智能dns
dns server ip:192.168.1.254
named.conf
key "rndc-key" { algorithm hmac-md5; secret "z0xW7wm4O7E7OXXbUofd9w=="; }; controls { inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { "rndc-key"; }; }; options{ Directory "/usr/local/named"; Pid-file "named.pid"; listen-on port 53 {any;}; Allow-query {any;}; Dump-file "/usr/local/named/data/cache_dump.db"; Statistics-file "/usr/local/named/data/named_stats.txt"; recursion no; }; acl china_cnc { 192.168.1.100/32; }; acl china_ct { 192.168.1.3/32; }; acl china_other { ! "china_cnc"; ! "china_ct"; any; }; view china_cnc { match-clients { china_cnc; }; recursion no; zone "." in { Type hint; File "named.root"; }; zone "test.com" in { Type master; File "zone/test.com.china_cnc.zone"; }; }; view china_ct { match-clients { china_ct; }; recursion no; zone "." in { Type hint; File "named.root"; }; zone "test.com" in { Type master; File "zone/test.com.china_ct.zone"; }; }; view china_other { match-clients { china_other; }; recursion no; zone "." in { Type hint; File "named.root"; }; zone "test.com" in { Type master; File "zone/test.com.china_other.zone"; }; };
test.com.china_cnc.zone
$ttl 300 test.com. IN SOA ns.test.com. root.test.com.( 3 10800 3600 604800 600 ) test.com. 604800 IN NS ns.test.com. ns.test.com. 604800 IN A 192.168.1.254 fast1 IN A 1.1.1.1 fast1 IN A 1.1.1.2 fast1 IN A 1.1.1.3 fast2 IN A 10.1.1.1 fast2 IN A 10.1.1.2 fast2 IN A 10.1.1.3 fast2 IN A 10.1.1.4
test.com.china_ct.zone
$ttl 300 test.com. IN SOA ns.test.com. root.test.com.( 3 10800 3600 604800 600 ) test.com. 604800 IN NS ns.test.com. ns.test.com. 604800 IN A 192.168.1.254 fast1 IN A 2.1.1.1 fast1 IN A 2.1.1.2 fast1 IN A 2.1.1.3 fast2 IN A 20.1.1.1 fast2 IN A 20.1.1.2 fast2 IN A 20.1.1.3 fast2 IN A 20.1.1.4
test.com.china_other.zone
$ttl 300 test.com. IN SOA ns.test.com. root.test.com.( 3 10800 3600 604800 600 ) test.com. 604800 IN NS ns.test.com. ns.test.com. 604800 IN A 192.168.1.254 fast1 IN A 3.1.1.1 fast1 IN A 3.1.1.2 fast1 IN A 3.1.1.3 fast2 IN A 30.1.1.1 fast2 IN A 30.1.1.2 fast2 IN A 30.1.1.3 fast2 IN A 30.1.1.4
测试在192.168.1.100
#dig fast1.test.com @192.168.1.254 ; <<>> DiG 9.8.1-P1 <<>> fast1.test.com @192.168.1.254 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25693 ;; flags: qr aa rd; QUERY: 1, ANSWER: 3, AUTHORITY: 1, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;fast1.test.com. IN A ;; ANSWER SECTION: fast1.test.com. 300 IN A 1.1.1.1 fast1.test.com. 300 IN A 1.1.1.2 fast1.test.com. 300 IN A 1.1.1.3 ;; AUTHORITY SECTION: test.com. 604800 IN NS ns.test.com. ;; ADDITIONAL SECTION: ns.test.com. 604800 IN A 192.168.1.254 ;; Query time: 1 msec ;; SERVER: 192.168.1.254#53(192.168.1.254) ;; WHEN: Mon Jul 22 13:21:02 2013 ;; MSG SIZE rcvd: 113
测试在192.168.1.3
#dig fast1.test.com @192.168.1.254 ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6 <<>> fast1.test.com @192.168.1.254 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11596 ;; flags: qr aa rd; QUERY: 1, ANSWER: 3, AUTHORITY: 1, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;fast1.test.com. IN A ;; ANSWER SECTION: fast1.test.com. 300 IN A 2.1.1.2 fast1.test.com. 300 IN A 2.1.1.3 fast1.test.com. 300 IN A 2.1.1.1 ;; AUTHORITY SECTION: test.com. 604800 IN NS ns.test.com. ;; ADDITIONAL SECTION: ns.test.com. 604800 IN A 192.168.1.254 ;; Query time: 6 msec ;; SERVER: 192.168.1.254#53(192.168.1.254) ;; WHEN: Mon Jul 22 13:02:47 2013 ;; MSG SIZE rcvd: 113
测试在192.168.1.4
# dig fast1.test.com @192.168.1.254 ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6 <<>> fast1.test.com @192.168.1.254 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16317 ;; flags: qr aa rd; QUERY: 1, ANSWER: 3, AUTHORITY: 1, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;fast1.test.com. IN A ;; ANSWER SECTION: fast1.test.com. 300 IN A 3.1.1.1 fast1.test.com. 300 IN A 3.1.1.3 fast1.test.com. 300 IN A 3.1.1.2 ;; AUTHORITY SECTION: test.com. 604800 IN NS ns.test.com. ;; ADDITIONAL SECTION: ns.test.com. 604800 IN A 192.168.1.254 ;; Query time: 8 msec ;; SERVER: 192.168.1.254#53(192.168.1.254) ;; WHEN: Mon Jul 22 13:06:43 2013 ;; MSG SIZE rcvd: 113