利用veiw建立Centos5.5 双机智能DNS手册
利用
veiw建立Centos5.5 双机智能DNS手册
一、 环境
1、
2台centos5.5服务器
2、
ip规划:NS1:192.168.253.251
NS2:
192.168.253.252
192.168.253.250(同步电信使用)
192.168.253.253(同步联通使用)
192.168.253.250(同步移动使用)
二、基础配置
1、
NS1指定DNS服务器为192.168.253.252/192.168.253.251
NS2指定
DNS服务器为192.168.253.251/192.168.253.252
2、同步系统时间
三、
DNS组件安装
#yum install bind
#yum install bind-libs
#yum install bind-utils
#yum install bind-chroot
#yum install caching-nameserver
四、主
DNS配置
1、
named.conf配置
[root@localhost etc]# vi named.conf
options {
directory "/var/named";
listen-on port 53 {any;};
};
include "/etc/ct.cfg";
include "/etc/cnc.cfg";
include "/etc/mob.cfg";
view "ct_zone" {
match-clients { ct;192.168.253.250; };
recursion yes;
zone "test.cn" {
type master;
allow-transfer { 192.168.253.250; };
allow-update { none; };
file "ct/test.cn";
};
zone "." IN {
type hint;
file "named.ca";};
};
view "cnc_zone" {
match-clients {cnc;192.168.253.253; };
recursion yes;
zone "test.cn" {
type master;
allow-update { none; };
allow-transfer { 192.168.253.253; };
file "cnc/test";};
zone "." IN {
type hint;
file "named.ca";};
};
view "mob_zone" {
match-clients {mob;192.168.253.254; };
recursion yes;
zone "test" {
type master;
allow-update { none; };
allow-transfer {192.168.253.254; };
file "mob/test";
};
zone "." IN {
type hint;
file "named.ca";};
};
2、
3家isp地址段定义ct.cfg\cnc.cfg\mob.cfg
acl ct {
10.31.0.0/16;
58.16.0.0/14;
……….};
acl cnc {
58.32.0.0/11;
58.208.0.0/12;
……….};
acl mob {
211.136.0.0/16;
211.137.0.0/16;
……….};
3、建立
3个存放zone文件的文件夹
4、在
ct\cnc\mob文件夹下分别建立test.cn
ct:
test.cn
$TTL 3600
; 1 hour default TTL
@ IN SOA ns1. test.cn. mail. test.cn. (
2012082104 ;Serial
7200 ;Refresh
3600 ;Retry
1209600 ;Expire
3600 ;Negative Reponse TTL
)
;DNS Servers
@
IN NS ns1.test.cn.
@
IN NS ns2.test.cn.
ns1
A 192.168.253.251
ns2
A 192.168.253.252
Www
A 1.1.1.1
====================================================================
Mob: test.cn
$TTL 3600
; 1 hour default TTL
@ IN SOA ns1. test.cn. skss. test.cn. (
2012082104 ;Serial
7200 ;Refresh
3600 ;Retry
1209600 ;Expire
3600 ;Negative Reponse TTL
)
;DNS Servers
@
IN NS ns1.test.cn.
@
IN NS ns2.test.cn.
ns1
A 192.168.253.251
ns2
A 192.168.253.252
Www
A 2.2.2.2
====================================================================
Cnc: test.cn
$TTL 3600
; 1 hour default TTL
@ IN SOA ns1. test.cn. skss. test.cn. (
2012082104 ;Serial
7200 ;Refresh
3600 ;Retry
1209600 ;Expire
3600 ;Negative Reponse TTL
)
;DNS Servers
@
IN NS ns1.test.cn.
@
IN NS ns2.test.cn.
ns1
A 192.168.253.251
ns2
A 192.168.253.252
Www
A 3.3.3.3
五、备机配置
1、安装
dns组件
#yum install bind
#yum install bind-libs
#yum install bind-utils
#yum install bind-chroot
#yum install caching-nameserver
2、配置网卡地址
3、配置
named.conf
options {
directory "/var/named";
listen-on port 53 {any;};
};
include "/etc/ct.cfg";
include "/etc/cnc.cfg";
include "/etc/mob.cfg";
view "ct_zone" {
match-clients { ct;192.168.253.250;};
transfer-source 192.168.253.250;
recursion yes;
zone "test.cn" {
type slave;
masters {192.168.253.251;};
file "ct/test.cn";
};
zone "." IN {
type hint;
file "named.ca";};
};
view "cnc_zone" {
match-clients {cnc;192.168.253.253; };
transfer-source 192.168.253.253;
recursion yes;
zone "test.cn" {
type slave;
masters {
192.168.253.251;};
file "cnc/test.cn";
};
zone "." IN {
type hint;
file "named.ca";};
};
view "mob_zone" {
match-clients {mob;192.168.253.254; };
transfer-source 192.168.253.254;
recursion yes;
zone "test.cn" {
type slave;
masters {
192.168.253.251;};
file "mob/test.cn";
};
zone "." IN {
type hint;
file "named.ca";};
};
4、建立
3家isp地址段文件acl文件(与主一致)
5、建立存放
zone文件的文件夹
6、写入权限
chomn 770 ct cnc mob
chmod named.named ct cnc mob
六、测试
启动
2台服务器的DNS服务
用
3家运行商地址分别解析,查看结果