======DNS 的 VIEW
DNS视图用于:服务器既向内部提供解析,又向外部提供解析时使用.
首先在服务器上要有两块网卡,一个负责解析内部的请求,例如为:192.168.1.1;另一个负责外部的请求:192.168.2.1;
搭建DNS环境,在主配置文件里添加:grep -v '^$' /var/named/chroot/etc/named.conf | grep -v '^#' | grep -v '//':
options {
listen-on port 53 { 127.0.0.1; 192.168.1.1; 192.168.2.1; }; //一定要将监听的两个地址都写进去;
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
allow-query-cache { any; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view xiaozi-neibu {
match-clients { 192.168.1.0/24; }; //只负责内部主机的解析请求;
match-destinations { 192.168.1.0/24; };
recursion yes;
include "/etc/xiaozi.neibu.com";
};
view xiaozi-waibu {
match-clients { any; };
match-destinations { any; };
recursion yes;
include "/etc/xiaozi.waibu.com";
};xiaozi.neibu.com:
zone "xiaozi.com" IN {
type master;
file "xiaozi.neibu.zone";
};xiaozi.waibu.com:
zone "xiaozi.com" IN {
type master;
file "xiaozi.waibu.zone";
};xiaozi.neibu.zone:
$TTL 86400
@ IN SOA xiaozi.com. root.xiaozi.com. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS www.xiaozi.com.
www IN A 192.168.1.1xiaozi.waibu.zone:
$TTL 86400
@ IN SOA xiaozi.com. root.xiaozi.com. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS www.xiaozi.com.
www IN A 192.168.2.1 大家一定要注意iptables 和 selinux 的设置
现在就可以启动DNS服务了
外部解析到的 www.xiaozi.com 的ip为192.168.2.1;内部主机解析到的ip为192.168.1.1; 就说明成功了.
^_^ 祝大家好运! 如果xiaozi写的哪里有不对的地方,还请各位多多指点,谢谢
