智能dns

dns server ip:192.168.1.254

named.conf

 key "rndc-key" {
        algorithm hmac-md5;
        secret "z0xW7wm4O7E7OXXbUofd9w==";
 };
 
 controls {
        inet 127.0.0.1 port 953
                allow { 127.0.0.1; } keys { "rndc-key"; };
 };
options{
        Directory "/usr/local/named";
        Pid-file "named.pid";
        listen-on port 53 {any;};
        Allow-query {any;};
        Dump-file "/usr/local/named/data/cache_dump.db";
        Statistics-file "/usr/local/named/data/named_stats.txt";
        recursion no;
};
acl china_cnc {
192.168.1.100/32;
};
acl china_ct {
192.168.1.3/32;
};
acl china_other { ! "china_cnc"; ! "china_ct"; any; };
view china_cnc {
        match-clients { china_cnc; };
        recursion no;
        zone "." in {
                Type hint;
                File "named.root";
        };
        zone "test.com" in {
                Type master;
                File "zone/test.com.china_cnc.zone";
        };
};
view china_ct {
        match-clients { china_ct; };
        recursion no;
        zone "." in {
                Type hint;
                File "named.root";
        };
        zone "test.com" in {
                Type master;
                File "zone/test.com.china_ct.zone";
        };
};
view china_other {
        match-clients { china_other; };
        recursion no;
        zone "." in {
                Type hint;
                File "named.root";
        };
        zone "test.com" in {
                Type master;
                File "zone/test.com.china_other.zone";
        };
};

test.com.china_cnc.zone

$ttl 300
test.com.       IN      SOA     ns.test.com.    root.test.com.(
                3
                10800
                3600
                604800
                600
)
test.com.       604800  IN      NS      ns.test.com.
ns.test.com.    604800  IN      A       192.168.1.254
fast1   IN      A       1.1.1.1
fast1   IN      A       1.1.1.2
fast1   IN      A       1.1.1.3
fast2   IN      A       10.1.1.1
fast2   IN      A       10.1.1.2
fast2   IN      A       10.1.1.3
fast2   IN      A       10.1.1.4

test.com.china_ct.zone

$ttl 300
test.com.       IN      SOA     ns.test.com.    root.test.com.(
                3
                10800
                3600
                604800
                600
)
test.com.       604800  IN      NS      ns.test.com.
ns.test.com.    604800  IN      A       192.168.1.254
fast1   IN      A       2.1.1.1
fast1   IN      A       2.1.1.2
fast1   IN      A       2.1.1.3
fast2   IN      A       20.1.1.1
fast2   IN      A       20.1.1.2
fast2   IN      A       20.1.1.3
fast2   IN      A       20.1.1.4

test.com.china_other.zone

$ttl 300
test.com.       IN      SOA     ns.test.com.    root.test.com.(
                3
                10800
                3600
                604800
                600
)
test.com.       604800  IN      NS      ns.test.com.
ns.test.com.    604800  IN      A       192.168.1.254
fast1   IN      A       3.1.1.1
fast1   IN      A       3.1.1.2
fast1   IN      A       3.1.1.3
fast2   IN      A       30.1.1.1
fast2   IN      A       30.1.1.2
fast2   IN      A       30.1.1.3
fast2   IN      A       30.1.1.4

测试在192.168.1.100

#dig fast1.test.com @192.168.1.254

; <<>> DiG 9.8.1-P1 <<>> fast1.test.com @192.168.1.254
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25693
;; flags: qr aa rd; QUERY: 1, ANSWER: 3, AUTHORITY: 1, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;fast1.test.com.            IN    A

;; ANSWER SECTION:
fast1.test.com.        300    IN    A    1.1.1.1
fast1.test.com.        300    IN    A    1.1.1.2
fast1.test.com.        300    IN    A    1.1.1.3

;; AUTHORITY SECTION:
test.com.        604800    IN    NS    ns.test.com.

;; ADDITIONAL SECTION:
ns.test.com.        604800    IN    A    192.168.1.254

;; Query time: 1 msec
;; SERVER: 192.168.1.254#53(192.168.1.254)
;; WHEN: Mon Jul 22 13:21:02 2013
;; MSG SIZE  rcvd: 113

测试在192.168.1.3

#dig fast1.test.com @192.168.1.254

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6 <<>> fast1.test.com @192.168.1.254
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11596
;; flags: qr aa rd; QUERY: 1, ANSWER: 3, AUTHORITY: 1, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;fast1.test.com.            IN    A

;; ANSWER SECTION:
fast1.test.com.        300    IN    A    2.1.1.2
fast1.test.com.        300    IN    A    2.1.1.3
fast1.test.com.        300    IN    A    2.1.1.1

;; AUTHORITY SECTION:
test.com.        604800    IN    NS    ns.test.com.

;; ADDITIONAL SECTION:
ns.test.com.        604800    IN    A    192.168.1.254

;; Query time: 6 msec
;; SERVER: 192.168.1.254#53(192.168.1.254)
;; WHEN: Mon Jul 22 13:02:47 2013
;; MSG SIZE  rcvd: 113

测试在192.168.1.4

# dig fast1.test.com @192.168.1.254

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6 <<>> fast1.test.com @192.168.1.254
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16317
;; flags: qr aa rd; QUERY: 1, ANSWER: 3, AUTHORITY: 1, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;fast1.test.com.            IN    A

;; ANSWER SECTION:
fast1.test.com.        300    IN    A    3.1.1.1
fast1.test.com.        300    IN    A    3.1.1.3
fast1.test.com.        300    IN    A    3.1.1.2

;; AUTHORITY SECTION:
test.com.        604800    IN    NS    ns.test.com.

;; ADDITIONAL SECTION:
ns.test.com.        604800    IN    A    192.168.1.254

;; Query time: 8 msec
;; SERVER: 192.168.1.254#53(192.168.1.254)
;; WHEN: Mon Jul 22 13:06:43 2013
;; MSG SIZE  rcvd: 113

posted @ 2013-07-22 13:25 sunsweet 阅读(316) 评论(0) 编辑收藏举报

会员力量，点亮园子希望

刷新页面返回顶部

智能dns

公告