DNS资源类型DNAME

saturn254

已于 2022-10-23 10:20:03 修改

阅读量1.5k

点赞数 1

分类专栏： DNS 文章标签：网络

于 2022-09-23 15:48:54 首次发布

本文链接：https://blog.csdn.net/saturn254/article/details/127012373

版权

DNS 专栏收录该内容

2 篇文章 0 订阅

订阅专栏

DNAME概念

缩写：Non-Terminal DNS Name Redirection

概念：完成一个域名的完整子树到其他域的映射

对应英文：
which provides the capability to map
an entire subtree of the DNS name space to another domain

DNAME provides redirection from a part of the DNS name
tree to another part of the DNS name tree.

与CNAME区别

dname可完成域的整个子域的映射；cname只能完成一个具体域名的映射，不包含子域

适用场景

解决一个公司改名称，或者收购另外一个公司时跳转问题

DNAME规范RFC文档

最早版本： Non-Terminal DNS Name Redirection RFC2672
DNAME Redirection in the DNS RFC6672
RFC 3363
CNAME RR [RFC1034]

格式，rrset type值

格式：
DNAME

rrset type: type code 39

配置举例

组织变更名称

If an organization with domain name FROBOZZ.EXAMPLE became part of an
organization with domain name ACME.EXAMPLE, it might ease transition
by placing information such as this in its old zone.

   frobozz.example.  DNAME    frobozz-division.acme.example.
                     MX       10       mailhub.acme.example.

The response to an extended recursive query for www.frobozz.example
would contain, in the answer section, the DNAME record shown above
and the relevant RRs for www.frobozz-division.acme.example.

自动完成子域名从dname到cname的映射，比如
test.com.zone

$TTL 3600
@  IN SOA local.test.com. mail.test.com. (
        3606
        3600
        3600
        3600
        3600 )

ns.test.com. 600 IN A  10.10.80.110
test.com. 86400 IN NS  ns.test.com.
www.test.com. 600 IN A  10.10.80.102
sub.test.com. DNAME dtest.com.

dtest.com.zone

$TTL 3600
@  IN SOA local.dtest.com. mail.dtest.com. (
        3609
        3600
        3600
        3600
        3600 )

dtest.com. 86400 IN NS  dtest.dtest.com.
dtest.dtest.com. 86400 IN A  10.9.1.111
Mail.dtest.com. 600 IN MX 10 mail.dtest.com.

txt.dtest.com. 600 IN TXT  "“This is a FTP server.”"
web.dtest.com. 600 IN CNAME  www.dtest.com.
www.dtest.com. 600 IN A  13.1.1.1
www.dtest.com. 600 IN AAAA  2003::1
_web._tcp.dtest.com. 600 IN SRV  10 10 5555 www.dtest.com.

验证结果

[root@bogon3 zone]# dig @127.0.0.1 web.sub.test.com     

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.5 <<>> @127.0.0.1 web.sub.test.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11180
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;web.sub.test.com.              IN      A

;; ANSWER SECTION:
sub.test.com.           3600    IN      DNAME   dtest.com.
web.sub.test.com.       3600    IN      CNAME   web.dtest.com. 
web.dtest.com.          600     IN      CNAME   www.dtest.com.
www.dtest.com.          600     IN      A       13.1.1.1

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Sep 23 00:30:16 CST 2022
;; MSG SIZE  rcvd: 120

注意其中：
web.sub.test.com. 3600 IN CNAME web.dtest.com. 这条结果是DNS系统自动完成的映射，在配置中未体现，根据DNAME配置，完成子域名web.$(DNAME) ==>到web.映射后网址

更短的前缀

Title: Classless Delegation of Shorter Prefixes

The classless scheme for in-addr.arpa delegation [INADDR] can be
extended to prefixes shorter than 24 bits by use of the DNAME record.
For example, the prefix 192.0.8.0/22 can be delegated by the
following records.

   $ORIGIN 0.192.in-addr.arpa.
   8/22    NS       ns.slash-22-holder.example.
   8       DNAME    8.8/22
   9       DNAME    9.8/22
   10      DNAME    10.8/22
   11      DNAME    11.8/22

A typical entry in the resulting reverse zone for some host with
address 192.0.9.33 might be

   $ORIGIN 8/22.0.192.in-addr.arpa.
   33.9    PTR     somehost.slash-22-holder.example.

The same advisory remarks concerning the choice of the “/” character
apply here as in [INADDR].

举例:

zone.conf文件

zone "190.in-addr.arpa." IN
{
   type master;
   check-names ignore;
   file "/usr/local/UniteDns/var/zone/190.in-addr.arpa.zone";
};


zone "in-addr.example.net." IN
{
   type master;
   check-names ignore;
   file "/usr/local/UniteDns/var/zone/in-addr.example.net.zone";
};


zone "in-addr.customer.example." IN
{
   type master;
   check-names ignore;
   file "/usr/local/UniteDns/var/zone/in-addr.customer.example.zone";
};

190.in-addr.arpa.zone文件:

$TTL 3600
@  IN SOA local.8.0.192.in-addr.arpa. mail.8.0.192.in-addr.arpa. (
        3600
        3600
        3600
        3600
        3600 )
      NS  ns.190.in-addr.arpa.
ns.190.in-addr.arpa. IN A 10.10.80.110
#189.190.in-addr.arpa.    IN       DNAME    in-addr.example.net.
189    IN       DNAME    in-addr.example.net.

注意：zone文件中绝对域名和相对域名

in-addr.example.net.zone

$TTL 3600
@  IN SOA local.8.0.192.in-addr.arpa. mail.8.0.192.in-addr.arpa. (
        3600
        3600
        3600
        3600
        3600 )
   NS ns.in-addr.example.net.
ns.in-addr.example.net. IN A 10.10.80.110
188               DNAME    in-addr.customer.example.
1               DNAME    in-addr.customer.example.

in-addr.customer.example.zone

$TTL 3600
@  IN SOA local.8.0.192.in-addr.arpa. mail.8.0.192.in-addr.arpa. (
        3600
        3600
        3600
        3600
        3600 )
   NS ns.in-addr.customer.example.
ns.in-addr.customer.example. IN A 10.10.80.110
1                 PTR      www.customer.example.
2                 PTR      mailhub.customer.example

拨测验证:

[root@bogon3 xxx]# dig @127.0.0.1 -x 190.189.188.1

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.5 <<>> @127.0.0.1 -x 190.189.188.1
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 322
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;1.188.189.190.in-addr.arpa.    IN      PTR

;; ANSWER SECTION:
189.190.in-addr.arpa.   3600    IN      DNAME   in-addr.example.net.
1.188.189.190.in-addr.arpa. 3600 IN     CNAME   1.188.in-addr.example.net.
188.in-addr.example.net. 3600   IN      DNAME   in-addr.customer.example.
1.188.in-addr.example.net. 3600 IN      CNAME   1.in-addr.customer.example.
1.in-addr.customer.example. 3600 IN     PTR     www.customer.example.

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Sep 23 23:45:38 CST 2022
;; MSG SIZE  rcvd: 219

有两次DNAME过程，
DNAME->CNAME->DNAME

dig PTR 190.189.1.1

dig @127.0.0.1 -x 190.189.1.1

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.5 <<>> @127.0.0.1 -x 190.189.1.1
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14114
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;1.1.189.190.in-addr.arpa.      IN      PTR

;; ANSWER SECTION:
189.190.in-addr.arpa.   3600    IN      DNAME   in-addr.example.net.
1.1.189.190.in-addr.arpa. 3600  IN      CNAME   1.1.in-addr.example.net.
1.in-addr.example.net.  3600    IN      DNAME   in-addr.customer.example.
1.1.in-addr.example.net. 3600   IN      CNAME   1.in-addr.customer.example.
1.in-addr.customer.example. 3600 IN     PTR     www.customer.example.

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Sep 23 23:54:54 CST 2022
;; MSG SIZE  rcvd: 215