• DNS子域授权与转发配置


    正向区域
    SUB_ZONE_NAME IN NS NSSERVER_SUB_ZONE_NAME

    NSSERVER_SUB_ZONE_NAME IN A IP

    .com

    xingxing.com.

    xingxing.com. IN NS ns1.xingxing.com.
    IN NS ns2.xingxing.com.
    ns1.xingxing.com. IN A 172.16.100.1
    ns2.xingxing.com. IN A 172.16.100.2

    dig -t A www.baidu.com @172.16.100.1

    两台子域//配置主从
    fin.xingxing.com. IN NS ns1.fin.xingxing.com.
    fin.xingxing.com. IN NS ns2.fin.xingxing.com.
    ns1.fin.xingxing.com. IN A 172.16.100.8
    ns2.fin.xingxing.com. IN A 172.16.100.88

    makert.xingxing.com. IN NS ns1.makert.xingxing.com.
    ns1.makert.xingxing.com. IN A 172.16.100.9

    配置步骤如下:
    1- 在主DNS服务器中vi /var/named/xingxing.com.zone授权子域
    vi /var/named/xingxing.com.zone
    增加如下四行信息 增加两个子域fin.xingxing.com. market.xingxing.com.
    in IN NS ns1.fin
    ns1.fin IN A 192.168.1.3
    market IN NS ns1.market
    ns1.market IN A 192.168.1.33
    2- 子域服务器配置
    vi /etc/resolve.conf
    //增加两行
    nameserver 127.0.0.1
    search fin.xingxing.com
    网卡dns配置为本机子域的ip192.168.1.3
    3- 安装bind 、bind-utils。
    配置vi /var/named.rfc1912.conf
    增加子域信息
    zone "fin.xingxing.com" IN {
    type master;
    file "fin.xingxing.com.zone";
    };
    创建并配置fin.xingxing.com.zone文件注意文件权限
    vi /var/named/fin.xingxing.com.zone
    $TTL 86400
    @ IN SOA ns1.fin.xingxing.com. root (
    3 ; serial
    1D ; refresh
    1H ; retry
    1W ; expire
    3H ) ; minimum
    @ IN NS ns1.fin.xingxing.com.
    @ IN MX 5 mail.fin.xingxing.com.
    ns1 IN A 192.168.1.3
    mail IN A 192.168.1.3
    smtp IN A 192.168.1.3
    pop3 IN A 192.168.1.3
    pop IN A 192.168.1.3

    4- 测试解析
    //测试NS记录
    dig -t NS fin.xingxing.com @192.168.1.3

    ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.1 <<>> -t NS fin.xingxing.com @192.168.1.3
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5409
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

    ;; QUESTION SECTION:
    ;fin.xingxing.com. IN NS

    ;; ANSWER SECTION:
    fin.xingxing.com. 86400 IN NS ns1.fin.xingxing.com.

    ;; ADDITIONAL SECTION:
    ns1.fin.xingxing.com. 86400 IN A 192.168.1.3

    ;; Query time: 1 msec
    ;; SERVER: 192.168.1.3#53(192.168.1.3)
    ;; WHEN: Sat Oct 15 19:03:15 2016
    ;; MSG SIZE rcvd: 68

    //测试A记录
    dig -t A mail.fin.xingxing.com @192.168.1.3

    ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.1 <<>> -t A mail.fin.xingxing.com @192.168.1.3
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9231
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

    ;; QUESTION SECTION:
    ;mail.fin.xingxing.com. IN A

    ;; ANSWER SECTION:
    mail.fin.xingxing.com. 86400 IN A 192.168.1.3

    ;; AUTHORITY SECTION:
    fin.xingxing.com. 86400 IN NS ns1.fin.xingxing.com.

    ;; ADDITIONAL SECTION:
    ns1.fin.xingxing.com. 86400 IN A 192.168.1.3

    ;; Query time: 1 msec
    ;; SERVER: 192.168.1.3#53(192.168.1.3)
    ;; WHEN: Sat Oct 15 19:04:13 2016
    ;; MSG SIZE rcvd: 89

    配置转发
    vi /etc/named.conf
    forward first; //only 只找192.168.1.5 first 先找192.168.1.5,如果解析不了就找根
    forwarders { 192.168.1.5; };
    配置转发域指对配置的域就行转发
    vi /etc/named.conf
    zone "xingxing.com" IN {
    type forward;
    forward first;
    forwarders { 192.168.1.5; };
    };

    测试记录
    [root@nagios named]# dig +trace -t A www.baidu.com

    ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.1 <<>> +trace -t A www.baidu.com
    ;; global options: +cmd
    . 518218 IN NS f.root-servers.net.
    . 518218 IN NS g.root-servers.net.
    . 518218 IN NS a.root-servers.net.
    . 518218 IN NS b.root-servers.net.
    . 518218 IN NS i.root-servers.net.
    . 518218 IN NS d.root-servers.net.
    . 518218 IN NS m.root-servers.net.
    . 518218 IN NS h.root-servers.net.
    . 518218 IN NS c.root-servers.net.
    . 518218 IN NS e.root-servers.net.
    . 518218 IN NS j.root-servers.net.
    . 518218 IN NS l.root-servers.net.
    . 518218 IN NS k.root-servers.net.
    ;; Received 228 bytes from 127.0.0.1#53(127.0.0.1) in 3532 ms

    com. 172800 IN NS a.gtld-servers.net.
    com. 172800 IN NS b.gtld-servers.net.
    com. 172800 IN NS c.gtld-servers.net.
    com. 172800 IN NS d.gtld-servers.net.
    com. 172800 IN NS e.gtld-servers.net.
    com. 172800 IN NS f.gtld-servers.net.
    com. 172800 IN NS g.gtld-servers.net.
    com. 172800 IN NS h.gtld-servers.net.
    com. 172800 IN NS i.gtld-servers.net.
    com. 172800 IN NS j.gtld-servers.net.
    com. 172800 IN NS k.gtld-servers.net.
    com. 172800 IN NS l.gtld-servers.net.
    com. 172800 IN NS m.gtld-servers.net.
    ;; Received 491 bytes from 198.41.0.4#53(198.41.0.4) in 6009 ms

    baidu.com. 172800 IN NS dns.baidu.com.
    baidu.com. 172800 IN NS ns2.baidu.com.
    baidu.com. 172800 IN NS ns3.baidu.com.
    baidu.com. 172800 IN NS ns4.baidu.com.
    baidu.com. 172800 IN NS ns7.baidu.com.
    ;; Received 201 bytes from 192.41.162.30#53(192.41.162.30) in 473 ms

    www.baidu.com. 1200 IN CNAME www.a.shifen.com.
    a.shifen.com. 1200 IN NS ns4.a.shifen.com.
    a.shifen.com. 1200 IN NS ns1.a.shifen.com.
    a.shifen.com. 1200 IN NS ns2.a.shifen.com.
    a.shifen.com. 1200 IN NS ns5.a.shifen.com.
    a.shifen.com. 1200 IN NS ns3.a.shifen.com.
    ;; Received 228 bytes from 220.181.37.10#53(220.181.37.10) in 7 ms

  • 相关阅读:
    保持比例图像缩放简易算法
    ASP.Net中自定义Http处理及应用之HttpModule篇
    用于ASP.NET2.0的进度条控件(实时)
    VS2008SP1下jQuery使用初体验
    qau国庆七天乐——A
    现在的信息科学是泡沫吗?
    dp入门问题
    day09 10 11 12 三天函数内容
    day08文件操作
    day02五大运算符:逻辑运算符、成员运算符、算数、比较、赋值、
  • 原文地址:https://www.cnblogs.com/flyback/p/5965161.html
Copyright © 2020-2023  润新知