1子域授权原理:
为了实现分层,减轻dns服务器的压力,因此设计了子域授权这个功能,需要在夫域中配置
ns服务器和对应的A记录
2配置实例
父域配置
父域主配置文件
cat /etc/named.conf options { directory "/var/named"; }; zone "." IN { type hint; file "amed.ca"; }; zone "localhost" IN { type master; file "localhost.zone"; }; zone "limeizhi.com" IN { type master; file "limeizhi.com.zone"; }; zone "2.168.192.in-addr.arpa" IN { type master; file "192.168.2.zone"; };
反向区域配置文件
$TTL 600; @ IN SOA ns1.limeizhi.com. ns1admin.limeizhi.com. ( 20130313 ;serial 1D ;refresh 1H ;retry 1W ;expire 3H) ;mininum IN NS ns1.limeizhi.com. IN NS ns2.limeizhi.com. 7 IN PTR ns2.limeizhi.com. 5 IN PTR www.limeizhi.com.
正向区域配置文件
$TTL 600; $ORIGIN limeizhi.com. @ IN SOA @ nsadmin. ( 2014031301 3H 15M 1W 1D) @ IN NS ns1.limeizhi.com. @ IN NS ns2.limeizhi.com. ns1 IN A 192.168.2.3 ns2 IN A 192.168.2.7 www IN A 192.168.2.12 test IN NS dns.test.limeizhi.com. dns.test.limeizhi.com. IN A 192.168.2.7
子域配置
子域区域主配置
options { directory "/var/named"; forward first; forwarders { 192.168.2.3; }; }; zone "." IN { type hint; file "named.ca"; }; zone "localhost" IN { type master; file "named.localhost"; }; zone "test.limeizhi.com" { type master; file "test.limeizhi.com.zone"; };
options { directory "/var/named"; forward first; forwarders { 192.168.2.3; }; }; zone "." IN { type hint; file "named.ca"; }; zone "localhost" IN { type master; file "named.localhost"; }; zone "test.limeizhi.com" { type master; file "test.limeizhi.com.zone"; };
子域正向区域配置文件
$TTL 600 @ IN SOA dns.test.limeizhi.com. admindns.test.limeizhi.com. ( 2014031102 1H 5M 3D 1D ) IN NS dns IN NS ns2 ns2 IN A 192.168.2.7 dns IN A 192.168.2.3 www IN A 192.168.2.11
验证子域授权是否配置正确
在夫域中测试
dig -t A www.test.limeizhi.com @192.168.2.3
在子域中测试
dig -t A www.limeizhi.com @192.168.2.7
转载于:https://blog.51cto.com/limeizhi/1379324