DNS子域授权和分离解析
DNS子域授权
配置子域的DNS服务器的配置文件(192.168.4.2)
修改主配置文件named.conf
[root@redhat6 ~]# vim /var/named/chroot/etc/named.conf
options{
directory "/var/named";
};
zone "bj.tarena.com" IN {
type master;
file "bj.tarena.com.zone";
};
zone "tarena.com" IN {
type forward;
forwarders { 192.168.4.3; };
};
[root@redhat6 ~]# vim /var/named/chroot/var/named/bj.tarena.com.zone
$TTL 86400
@ IN SOA @ root.tarena.com. (
2014052201;
4H;
15M;
4H;
1D;
)
@ IN NS redhat6.tarena.com.;
redhat6 IN A 192.168.4.2;
www IN A 1.2.3.4;
配置父域的DNS服务器的配置文件(192.168.4.2 主机名:redhat5.tarena.com)
named.conf配置文件
[root@redhat5 /]# vim /var/named/chroot/etc/named.conf
options {
directory "/var/named";
};
zone "tarena.com" IN {
type master;
file "tarena.com.zone";
};
区域配置文件
[root@redhat5 /]# vim /var/named/chroot/var/named/tarena.com.zone
$TTL 86400
@ IN SOA tarena.com. root.tarena.com. (
2014052201;
4H;
15M;
4H;
1D;
)
@ IN NS redhat5.tarena.com.;
bj.tarena.com. IN NS redhat6.tarena.com.;
redhat6.tarena.com. IN A 192.168.4.2;
redhat5 IN A 192.168.4.3;
redhat6 IN A 192.168.4.2;
www IN A 192.168.4.100;
验证
在父域上通过父域的DNS服务器解析子域中的域名
[root@redhat5 ~]# host www.bj.tarena.com 192.168.4.2
Using domain server:
Name: 192.168.4.2
Address: 192.168.4.2#53
Aliases:
www.bj.tarena.com has address 1.2.3.4
在子域上通过子域的DNS服务器解析父域中的域名
[root@redhat6 ~]# host www.tarena.com 192.168.4.3
Using domain server:
Name: 192.168.4.3
Address: 192.168.4.3#53
Aliases:
www.tarena.com has address 192.168.4.100
DNS分离解析(192.168.4.3)
让IP地址为192.168.4.1的主机解析一个主机的IP地址时与其他主机解析同一个主机的IP地址不同
修改住配置文件named.conf
[root@redhat5 ~]# hostname
redhat5.tarena.com
[root@redhat5 ~]# vim /var/named/chroot/etc/named.conf
options {
directory "/var/named";
};
acl "mylan" {
192.168.4.1;
};
view "mylan" {
match-clients { mylan; };
zone "tarena.com" IN {
type master;
file "tarena.com.zone.lan";
};
};
view "other" {
match-clients { any; };
zone "tarena.com" IN {
type master;
file "tarena.com.zone.other";
};
};
配置域配置文件
[root@redhat5 ~]# cd /var/named/chroot/var/named/
[root@redhat5 named]# vim tarena.com.zone.lan
$TTL 86400
@ IN SOA tarena.com. root.tarena.com. (
2014052201;
4H;
15M;
4H;
1D;
)
@ IN NS redhat5.tarena.com.;
bj.tarena.com. IN NS redhat6.tarena.com.;
redhat6.tarena.com. IN A 192.168.4.2;
redhat5 IN A 192.168.4.3;
redhat6 IN A 192.168.4.2;
www IN A 2.2.2.2;
[root@redhat5 named]# vim tarena.com.zone.other
$TTL 86400
@ IN SOA tarena.com. root.tarena.com. (
2014052201;
4H;
15M;
4H;
1D;
)
@ IN NS redhat5.tarena.com.;
bj.tarena.com. IN NS redhat6.tarena.com.;
redhat6.tarena.com. IN A 192.168.4.2;
redhat5 IN A 192.168.4.3;
redhat6 IN A 192.168.4.2;
www IN A 3.3.3.3;
[root@redhat5 named]# service named restart
验证
[root@localhost 桌面]# ifconfig network1
network1 Link encap:Ethernet HWaddr 52:54:00:32:06:4A
inet addr:192.168.4.1 Bcast:192.168.4.255 Mask:255.255.255.0
。 。 。 。 。 。
[root@localhost 桌面]# host www.tarena.com 192.168.4.3
Using domain server:
Name: 192.168.4.3
Address: 192.168.4.3#53
Aliases:
www.tarena.com has address 2.2.2.2
使用另一个主机进行验证
[root@redhat6 ~]# ifconfig eth0
eth0 Link encap:Ethernet HWaddr 52:54:00:F7:AC:DD
inet addr:192.168.4.2 Bcast:192.168.4.255 Mask:255.255.2
...................
[root@redhat6 ~]# host www.tarena.com 192.168.4.3
Using domain server:
Name: 192.168.4.3
Address: 192.168.4.3#53
Aliases:
www.tarena.com has address 3.3.3.3