DNS的视图功能的简单配置。

 1,内网段10.10.54.0/24

      master_IP :10.10.54.20

      slave_IP  :10.10.54.22

   外网段172.16.100.0/24

      172.16.100.20

      172.16.100.21

 其中，NAT主机的eth0网卡IP为10.10.54.20

      eth1网卡的I盘IP为172.16.100.20

   172.16.100.21为外网IP

   10.10.54.22为内网IP

 2，在NAT主机编辑配置文件

    vi /etc/named.conf

---------------------------------------------------------

 options {

        listen-on port 53 { any; };

        listen-on-v6 port 53 { ::1; };

        directory       "/var/named";

        dump-file       "/var/named/data/cache_dump.db";

        statistics-file "/var/named/data/named_stats.txt";

        memstatistics-file "/var/named/data/named_mem_stats.txt";

        allow-query     { any; };

        recursion yes;

           };

       acl  intranet { 10.10.54.0/24 ; };

       acl  internet { 172.16.100.0/24 ; };

view  "lan" {

          match-clients { "intranet"; };

  zone "." IN {

        type hint;

        file "named.ca";

       };

  zone "wang.tiger" IN {

        type master;

        file "named.wang.tiger";

        allow-transfer { 10.10.54.22; };

  };

  zone "54.10.10.in-addr.arpa" IN {

        type  master;

        file "named.54.10.10";

        allow-transfer { 10.10.54.22; };

    };

};

view  "wan" {



   match-clients { "internet"; };



   zone "." IN {

        type hint;

        file "named.ca";

    };

   zone "wang.tiger" IN {

          type master;

          file "named.wang.tiger.inter";

    };

};

--------------------------------------------

vi /var/named/named.wang.tiger

$TTL 86400

@               IN SOA master.wang.tiger. tiger.www.wang.tiger.  (

                  2014010899;

                         3H;

                         15M;

                         1W;

                         1D;

                         ) ;

@               IN      NS      master.wang.tiger. ;

@               IN      NS      slave.wang.tiger. ;

master.wang.tiger.    IN A      10.10.54.20

slave.wang.tiger.     IN A      10.10.54.22

www.wang.tiger.       IN A      10.10.54.20

linux.wang.tiger.     IN CNAME  www.wang.tiger

ftp.wang.tiger.       IN CNAME  www.wang.tiger

----------------------------------------------------------------

vi /var/named/named.54.10.10

$TTL 86400

@               IN SOA master.wang.tiger. tiger.www.wang.tiger.  (

                  2014010899;

                         3H;

                         15M;

                         1W;

                         1D;

                         ) ;

@               IN      NS      master.wang.tiger. ;

@               IN      NS      slave.wang.tiger. ;

20     IN       PTR     master.wang.tiger. ;

22     IN       PTR     slave.wang.tiger. ;

20     IN       PTR     www.wang.tiger. ;

20     IN       PTR     ftp.wang.tiger. ;

20     IN       PTR     linux.wang.tiger. ;

---------------------------------------------------------------

cp -a /var/named/named.wang.tiger  /var/named/named.wang.tiger.inter

vi /var/named/named.wang.tiger.inter

---------------------------------------------------------------

$TTL 86400

@               IN SOA master.wang.tiger. tiger.www.wang.tiger.  (

                  2014010899;

                         3H;

                         15M;

                         1W;

                         1D;

                         ) ;

@               IN      NS      master.wang.tiger. ;

wang.tiger.     IN       A      172.16.100.20

master.wang.tiger.    IN A      172.16.100.20

www.wang.tiger.       IN A      172.16.100.20

linux.wang.tiger.     IN CNAME  www.wang.tiger

ftp.wang.tiger.       IN CNAME  www.wang.tiger

---------------------------------------------------------------------

3，更改客户机的/etc/resolv.conf文件

    172.16.100.21更改为

    nameserver 172.16.100.20

    nameserver 10.10.54.20

    nameserver 10.10.54.22

   10.10.54.22更改为

    nameserver 10.10.54.20

    nameserver 10.10.54.22

    nameserver 172.16.100.20

4,重启NAT主机的DNS服务即可，并开放主机的53号UDP端口

  iptables -A INPUT -i eth1 -p udp --doprt 53 -j ACCEPT

  service named restart

5，测试

    10.10.54.22主机dig www.wang.tiger

   [root@wang ~]# dig www.wang.tiger

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6 <<>> www.wang.tiger

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62354

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:

;www.wang.tiger. IN A

;; ANSWER SECTION:

www.wang.tiger. 86400 IN A 10.10.54.20

;; AUTHORITY SECTION:

wang.tiger. 86400 IN NS master.wang.tiger.

wang.tiger. 86400 IN NS slave.wang.tiger.

;; ADDITIONAL SECTION:

master.wang.tiger. 86400 IN A 10.10.54.20

slave.wang.tiger. 86400 IN A 10.10.54.22

;; Query time: 1 msec

;; SERVER: 10.10.54.20#53(10.10.54.20)

;; WHEN: Thu Jan  9 14:01:58 2014

;; MSG SIZE  rcvd: 121

 172.16.100.21主机dig www.wang.tiger

   [root@wang ~]# dig www.wang.tiger

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6 <<>> www.wang.tiger

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35603

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:

;www.wang.tiger. IN A

;; ANSWER SECTION:

www.wang.tiger. 86400 IN A 172.16.100.20

;; AUTHORITY SECTION:

wang.tiger. 86400 IN NS master.wang.tiger.

;; ADDITIONAL SECTION:

master.wang.tiger. 86400 IN A 172.16.100.20

;; Query time: 0 msec

;; SERVER: 172.16.100.20#53(172.16.100.20)

;; WHEN: Thu Jan  9 14:06:10 2014

;; MSG SIZE  rcvd: 85

###############################################################################