DNS域名解析基本过程

BIND主从模式下实现View智能寻线_第1张图片


DNS主从模式下实现VIEW智能寻线

网络拓扑图如下:

BIND主从模式下实现View智能寻线_第2张图片

实现步骤如下:

1、主DNS

主配置文件 /etc/named.conf

acl innet {
        192.168.1.0/24;
        127.0.0.0/8;
};
options {
        directory "/var/named";
        allow-recursion { innet; };
        notify  yes;
        querylog yes;
};
logging {
        channel query_log {
                file "/var/log/named/bind_query.log" versions 5 size 10M;
                severity dynamic;
                print-category yes;
                print-time yes;
                print-severity yes;
        };
        channel xfer_log {
                file "/var/log/named/transfer.log" versions 3 size 10k;
                severity debug 3;
                print-time yes;
        };
        category queries { query_log; };
        category xfer-out { xfer_log; };
};
view telecomsync {
        match-clients { 192.168.1.111; };
        allow-transfer { 192.168.1.111; };
        zone "soulboy.com" IN {
        type master;
        file "telecom.soulboy.com.zone";
        };
};
view unicomsync {
        match-clients {  192.168.1.112;  };
        allow-transfer { 192.168.1.112; };
        zone "soulboy.com" IN {
        type master;
        file "unicom.soulboy.com.zone";
        };
};
view telecom {
        match-clients { innet; };
        zone "soulboy.com" IN {
        type master;
        file "telecom.soulboy.com.zone";
        };
};
view unicom {
        match-clients {  any;  };
        zone "soulboy.com" IN {
        type master;
        file "unicom.soulboy.com.zone";
        };
};

正向区域文件/var/named/telecom.soulboy.com.zone

$TTL 43200
@       IN      SOA     ns1.soulboy.com.  admin.soulboy.com.    (
                        2013040202
                        1H
                        10M
                        7D
                        1D      )
                IN      NS      ns1
                IN      NS      ns2
                IN      MX  10  mail
ns1             IN      A       192.168.1.104
ns2             IN      A       192.168.1.110
mail            IN      A       192.168.1.105
www             IN      A       192.168.1.106
ftp             IN      CNAME   www
*.soulboy.com.  IN      A       192.168.1.140
fin             IN      NS      ns1.fin
ns1.fin         IN      A       192.168.1.160

正向区域文件/var/named/unicom.soulboy.com.zone

$TTL 43200
@       IN      SOA     ns1.soulboy.com.  admin.soulboy.com.    (
                        2013040202
                        1H
                        10M
                        7D
                        1D      )
                IN      NS      ns1
                IN      NS      ns2
                IN      MX  10  mail
ns1             IN      A       192.168.1.104
ns2             IN      A       192.168.1.110
mail            IN      A       192.168.1.115
www             IN      A       192.168.1.116
ftp             IN      CNAME   www
*.soulboy.com.  IN      A       192.168.1.140
fin             IN      NS      ns1.fin
ns1.fin         IN      A       192.168.1.160


2、辅助DNS(区域文件自动同步)

主配置文件 /etc/named.conf

acl innet {
        192.168.1.0/24;
        127.0.0.0/8;
};
options {
        directory "/var/named";
        allow-recursion { innet; };
        notify  yes;
        querylog yes;
};
logging {
        channel query_log {
                file "/var/log/named/bind_query.log" versions 5 size 10M;
                severity dynamic;
                print-category yes;
                print-time yes;
                print-severity yes;
        };
        channel xfer_log {
                file "/var/log/named/transfer.log" versions 3 size 10k;
                severity debug 3;
                print-time yes;
        };
        category queries { query_log; };
        category xfer-out { xfer_log; };
};
view telecom {
        match-clients { innet; };
        transfer-source 192.168.1.111;
        zone "soulboy.com" IN {
        type slave;
        file "slaves/telecom.soulboy.com.zone";
        masters { 192.168.1.104; };
        allow-transfer { none; };
        };
};
view unicom {
        match-clients { any; };
        transfer-source 192.168.1.112;
        zone "soulboy.com" IN {
        type slave;
        file "slaves/unicom.soulboy.com.zone";
        masters { 192.168.1.104; };
        allow-transfer { none; };
        };
};


3、子域(fin.soulboy.com)

主配置文件 /etc/named.conf

options {
        directory "/var/named";
};
zone "." IN {
        type hint;
        file "named.ca";
};
zone "localhost" IN {
        type master;
        file "named.localhost";
        allow-transfer { none; };
};
zone "0.0.127.in-addr.arpa" IN {
        type master;
        file "named.loopback";
        allow-transfer { none; };
};
zone "fin.soulboy.com" IN {
        type master;
        file "fin.soulboy.com.zone";
};
zone "soulboy.com" IN {
        type forward;
        forward first;
        forwarders      { 192.168.1.104; };
};

正向区域配置文件/var/named/fin.soulboy.com.zone

$TTL 600
@       IN      SOA     ns1.fin.soulboy.com.    admin.fin.soulboy.com. (
        2013050105
        1H
        5M
        2D
        6H  )
                IN      NS      ns1
                IN      MX  10  mail
ns1             IN      A       192.168.1.160
mail            IN      A       192.168.1.166
www             IN      A       192.168.1.160


4、测试

客户端使用辅助DNS解析:

   View会根据客户端IP(172.168.1.10)智能的为其选择匹配的区域文件unicom.soulboy.com.zone(解析地址应为192.168.1.116),结果如下图:

BIND主从模式下实现View智能寻线_第3张图片


路由器使用辅助DNS解析:

   View会根据路由器IP(192.168.1.254)智能的为其选择匹配的区域文件telecom.soulboy.com.zone(解析地址应为192.168.1.106),结果如下图:

BIND主从模式下实现View智能寻线_第4张图片

至此足可证明主从DNS工作正常,没有问题。


客户端使用辅助DNS解析子域(fin.soulboy.com),结果如下图:

BIND主从模式下实现View智能寻线_第5张图片


路由器使用复制DNS解析子域(www.fin.soulboy.com),结果如下图:

BIND主从模式下实现View智能寻线_第6张图片

至此足以证明主从DNS和子域(fin.soulboy.com)工作正常,没有问题。