44 bind高级

于 2019-04-22 00:54:43 发布
阅读量120 收藏
点赞数
CC 4.0 BY-SA版权
分类专栏: linux运维 文章标签: bind进阶
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.youkuaiyun.com/qq_23901925/article/details/89443062

主从dns

1.配置从区域文件
zone "leizhichao.com" IN {
​        type slave;
​        file "slaves/leizhichao.com.zone";
​        masters { 192.168.113.128; };
};
2.配置数据文件

区域配置文件为每一个服务器配置ns记录

vim /etc/named/leizhichao.com.zone

$TTL 3600

@       IN      SOA     @  ADMIN1 (
​                20180813
​                1H
​                10M
​                3D
​                1D )
​        IN      NS      ns1
​        IN      MX      10 mx1
​        IN      NS      ns2
ns1     IN      A       192.168.113.128
ns2     IN      A       192.168.113.150
mx1     IN      A       192.168.113.120
www     IN      A       192.168.113.128
web     IN      CNAME   www
bbs     IN      A       192.168.113.128
bbs     IN      A       192.168.113.129

更改数据库文件以后

Apr 18 22:51:30 localhost named[3898]: zone leichaolinux1.com/IN: transferred serial 2
Apr 18 22:51:30 localhost named[3898]: transfer of 'leichaolinux1.com/IN' from 192.168.113.149#53: Transfer completed: 1 messages, 9 records, 253 bytes, 0.002 secs (126500 bytes/sec)
Apr 18 22:51:30 localhost named[3898]: zone leichaolinux1.com/IN: sending notifies (serial 2)

子域授权(同1设备)

1.新建区域配置文件
zone "xa.leichaolinux1.com" IN {
	type master;
	file "xa.lc.zone";
};
2.新建子域数据库配置文件
cat  xa.lc.zone 
$TTL 1D
@	IN SOA	dns1 		admin.leichao.com. (
					2	; serial
					1D	; refresh
					1H	; retry
					1W	; expire
					3H )	; minimum
		NS	dns1
dns1	A	192.168.113.149
www		A	8.8.8.8

测试
dig www.xa.leichaolinux1.com @192.168.113.149
www.xa.leichaolinux1.com. 86400	IN	A	8.8.8.8

在不同设备上授权子域

1.主域的数据库配置文件
[root@node1 named]# cat /var/named/lc.zone 
$TTL 1D
@	IN SOA	dns1.leichaolinux1.com. admin.leichao.com. (
					2	; serial
					1D	; refresh
					1H	; retry
					1W	; expire
					3H )	; minimum
	NS	dns1
xa6	NS	dns2  #授权子域
dns1	A	192.168.113.149  #父域
dns2	A	192.168.113.161  #授权节点
www		A	192.168.113.151
www.zz	A	3.3.3.3
2.授权子域的节点区域配置
zone "xa6.leichaolinux1.com" IN {
	type master;
	file "xa.zone";
};
3.授权子域的节点数据库配置
[root@localhost named]# cat /var/named/xa.zone 
$TTL 1D
@	IN SOA	dns1 admin.qq.com (
					0	; serial
					1D	; refresh
					1H	; retry
					1W	; expire
					3H )	; minimum
	NS	dns1
dns1	A	192.168.113.161
web	A	6.6.6.8
www	CNAME	web

转发区域

  • 全局转发
  • 特点区域转发
  • rndc flush-清空缓存
  • recursion yes;是否决定向根域查询

1.修改配置文件

forward first;
forwarders {192.168.113.149;}; #配置转发即可
	dnssec-enable no;
	dnssec-validation no;

访问控制指令

allow-query 查询

allow-transfer 传送

view 视图

格式:
vim /etc/named.conf
acl xa {192.168.113.0/24;};
acl sx {192.168.79.0/24;};
view xaview {
	match-clients { xa;};
	zone "lcs1.com.zone"  {
        type master;
        file "lc6.zone";
	};
	include  "/etc/named.rfc1912.zones";
};

view sxview {
	match-clients {sx;};
	zone "leicc.com.zone"  {
		type master;
		file "lc6.zone1";};
	include  "/etc/named.rfc1912.zones";
};
include "/etc/named.root.key";
{所有zone都必须在view试图里,把ca转移到rfc1912.zones}
cat lc6.zone
[root@localhost named]# cat /var/named/lc6.zone
$TTL 1D
@	IN SOA	dns1 admin.qq.com (
					0	; serial
					1D	; refresh
					1H	; retry
					1W	; expire
					3H )	; minimum
		NS	dns1
dns1	A	192.168.113.161
web		A	6.6.6.8
www	CNAME	web

cat lc6.zone1
[root@localhost named]# cat /var/named/lc6.zone1
$TTL 1D
@	IN SOA	dns1 admin.qq.com (
					0	; serial
					1D	; refresh
					1H	; retry
					1W	; expire
					3H )	; minimum
		NS	dns1
dns1	A	192.168.113.161
web		A	6.6.6.9
www	CNAME	web
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值