日志文件
logging {
channel warning {
file “/var/log/dns_warning” versions 3 size 1240k;
severity warning;
print-category yes;
print-severity yes;
print-time yes;
};
channel general_dns {
file “/var/log/dns_log” versions 3 size 1240k;
severity info;
print-category yes;
print-severity yes;
print-time yes;
};
category default {
warning;
};
category queries {
general_dns;
};
};
#电信网通 地址池
include “cnc_acl.conf”;
include “telecom_acl.conf”;
#设置网通选择地址池以及域名配置文件
view “view_cnc” {
match-clients {
CNC; //选择cnc中的 “CNC” ACL
};
zone “.” {
type hint;
file “named.ca”;
};
include “master/cnc.def”;
};
#设置电信选择地址池以及域名配置文件
view “view_telecom” {
match-clients {
TELECOM; //选择telecom中的 “TELECOM” ACL
};
zone “.” {
type hint;
file “named.ca”;
};
include “master/telecom.def”;
};
#设置当IP地址段不在电信或者网通地址池中时选择的相应的配置文件
view “view_any” {
match-clients {
any;
};
zone “.” {
type hint;
file “named.ca”;
};
include “master/any.def”;
};
二、地址池:
#网通地址池
/var/named/chroot/var/named/cnc_acl.conf
acl “CNC” { //设置ACL 别名为 “CNC”
192.168.100.122 ;
};
#电信地址池
/var/named/chroot/var/named/telecom_acl.conf
acl “TELECOM” { //设置ACL别名为 “TELECOM”
192.168.100.45 ;
};
三、域名配置文件:
#网通段解析列表
/var/named/chroot/var/named/cnc.def
zone “99roses.org”{
type master;
file “master/cnc/99roses.org”; //域名解析文件路径
};
#电信段解析列表
/var/named/chroot/var/named/telecom.def
zone “99roses.org”{
type master;
file “master/telecom/99roses.org”; //域名解析文件路径
};
#其他段解析列表
/var/named/chroot/var/named/any.def
zone “99roses.org”{
type master;
file “master/any/99roses.org”; //域名解析文件路径
};
四、域名解析文件
#网通段域名解析文件
/var/named/chroot/var/named/cnc/99roses.org
$TTL 3600
$ORIGIN 99roses.org.
@ IN SOA ns.99roses.org. root.ns.99roses.org. (
2008080901; Serial
3600 ; Refresh ( seconds )
900 ; Retry ( seconds )
68400 ; Expire ( seconds )
15 ; Minimum TTL for Zone ( seconds )
)
@ IN NS ns.99roses.org.
ns IN A 192.168.100.44
www IN A 192.168.100.3
* IN A 192.168.100.3
#电信段域名解析文件
/var/named/chroot/var/named/telecom/99roses.org
$TTL 3600
$ORIGIN 99roses.org.
@ IN SOA ns.99roses.org. root.ns.99roses.org. (
2008080901 ; Serial
3600 ; Refresh ( seconds )
900 ; Retry ( seconds )
68400 ; Expire ( seconds )
15 ; Minimum TTL for Zone ( seconds )
)
@ IN NS ns.99roses.org.
ns IN A 192.168.100.44
www IN A 192.168.100.4
* IN A 192.168.100.4
#其他段域名解析文件
/var/named/chroot/var/named/any/99roses.org
$TTL 3600
$ORIGIN 99roses.org.
@ IN SOA ns.99roses.org. 99roses.org. (
2008080901 ; Serial
3600 ; Refresh ( seconds )
900 ; Retry ( seconds )
68400 ; Expire ( seconds )
15 ; Minimum TTL for Zone ( seconds )
)
@ IN NS ns.99roses.org.
ns IN A 192.168.100.44
www IN A 192.168.100.100
* IN A 192.168.100.4
最后copy named.ca到/var/named/chroot/var/named/目录下
然后service named restart
附:
电信地址段下载地址:
(编辑好的电信网段地址,下载后改后缀名为.conf即可使用)
网通地址段下载地址:
(编辑好的电信网段地址,下载后改后缀名为.conf即可使用)
named.ca 下载地址:
(named.ca下载,下载后去掉.txt即可)
感谢 成都世纪东方网络通信有限公司() 提供的电信 网通网段IP地址!
