DNS(bind)添加A、CNAME、MX、PTR记录、智能DNS(ACL)
1、添加一条A记录(记得更改serial):
1 | vim /var/named/chroot/etc/lnh.com.zone |
重启一下:
1 | rndc reload |
查看从服务器:
测试结果:
master结果:
第一种方法:是用resolv.conf中定义的DNS服务器查出百度主机的IP。
第二种方法(上述方法):是用本地的DNS(127.0.0.1)来查cc.lnh.com主机的IP。
slave结果(在master上看的):
2、CNAME记录(如上)
1 | cname CNAME a.lnh.com. |
3、MX记录(如上)
1 2 | mx MX 5 192.168.123.123mx MX 10 191.1.1.1 |
4、PTR记录(反向解析)
MASTER:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 | [root@localhost etc]# cat view.conf view "View" { zone "lnh.com" { type master; file "lnh.com.zone"; allow-transfer { 192.168.222.146; }; notify yes; also-notify { 192.168.222.146; }; }; zone "168.192.in-addr.arpa" { type master; file "168.192.zone"; allow-transfer { 192.168.222.146; }; notify yes; also-notify { 192.168.222.146; }; };}; |
1 | ”168.192.in-addr.arpa“固定格式,ip反过来了。 |
1 2 3 4 5 6 7 8 9 10 11 12 | [root@localhost etc]# cat 168.192.zone $TTL 3600 ; 1 hour@ IN SOA op.lnh.com. dns.lnh.com. ( 2030 ; serial 900 ; refresh (15 minutes) 600 ; retry (10 minutes) 86400 ; expire (1 day) 3600 ; minimum (1 hour) ) NS op.lnh.com.102.122 IN PTR a.lnh.com.1.1 IN PTR B.lnh.com. |
1 | <br>此时要看看权限:chown named.named 168.192.zone<br><br>Slave配置: |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 | [root@localhost etc]# cat view.conf view "SlaveView" { zone "lnh.com" { type slave; masters {192.168.222.145; }; file "slave.lnh.com.zone"; }; zone "168.192.in-addr.arpa" { type slave; masters {192.168.222.145; }; file "slave.168.192.zone"; }; }; |
这个是同步过来的:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 | [root@localhost etc]# cat slave.168.192.zone $ORIGIN .$TTL 3600 ; 1 hour168.192.in-addr.arpa IN SOA op.lnh.com. dns.lnh.com. ( 2030 ; serial 900 ; refresh (15 minutes) 600 ; retry (10 minutes) 86400 ; expire (1 day) 3600 ; minimum (1 hour) ) NS op.lnh.com.$ORIGIN 168.192.in-addr.arpa.1.1 PTR B.lnh.com.102.122 PTR a.lnh.com. |
注意:a.lnh.com. 后面一定要有.
查看:
1 2 3 4 5 6 7 | [root@localhost etc]# host 192.168.122.102 127.0.0.1Using domain server:Name: 127.0.0.1Address: 127.0.0.1#53Aliases: 102.122.168.192.in-addr.arpa domain name pointer a.lnh.com. |
5、通过DNS实现负载均衡,,就是多加一条A记录,,这个有个问题,当这个后端服务器挂了,他也会解析,所以不建议用,,轮询的调度算法,没有健康监测。
1 2 3 4 5 6 7 8 | [root@localhost etc]# host cc.lnh.com 127.0.0.1Using domain server:Name: 127.0.0.1Address: 127.0.0.1#53Aliases: cc.lnh.com has address 123.123.123.124cc.lnh.com has address 123.123.123.123 |
6、配置DNS视图(智能DNS),当DNS服务器接到请求时会匹配这两个组的ip,下面的加在include上,,此时就可以根据group来区分不用运营商分到不同的ip。
1 2 3 4 5 6 7 8 | /var/named/chroot/etc[root@localhost etc]# vim named.conf acl group1 { 192.168.222.145;};acl group2 { 192.168.222.146;}; |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 | [root@localhost etc]# >view.conf[root@localhost etc]# vim view.conf[root@localhost etc]# pwd/var/named/chroot/etc[root@localhost etc]# cat view.confview "GROUP1" { match-clients { group1; }; zone "viewlnh.com" { type master; file "group1.viewlnh.com.zone"; };};view "GROUP2" { match-clients { group2; }; zone "viewlnh.com" { type master; file "group2.viewlnh.com.zone"; };}; |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 | [root@localhost etc]# pwd/var/named/chroot/etc[root@localhost etc]# vim group1.viewlnh.com.zone$ORIGIN .$TTL 3600 ; 1 hourviewlnh.com IN SOA op.lnh.com. dns.lnh.com. ( 2030 ; serial 900 ; refresh (15 minutes) 600 ; retry (10 minutes) 86400 ; expire (1 day) 3600 ; minimum (1 hour) ) NS op.lnh.com.$ORIGIN viewlnh.com.op A 192.168.122.1view A 192.168.122.1 |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 | [root@localhost etc]# pwd/var/named/chroot/etc[root@localhost etc]# vim group2.viewlnh.com.zone$ORIGIN .$TTL 3600 ; 1 hourviewlnh.com IN SOA op.lnh.com. dns.lnh.com. ( 2030 ; serial 900 ; refresh (15 minutes) 600 ; retry (10 minutes) 86400 ; expire (1 day) 3600 ; minimum (1 hour) ) NS op.lnh.com.$ORIGIN viewlnh.com.op A 192.168.122.2view A 192.168.122.2 |
修改权限
1 | [root@localhost etc]# chown named.named group* |
查看,在192.168.222.145上看
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 | [root@localhost etc]# dig @192.168.222.145 view.viewlnh.com; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6_9.5 <<>> @192.168.222.145 view.viewlnh.com; (1 server found);; global options: +cmd;; Got answer:;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49593;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0;; QUESTION SECTION:;view.viewlnh.com. IN A;; ANSWER SECTION:view.viewlnh.com. 3600 IN A 192.168.122.1;; AUTHORITY SECTION:viewlnh.com. 3600 IN NS op.lnh.com.;; Query time: 1 msec;; SERVER: 192.168.222.145#53(192.168.222.145);; WHEN: Wed Mar 21 18:33:51 2018;; MSG SIZE rcvd: 71 |
在192.168.222.146上看
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 | [root@localhost etc]# dig @192.168.222.145 view.viewlnh.com; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6_9.5 <<>> @192.168.222.145 view.viewlnh.com; (1 server found);; global options: +cmd;; Got answer:;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11962;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0;; QUESTION SECTION:;view.viewlnh.com. IN A;; ANSWER SECTION:view.viewlnh.com. 3600 IN A 192.168.122.2;; AUTHORITY SECTION:viewlnh.com. 3600 IN NS op.lnh.com.;; Query time: 3 msec;; SERVER: 192.168.222.145#53(192.168.222.145);; WHEN: Wed Mar 21 18:36:16 2018;; MSG SIZE rcvd: 71 |
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· AI与.NET技术实操系列:向量存储与相似性搜索在 .NET 中的实现
· 基于Microsoft.Extensions.AI核心库实现RAG应用
· Linux系列:如何用heaptrack跟踪.NET程序的非托管内存泄露
· 开发者必知的日志记录最佳实践
· SQL Server 2025 AI相关能力初探
· 震惊!C++程序真的从main开始吗?99%的程序员都答错了
· 【硬核科普】Trae如何「偷看」你的代码?零基础破解AI编程运行原理
· 单元测试从入门到精通
· winform 绘制太阳,地球,月球 运作规律
· 上周热点回顾(3.3-3.9)