标签:10.0 named 00 magedu 0.8 智能 DNS org 搭建
利用view实现智能DNS
环境要求:
需要五台主机
DNS主服务器和web服务器1:10.0.0.8/24,172.16.0.8/16
web服务器2:10.0.0.7/24
web服务器3:172.16.0.7/16
DNS客户端1:10.0.0.6/24
DNS客户端2:172.16.0.6/16
前提准备
关闭SElinux
关闭防火墙
时间同步
实现步骤:
1、DNS 服务器的网卡配置
#配置两个IP地址
#eth0:10.0.0.8/24
#eth1: 172.16.0.8/16
ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group
default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group
default qlen 1000
link/ether 00:0c:29:f9:8d:90 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.8/24 brd 10.0.0.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fef9:8d90/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group
default qlen 1000
link/ether 00:0c:29:f9:8d:11 brd ff:ff:ff:ff:ff:ff
inet 172.16.0.8/16 brd 172.16.0.255 scope global noprefixroute eth1
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe11:8d90/64 scope link
valid_lft forever preferred_lft forever
2、主DNS服务端配置文件实现 view
yum install bind -y
vim /etc/named.conf
#在文件最前面加下面行
acl beijingnet {
10.0.0.0/24;
};
acl shanghainet {
172.16.0.0/16;
};
acl othernet {
any;
};
#注释掉下面两行
// listen-on port 53 { 127.0.0.1; };
// allow-query { localhost; };
#其它略
# 创建view
view beijingview {
match-clients { beijingnet;};
include "/etc/named.rfc1912.zones.bj";
};
view shanghaiview {
match-clients { shanghainet;};
include "/etc/named.rfc1912.zones.sh";
};
view otherview {
match-clients { othernet;};
include "/etc/named.rfc1912.zones.other";
};
include "/etc/named.root.key";
3、实现区域配置文件
vim /etc/named.rfc1912.zones.bj
zone "." IN {
type hint;
file "named.ca";
};
zone "magedu.org" {
type master;
file "magedu.org.zone.bj";
};
vim /etc/named.rfc1912.zones.sh
zone "." IN {
type hint;
file "named.ca";
};
zone "magedu.org" {
type master;
file "magedu.org.zone.sh";
};
vim /etc/named.rfc1912.zones.other
zone "." IN {
type hint;
file "named.ca";
};
zone "magedu.org" {
type master;
file "magedu.org.zone.other";
};
chgrp named /etc/named.rfc1912.zones.bj
chgrp named /etc/named.rfc1912.zones.sh
chgrp named /etc/named.rfc1912.zones.other
4、创建区域数据库文件
vim /var/named/magedu.org.zone.bj
$TTL 1D
@ IN SOA master admin.magedu.org. (
2019042214 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS master
master A 10.0.0.8
websrv A 10.0.0.7
www CNAME websrv
vim /var/named/magedu.org.zone.sh
$TTL 1D
@ IN SOA master admin.magedu.org. (
2019042214 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS master
master A 10.0.0.8
websrv A 172.16.0.7
www CNAME websrv
vim /var/named/magedu.org.zone.other
$TTL 1D
@ IN SOA master admin.magedu.org. (
2019042214 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS master
master A 10.0.0.8
websrv A 127.0.0.1
www CNAME websrv
chgrp named /var/named/magedu.org.zone.bj
chgrp named /var/named/magedu.org.zone.sh
chgrp named /var/named/magedu.org.zone.other
systemctl start named #第一次启动服务
rndc reload #不是第一次启动服务
5、实现位于不同区域的三个WEB服务器
#分别在三台主机上安装http服务
#在web服务器1:10.0.0.8/24实现
yum install httpd
echo www.magedu.org in Other > /var/www/html/index.html
systemctl start httpd
#在web服务器2:10.0.0.7/16
echo www.magedu.org in Beijing > /var/www/html/index.html
systemctl start httpd
#在web服务器3:172.16.0.7/16
yum install httpd
echo www.magedu.org in Shanghai > /var/www/html/index.html
systemctl start httpd
6、客户端测试
#分别在三台主机上访问
#DNS客户端1:10.0.0.6/24 实现,确保DNS指向10.0.0.8
curl www.magedu.org
www.magedu.org in Beijing
#DNS客户端2:172.16.0.6/16 实现,确保DNS指向172.16.0.8
curl www.magedu.org
www.magedu.org in Shanghai
#DNS客户端3:10.0.0.8 实现,,确保DNS指向127.0.0.1
curl www.magedu.org
www.magedu.org in Other
搜索
复制
标签:10.0,named,00,magedu,0.8,智能,DNS,org,搭建 来源: https://www.cnblogs.com/haiyueruxi/p/16275640.html
本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享; 2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关; 3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关; 4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除; 5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。