用到了bind 9的view功能,按ip地址解析不同的地址
電信地址:192.168.0.210 解析為192.168.0.100
網通地址:192.168.0.213 解析為192.168.0.200
//定義全局配置選項
options {
//配置文件工作目錄
directory"/var/named";
//域名轉發器
forwarders {
192.168.0.1;
};
};
key "rndc-key" {
algorithm hmac-md5;
secret "dT68MZ0x70oXNKQ59NFpeQ==";
};
//rndc命令使用的控制通道
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
//ip地址訪問列表
acl "telecom" {
192.168.0.210;
};
acl "cnc" {
192.168.0.213;
};
//使用view功能時,所有zone必須包含在view裡面
//電信
view "telecom" {
//匹配acl列表
match-clients { "telecom"; };
//遞歸查詢
recursion yes;
//定義根區聲明
zone "." IN {
type hint;
file "named.ca";
};
//定義localhost正向解析區聲明
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
type master;
file "test.zone.telecom";
allow-update { none; };
};
zone "0.168.192.in-addr.arpa" IN {
type master;
file "0.168.192.arpa";
allow-update { none; };
};
};
//網通
view "cnc" {
match-clients { "cnc"; };
recursion yes;
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
type master;
allow-update { none; };
};
zone "0.168.192.in-addr.arpa" IN {
type master;
file "0.168.192.arpa";
allow-update { none; };
};
};
電信地址的zone文件 test.zone.telecom
//定義出這個記錄檔案面的各項記錄的預設TTL 值
$TTL 86400
//ORIGIN設定﹐說明下面的記錄源出何處
//以"."結尾的域名FQDN,如無"."則系統會在後面加上"@"代表的域名
42
3H
15M
1W
1D )
dns 1D IN A 192.168.0.211
www 1D IN A 192.168.0.100
$TTL 86400
42
3H
15M
1W
1D )
dns 1D IN A 192.168.0.211
www 1D IN A 192.168.0.200
反向解析文件 0.168.192.arpa
$TTL 86400
1997022700
28800
14400
3600000
86400 )
裡面不能缺少dns的PTR記錄,否則在客戶端用nslookup命令查詢時會有錯誤提示 :
** Can't find server name for address 192.168.0.211: Non-existent domain
*** Default servers are not available
Default Server: UnKnown
Address: 192.168.0.211
正確的提示為:
Address: 192.168.0.211
