DNS分离解析(视图解析)
.当收到客户机的DNS查询请求的时候
---能够区分客户机的来源地址
---为不同类别的客户机提供不一样的解析结果(IP地址)
用于CDN技术
语法结构:编写/etc/named.conf 配置文件(在原先的配置文件中,添加两行配置信息)
view "名称" { #分类名称,{ 不要忘记写!!!!
match-clients { ip地址;..;..;any; }; #匹配客户端来源, match-clients
可以在man named.conf 中,/view 查找
zone "XX.com" IN {
type master;
file "XXXX.zone";
};
};
=========================================
案例: 客户端A:192.168.4.20,通过DNS服务器(192.168.4.1),访问www.tedu.cn ,解析到的IP地址是192.168.4.100;
其他客户机,通过DNS服务器(192.168.4.1),访问www.tedu.cn, 解析到的IP地址是192.168.4.101;
vim /etc/named.conf
optinos {
directory "/var/named"
};
view "tedu" {
match-clients { 192.168.4.20; };
zone "tedu.cn" IN {
type master;
file "tedu.cn.zone";
};
};
view "other" {
match-clients { any; };
zone "teud.cn" IN {
tyep master;
file "tedu.cn.other";
};
};
----------------------------------------------------------------
创建区域文件:
cp -p /var/named/named.localhost /var/named/tedu.cn.zone
vim /var/named/tedu.cn.zone
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
tedu.cn. NS svr7
svr7 A 192.168.4.1
www A 192.168.4.100
-------------------------------------------------------------------
cp -p /var/named/named.localhost /var/named/tedu.cn.other
vim /var/named/tedu.cn.other
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
tedu.cn. NS svr7
svr7 A 192.168.4.1
www A 192.168.4.101
------------------------------------------------------------
重启bind服务,systemctl restart named
客户机A(192.168.4.20)测试:
nslookup www.tedu.cn 192.168.4.1
Server: 192.168.4.1
Address: 192.168.4.1#53
Name: www.tedu.cn
Address: 192.168.4.100
-------------------------------------
其他客户机测试:
Server: 192.168.4.1
Address: 192.168.4.1#53
Name: www.tedu.cn
Address: 192.168.4.101
======================================
DNS多区域分离解析
多区域的分离解析:每一个view中zone的个数以及负责的域名都要一致
view "1" {
match-clients { 客户端IP地址; };
zone “test.cn” IN {
type master;
file test.cn.zone";
};
zone “test1.cn” IN {
type master;
file "test1.cn.zone";
};
};
view "2" {
match-clients { 客户端IP地址; };
zone “test.cn” IN {
type master;
file "test.cn.other";
};
zone “test1.cn” IN {
type master;
file "test1.cn.other";
};
};
#####上面黑色zone必须保持上下一致!!!!
每一个view中zone的个数以及负责的域名都要一致
然后cd /var/named/
创建4个区域文件,不要忘记cp -p
再编写区域文件,写入对应客户端通过DNS解析到不同的ip地址
重启bind, systemctl restart named
最后使用不同的客户端,通过dns,解析到的域名对应的IP是不一样的
==========================================
案例:

1、搭建web 服务器
服务器C:
yum install httpd -y
systemctl enable
vim /etc/httpd/conf.d/test.conf
servername www.qq.com
documentroot /var/www/qq
servername www.163.com
documentroot /var/www/163
----------------------------------------------------------
mkdir /var/www/qq /var/www/163
echo "this is a qq.1" > /var/www/qq/index.html
echo "this is a 163.1" > /var/www/163/index.html
systemctl restart httpd
----------------------------------------------------------------
服务器D :
yum install httpd -y
systemctl enable
vim /etc/httpd/conf.d/test.conf
servername www.qq.com
documentroot /var/www/qq
servername www.163.com
documentroot /var/www/163
----------------------------------------------------------
mkdir /var/www/qq /var/www/163
echo "this is a qq.2" > /var/www/qq/index.html
echo "this is a 163.2" > /var/www/163/index.html
systemctl restart httpd
-----------------------------------------------------------
DNS A: (192.168.4.7)
创建DNS 服务器:
vim /etc/named.conf
options {
directory "/var/named";
};
view "1" {
match-clients { 192.168.4.7; }; #匹配客户端地址为192.168.4.7
zone "qq.com" IN {
type master;
file "qq.com.zone"; 解析的区域文件为qq.com.zone
};
zone "163.com" IN {
type master;
file "163.com.zone"; 解析的区域文件为163.com.zone
};
};
view "2" {
match-clients { 192.168.4.207; }; #匹配客户端地址为192.168.4.207
zone "qq.com" IN {
type master;
file "qq.com.other"; 解析的区域文件为qq.com.other
};
zone "163.com" IN {
type master;
file "163.com.other"; 解析的区域文件为163.com.other
};
};
----------------------------------------------------------------------------------------------------
cp -p /var/named/named.localhost /var/named/named.localhost/qq.com.zone
cp -p /var/named/named.localhost /var/named/named.localhost/163.com.zone
cp -p /var/named/named.localhost /var/named/named.localhost/qq.com.other
cp -p /var/named/named.localhost /var/named/named.localhost/163.com.other
vim /var/named/named.localhost/qq.com.zone
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
qq.com. NS svr7
svr7 A 192.168.4.7
www A 192.168.4.10
---------------------------------------------------------
vim /var/named/named.localhost/163.com.zone
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
163.com. NS svr7
svr7 A 192.168.4.7
www A 192.168.4.10
---------------------------------------------------------------
vim /var/named/named.localhost/qq.com.other
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
qq.com. NS svr7
svr7 A 192.168.4.7
www A 192.168.4.20
--------------------------------------------------------------
vim /var/named/named.localhost/163.com.other
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
163.com. NS svr7
svr7 A 192.168.4.7
www A 192.168.4.20
-------------------------------------------------------------------
重启bind服务 systemctl restart named systemctl enable named
客户端A : echo "nameserver 192.168.4.7" > /etc/resolv.conf ###写入DNS服务器地址
firefox http://www.qq.com
this is a qq.1
firefox http://www.163.com
this is a 163.1
客户端B : echo "nameserver 192.168.4.7" > /etc/resolv.conf ###写入DNS服务器地址
firefox http://www.qq.com
this is a qq.2
firefox http://www.163.com
this is a 163.2
暂无评论内容