Advanced use of DNS, DNS subdomain authorization, split separation parsing

Experiment (I.)

Experimental requirements: Configure DNS servers on two hosts, respectively

Experimental Purpose:

1. Do the authorization of the Bj.tarena.comDNS subdomain on the tarena.com.

The 2.bj.tarena.com subdomain forwards the parent domain.

Experimental environment

Host name FXHLJ IP address 192.168.1.20 responsible for parsing of the tarena.com domain

Www.tarena.com 192.168.1.100

Host name localhost IP address is 192.168.1.30 responsible for parsing of bj.tarena.com domain

Www.bj.tarena.com 192.168.1.200

1. Configure the DNS service on the localhost host to parse the bj.tarena.com information

Install packages

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/72/2B/wKiom1Xd_azhYmFHAABgR2w0_Fc132.jpg "title=" Qq20150827015553.png "alt=" Wkiom1xd_azhymfhaabgr2w0_fc132.jpg "/>

To make a backup of the master configuration file

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/72/27/wKioL1Xd_-bDdS_nAAB8r_nBCsk304.jpg "title=" Qq20150827015609.png "alt=" Wkiol1xd_-bdds_naab8r_nbcsk304.jpg "/>

Modifying the master configuration file

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/72/27/wKioL1XeACjy13tnAACxhVFnfRM910.jpg "title=" Qq20150827015622.png "alt=" Wkiol1xeacjy13tnaacxhvfnfrm910.jpg "/>

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/72/27/wKioL1XeAEjT8oWwAAGB7es8AKE495.jpg "title=" Qq20150827015705.png "alt=" Wkiol1xeaejt8owwaagb7es8ake495.jpg "/>

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/72/2B/wKiom1Xd_jvwh7odAAB-WHrt5Yc635.jpg "title=" Qq20150827015728.png "alt=" Wkiom1xd_jvwh7odaab-whrt5yc635.jpg "/>

Verify that the master configuration file has no errors

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/72/2B/wKiom1XeAFbyr6OvAABu4B4qaAk251.jpg "title=" Qq20150827020950.png "alt=" Wkiom1xeafbyr6ovaabu4b4qaak251.jpg "/>

Configuration database files

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/72/2B/wKiom1Xd_5nDBWRSAADMbcangic201.jpg "title=" Qq20150827020643.png "alt=" Wkiom1xd_5ndbwrsaadmbcangic201.jpg "/>

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/72/27/wKioL1XeAeyQVH3FAADwxkrwKwQ927.jpg "title=" Qq20150827020730.png "alt=" Wkiol1xeaeyqvh3faadwxkrwkwq927.jpg "/>

Check database configuration file for errors

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/72/27/wKioL1XeAjWjm_B3AADBRhEVqcA073.jpg "title=" Qq20150827020856.png "alt=" Wkiol1xeajwjm_b3aadbrhevqca073.jpg "/>

Restart Service

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/72/27/wKioL1XeAR_BaBftAAFHi2mCd-g126.jpg "title=" Qq20150827020208.png "alt=" Wkiol1xear_babftaafhi2mcd-g126.jpg "/>

Whether the test can be resolved

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/72/27/wKioL1XeBXmBroHUAAEt7xLqh4M207.jpg "title=" Qq20150827022250.png "alt=" Wkiol1xebxmbrohuaaet7xlqh4m207.jpg "/>

The parsing steps of tarena.com are as follows (procedure omitted).

Database files

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/72/2B/wKiom1XeA8GT36F_AAEie8OTyEw311.jpg "title=" Qq20150827022417.png "alt=" Wkiom1xea8gt36f_aaeie8otyew311.jpg "/>

The test results are as follows:

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/72/2B/wKiom1XeAfbgfnWsAAEKMOXjxZU982.jpg "title=" Qq20150827021646.png "alt=" Wkiom1xeafbgfnwsaaekmoxjxzu982.jpg "/>

2. do the authorization of the Bj.tarena.comDNS subdomain on the tarena.com.

Modify the database file on the 192.168.1.20 to indicate the domain name of the subdomain and the corresponding IP address.

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/72/2B/wKiom1XeBiuBWV_cAAFtRJuh-R0561.jpg "title=" Qq20150827023441.png "alt=" Wkiom1xebiubwv_caaftrjuh-r0561.jpg "/>

Reload Service

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/72/27/wKioL1XeCJqyLQRfAABqTk6AzLQ716.jpg "title=" Qq20150827023614.png "alt=" Wkiol1xecjqylqrfaabqtk6azlq716.jpg "/>

Test whether the www.bj.tarena.com can be parsed on 192.168.1.20 (but there was a bug in the test and cannot be resolved).

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/72/2B/wKiom1XeCpWCtmQVAAHinZt9zOA431.jpg "title=" Qq20150827025336.png "alt=" wkiom1xecpwctmqvaahinzt9zoa431.jpg "/> View Log error as shown

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/72/27/wKioL1XeDY-RlwNlAAV9gz_Tf7Q572.jpg "title=" Qq20150827025722.png "alt=" Wkiol1xedy-rlwnlaav9gz_tf7q572.jpg "/>

Workaround, modify the DNS master configuration file/etc/named.conf, and comment a few lines to resolve the

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/72/2B/wKiom1XeF-LiFZHeAADzBFSJdnE106.jpg "title=" Qq20150827035002.png "alt=" Wkiom1xef-lifzheaadzbfsjdne106.jpg "/>

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/72/27/wKioL1XeGo_wADkcAAA_7VR_nt8277.jpg "title=" Qq20150827035249.png "alt=" Wkiol1xego_wadkcaaa_7vr_nt8277.jpg "/>

Test the results of the parsing

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/72/2B/wKiom1XeGKnhKQphAAEIs-kyVaw327.jpg "title=" Qq20150827035341.png "alt=" Wkiom1xegknhkqphaaeis-kyvaw327.jpg "/>

3. Set up subdomains to forward parent domains

Modify the Master profile on 192.168.1.30 subdomains

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/72/27/wKioL1XeG-7TyJtHAABLUiAjW64459.jpg "title=" Qq20150827035843.png "alt=" Wkiol1xeg-7tyjthaabluiajw64459.jpg "/>

Add the domain name and IP address of the forwarded parent domain in the master profile

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/72/2B/wKiom1XeGhTQbZuiAACBzbhwUeA319.jpg "title=" Qq20150827035913.png "alt=" Wkiom1xeghtqbzuiaacbzbhwuea319.jpg "/>

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/72/27/wKioL1XeHFvTTbZYAACBdaIXOAA274.jpg "title=" Qq20150827040031.png "alt=" Wkiol1xehfvttbzyaacbdaixoaa274.jpg "/>

Test if the subdomain can forward the parent domain (the test finds no resolution after the problem)

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/72/2B/wKiom1XeGs2gCT94AAEHXTJZ1s4782.jpg "title=" Qq20150827040249.png "alt=" Wkiom1xegs2gct94aaehxtjz1s4782.jpg "/>

Configuration file comments as follows

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/72/27/wKioL1XeHWDAbP7dAADKB6q6LOQ968.jpg "title=" Qq20150827040441.png "alt=" Wkiol1xehwdabp7daadkb6q6loq968.jpg "/>

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/72/2B/wKiom1XeG1KzzmdaAAAlOvsBhdo096.jpg "title=" Qq20150827040453.png "alt=" Wkiom1xeg1kzzmdaaaalovsbhdo096.jpg "/>

After you restart the service, you can resolve it.

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/72/27/wKioL1XeHZfz8EEZAAEHLi8NP-A062.jpg "title=" Qq20150827040547.png "alt=" Wkiol1xehzfz8eezaaehli8np-a062.jpg "/>

Experiment (II)

Purpose of the experiment: DNS separation and resolution (continued according to the experiment)

Experimental requirements: When the user 192.168.1.30 access to www.tarena.com, the result of the resolution is 192.168.1.100, and 192.168.1.20 native address access www.tarena.com when the result is 1.2.3.4

The basic idea of the experiment:

1. Create 2 regional data files (same domain name).

2. Define the ACL list for the source address.

3. Configure 2 view calls to a different zone file.

4. Restart the named service.

5. Test separation parsing results.

1. Establish 2 regional data files Tarena.com.lan used to parse 192.168.1.100,tarena.com.other to parse 1.2.3.4.

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/72/3E/wKiom1Xe5KjCkId2AAF50hWxDQ0000.jpg "title=" Qq20150827182359.png "alt=" Wkiom1xe5kjckid2aaf50hwxdq0000.jpg "/>

Modify the database file for the LAN

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/72/3E/wKiom1Xe5TCA1XsLAAD5j1Ar1kI128.jpg "title=" Qq20150827182553.png "alt=" Wkiom1xe5tca1xslaad5j1ar1ki128.jpg "/>

Modify other's database files

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/72/3B/wKioL1Xe56TSljT_AADtiytkF90660.jpg "title=" Qq20150827182737.png "alt=" Wkiol1xe56tsljt_aadtiytkf90660.jpg "/>

2. Define the ACL list for the source address and configure 2 view to invoke different zone files to modify the configuration file/etc/named.conf

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/72/3D/wKioL1XfDo6gQrYcAAGwhUDrD0M838.jpg "title=" Qq20150827211351.png "alt=" Wkiol1xfdo6gqrycaagwhudrd0m838.jpg "/>

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/72/3C/wKioL1XfAJ6joP_TAAEm9mAGB2g523.jpg "title=" Qq20150827201350.png "alt=" Wkiol1xfaj6jop_taaem9magb2g523.jpg "/>

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/72/3F/wKiom1Xe_o_T3ezHAAEreSpa9yU338.jpg "title=" Qq20150827201408.png "alt=" Wkiom1xe_o_t3ezhaaerespa9yu338.jpg "/>

3. Restart the service

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/72/3C/wKioL1XfANDDPzRYAADPbN8UKRM405.jpg "title=" Qq20150827201421.png "alt=" Wkiol1xfanddpzryaadpbn8ukrm405.jpg "/>

4. Test parsing results The user resolves to 1.2.3.4 On native 192.168.1.20 and resolves to 1192.168.1.100 on 192.168.1.30

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/72/3C/wKioL1XfAUeCrz7WAAEMfVLsxjA191.jpg "title=" Qq20150827201712.png "alt=" Wkiol1xfauecrz7waaemfvlsxja191.jpg "/>

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/72/40/wKiom1XfDSvyQ3QAAAE1dXT602I857.jpg "title=" Qq20150827211651.png "alt=" Wkiom1xfdsvyq3qaaae1dxt602i857.jpg "/>

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/72/3D/wKioL1XfD4OiXLW2AAEB7eLBEVo609.jpg "title=" Qq20150827211752.png "alt=" Wkiol1xfd4oixlw2aaeb7elbevo609.jpg "/>

This article is from the "Down to earth" blog, make sure to keep this source http://343614597.blog.51cto.com/7056394/1689079

Advanced use of DNS, DNS subdomain authorization, split separation parsing