Bind 视图:在主配置文件中,可以指定多个view,使用Bind提供 view指令可以实现根据不同的IP范围来对同一个域名进行解析(启用了view,则所有的区域包括根区域都要定义在view中;view 是有先后次序的)。
example:
1,修改/etc/named.conf文件
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
// listen-on port 53 { 127.0.0.1; };
// listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
// allow-query { localhost; };
recursion yes;
// dnssec-enable yes;
// dnssec-validation yes;
// dnssec-lookaside auto;
/* Path to ISC DLV key */
// bindkeys-file "/etc/named.iscdlv.key";
// managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
//zone "." IN {
// type hint;
// file "named.ca";
//};
include "/etc/named.rfc1912.zones";
//include "/etc/named.root.key";
2,在/etc/named.rfc1912.zones 文件中定义view
view innet {
match-clients { 192.168.1.0/24; };
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost.localdomain" IN {
type master;
file "named.localhost";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "named.localhost";
allow-update { none; };
};
zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.loopback";
allow-update { none; };
};
zone "1.0.0.127.in-addr.arpa" IN {
type master;
file "named.loopback";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.empty";
allow-update { none; };
};
zone "luolinux.com" IN {
type master;
file "luolinux.com.in"
};
};
view outnet {
match-clients { 172.16.0.0/16; };
zone "luolinux.com" IN {
type master;
file "luolinux.com.out"
};
};
view default {
match-clients { any; };
zone "luolinux.com" IN {
type master;
file "luolinux.com.out";
};
};
3,在/var/named/ 目录下创建luochen.com.in 区域数据库文件
# vim /var/named/luolinux.com.in
$TTL 600
@ IN SOA dns.luolinux.com. admin.luolinux.com. (
2016030822
1H
10M
2D
1D)
@ IN NS dns
@ IN MX 10 mail
dns IN A 192.168.1.118
mail IN A 192.168.1.110
www IN A 192.168.1.121
4,在/var/named/ 目录下创建luochen.com.out 区域数据库文件
# vim /var/named/luolinux.com.out
$TTL 600
@ IN SOA dns.luolinux.com. admin.luolinux.com. (
2016030822
1H
10M
2D
1D)
@ IN NS dns
@ IN MX 10 mail
dns IN A 172.16.20.10
mail IN A 172.16.20.23
www IN A 172.16.20.54
5,修改区域数据库文件的属主和属组和权限
# chown root:named luolinux.com.in
# chown root:named luolinux.com.out
# chmod 640 luolinux.com.in
# chmod 640 luolinux.com.out
6,重读配置文件
# killall -1 named
7,再给本机配置一个地址测试使用
# ifconfig eth0:0 172.16.20.10/16 up
# ifconfig
8,测试
# service named restart
# dig -t A www.luolinux.com @192.168.1.118
# dig -t A www.luolinux.com @172.16.20.10
转载于:https://blog.51cto.com/luochen2015/1748946
881
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
