master server (Transfer-source):
[Root@master/]# Mkdir/var/named/zones/{local,cmcc,cucc,ctcc,cecc,others}
[Root@master/]# chown-r named.named/var/named/zones/{local,cmcc,cucc,ctcc,cecc,others} #移动, Unicom, telecommunications, education
[Root@master/]# Route add-net 172.28.0.0/16 Dev eth0 #-net does not support subnet partitioning
[Root@master named]# Cat *.cfg
ACL CMCC {1.1.1.1;};
ACL CTCC {1.1.1.11;};
ACL CUCC {1.1.1.18;};
ACL Local {
10.0.0.0/8;
};
ACL others {any;};
[Root@master named]# cat/usr/local/named/etc/named.conf
named.conf
Options {
listen-on port {any;};
Directory "/var/named";
Dump-file "/var/named/data/cache_dump.db";
Statistics-file "/var/named/data/named_stats.txt";
Memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query {any;};
recursion Yes;
Bindkeys-file "/usr/local/named/etc/bind.keys";
};
Logging {
Channel Default_debug {
File "Data/named.run";
Severity dynamic;
};
Channel Gsquery {
File "Data/query.log" versions 3 size 20m;
Severity info;
Print-time Yes;
Print-category Yes;
Print-severity Yes;
};
Category queries {gsquery;};
};
Key "Rndc-key" {
Algorithm HMAC-MD5;
Secret "ovh1p5jg42kglbwjyifxrq==";
};
Controls {
inet 127.0.0.1 Port 953
Allow {127.0.0.1} keys {"Rndc-key";};
};
Include "/var/named/named.rfc1912.zones";
[Root@master named]# Cat/var/named/named.rfc1912.zones
View "Local" {
match-clients {172.28.1.1; local; }; #可以使用!172.28.1.2;!1.1.1.20; Shielding corresponding IP
recursion Yes;
allow-update {none;};
Allow-transfer {172.28.1.1;}; #对应的LOCAL的IP
also-notify {172.28.1.1;}; #额外主机 (Slave outside the host, when the slave configuration can also notify other hosts), you can not configure, do not configure can improve efficiency
Notify yes;
Zone "." in {
Type hint;
File "Named.root";
};
Zone "111cn.net" {
Type master;
File "Zones/local/local.111cn.net.zone";
};
};
View "CTCC" {
match-clients {172.28.1.2; CTCC; };
recursion Yes;
Zone "." in {
Type hint;
File "Named.root";
};
Zone "111cn.net" {
Type master;
File "Zones/ctcc/ctcc.111cn.net.zone";
also-notify {172.28.1.2;};
Notify yes;
allow-update {none;};
Allow-transfer {172.28.1.2;};
};
};
View "CUCC" {
match-clients {172.28.1.3; CUCC; };
recursion Yes;
Zone "." in {
Type hint;
File "Named.root";
};
Zone "111cn.net" {
Type master;
File "Zones/cucc/cucc.111cn.net.zone";
also-notify {172.28.1.3;};
Notify yes;
allow-update {none;};
Allow-transfer {172.28.1.3;};
};
};
View "CMCC" {
match-clients {172.28.1.4; CMCC; };
recursion Yes;
Zone "." in {
Type hint;
File "Named.root";
};
Zone "111cn.net" {
Type master;
File "Zones/cmcc/cmcc.111cn.net.zone";
also-notify {172.28.1.4;};
Notify yes;
allow-update {none;};
Allow-transfer {172.28.1.4;};
};
};
View "Others" {
match-clients {172.28.1.5; others; };
recursion Yes;
Zone "." in {
Type hint;
File "Named.root";
};
Zone "111cn.net" {
Type master;
File "Zones/others/others.111cn.net.zone";
also-notify {172.28.1.5;};
Notify yes;
allow-update {none;};
Allow-transfer {172.28.1.5;};
};
};
Include "Ctcc.cfg";
Include "Cucc.cfg";
Include "Cmcc.cfg";
Include "Local.cfg";
Include "Others.cfg";
[Root@master named]# Cat Zones/others/others.111cn.net.zone
$TTL 60
@ in SOA ns1.111cn.net. Admin.111cn.net. (
2015050500; Serial
120; Refresh
600; Retry
1W; Expire
3H); Minimum
In NS ns1
In NS ns2
In A 1.1.1.19
NS1 in A 1.1.1.19
NS2 in A 172.28.1.5
www in A 5.5.5.5
master server (TSIG KEY):
[Root@master/]# Mkdir/var/named/keys
[Root@master/]#/usr/local/named/sbin/rndc-confgen-r/dev/urandom-a-c/var/named/keys/cucc.keys-k cucc
[Root@master/]#/usr/local/named/sbin/rndc-confgen-r/dev/urandom-a-c/var/named/keys/ctcc.keys-k CTCC
[Root@master/]#/usr/local/named/sbin/rndc-confgen-r/dev/urandom-a-c/var/named/keys/others.keys-k Others
[Root@master/]# chown-r Named.named/var/named/keys
[Root@master named]# Cat Named.rfc1912.zones
View "Local" {
match-clients {key local; local; };
Server 1.1.1.20 {keys local;};
recursion Yes;
allow-update {none;};
Allow-transfer {key local;};
Also-notify {1.1.1.20;};
Notify yes;
Zone "." in {
Type hint;
File "Named.root";
};
Zone "111cn.net" {
Type master;
File "Zones/local/local.111cn.net.zone";
};
};
View "CTCC" {
match-clients {key CTCC; CTCC; };
Server 1.1.1.20 {keys CTCC;};
recursion Yes;
Zone "." in {
Type hint;
File "Named.root";
};
Zone "111cn.net" {
Type master;
File "Zones/ctcc/ctcc.111cn.net.zone";
Also-notify {1.1.1.20;};
Notify yes;
allow-update {none;};
Allow-transfer {key CTCC;};
};
};
View "CUCC" {
match-clients {key cucc; CUCC; };
Server 1.1.1.20 {keys cucc;};
recursion Yes;
Zone "." in {
Type hint;
File "Named.root";
};
Zone "111cn.net" {
Type master;
File "Zones/cucc/cucc.111cn.net.zone";
Also-notify {1.1.1.20;};
Notify yes;
allow-update {none;};
Allow-transfer {key cucc;};
};
};
View "CMCC" {
match-clients {key CMCC; CMCC; };
Server 1.1.1.20 {keys cmcc;};
recursion Yes;
Zone "." in {
Type hint;
File "Named.root";
};
Zone "111cn.net" {
Type master;
File "Zones/cmcc/cmcc.111cn.net.zone";
Also-notify {1.1.1.20;};
Notify yes;
allow-update {none;};
Allow-transfer {key cmcc;};
};
};
View "Others" {
match-clients {key others; others; };
Server 1.1.1.20 {keys others;};
recursion Yes;
Zone "." in {
Type hint;
File "Named.root";
};
Zone "111cn.net" {
Type master;
File "Zones/others/others.111cn.net.zone";
Also-notify {1.1.1.20;};
Notify yes;
allow-update {none;};
Allow-transfer {key others;};
};
};
Include "Ctcc.cfg";
Include "Cucc.cfg";
Include "Cmcc.cfg";
Include "Local.cfg";
Include "Others.cfg";
Include "Keys/cmcc.key";
Include "Keys/ctcc.key";
Include "Keys/cucc.key";
Include "Keys/local.key";
Include "Keys/others.key";
[Root@master named]# Cat Zones/ctcc/ctcc.111cn.net.zone
$TTL 60
@ in SOA ns1.111cn.net. Admin.111cn.net. (
2015050209; Serial
120; Refresh
600; Retry
1W; Expire
3H); Minimum
In NS ns1
In NS ns2
In A 1.1.1.19
NS1 in A 1.1.1.19
NS2 in A 1.1.1.20
www in A 209.202.204.209
BBS in A 208.202.204.202
Slave Server (Transfer-source):
[Root@slave/]#/sbin/ifconfig eth0:0 172.28.1.1 netmask 255.255.240.0
[Root@slave/]#/sbin/ifconfig eth0:1 172.28.1.2 netmask
[Root@slave/]#/sbin/ifconfig eth0:2 172.28.1.3 netmask
[Root@slave/]#/sbin/ifconfig eth0:3 172.28.1.4 netmask
[Root@slave/]# CP/VAR/NAMED/NAMED.RFC1912.ZONES/VAR/NAMED/NAMED.RFC1912.ZONES.BK
[Root@slave/]# Mkdir/var/named/slaves/{local,cmcc,cucc,ctcc,cecc,others}
[Root@slave/]# Chown-r Named.named/var/named/slaves/{local,cmcc,cucc,ctcc,cecc,others}
[Root@slave named]# cat/usr/local/named/etc/named.conf
Options {
listen-on port {any;};
Directory "/var/named";
Dump-file "/var/named/data/cache_dump.db";
Statistics-file "/var/named/data/named_stats.txt";
Memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query {any;};
recursion Yes;
Bindkeys-file "/usr/local/named/etc/bind.key";
};
Logging {
Channel Default_debug {
File "Data/named.run";
Severity dynamic;
};
Channel Gsquery {
File "Data/query.log" versions 3 size 20m;
Severity info;
Print-time Yes;
Print-category Yes;
Print-severity Yes;
};
Category queries {gsquery;};
};
Key "Rndc-key" {
Algorithm HMAC-MD5;
Secret "izmc23seanm1nksq+1qqxa==";
};
Controls {
inet 127.0.0.1 Port 953
Allow {127.0.0.1} keys {"Rndc-key";};
};
Include "/var/named/named.rfc1912.zones";
[Root@slave named]# Cat/var/named/named.rfc1912.zones
View "Local" {
match-clients {172.28.1.1; local; }; #LOCAL就可以
Transfer-source 172.28.1.1;
allow-notify {172.28.1.1;};
recursion Yes;
Zone "." in {
Type hint;
File "Named.root";
};
Zone "111cn.net" in {
Type slave;
File "Slaves/local/local.111cn.net.zone";
Masters {1.1.1.19;};
};
};
View "CTCC" {
match-clients {172.28.1.2; CTCC; };
Transfer-source 172.28.1.2;
allow-notify {172.28.1.2;};
recursion Yes;
Zone "." in {
Type hint;
File "Named.root";
};
Zone "111cn.net" in {
Type slave;
File "Slaves/ctcc/ctcc.111cn.net.zone";
Masters {1.1.1.19;};
};
};
View "CUCC" {
match-clients {172.28.1.3; CUCC; };
Transfer-source 172.28.1.3;
allow-notify {172.28.1.3;};
recursion Yes;
Zone "." in {
Type hint;
File "Named.root";
};
Zone "111cn.net" in {
Type slave;
File "Slaves/cucc/cucc.111cn.net.zone";
Masters {1.1.1.19;};
};
};
View "CMCC" {
match-clients {172.28.1.4; CMCC; };
Transfer-source 172.28.1.4;
allow-notify {172.28.1.4;};
recursion Yes;
Zone "." in {
Type hint;
File "Named.root";
};
Zone "111cn.net" in {
Type slave;
File "Slaves/cmcc/cmcc.111cn.net.zone";
Masters {1.1.1.19;};
};
};
View "Others" {
match-clients {172.28.1.5; others; };
Transfer-source 172.28.1.5;
allow-notify {172.28.1.5;};
recursion Yes;
Zone "." in {
Type hint;
File "Named.root";
};
Zone "111cn.net" in {
Type slave;
File "Slaves/others/others.111cn.net.zone";
Masters {1.1.1.19;};
};
};
Include "Ctcc.cfg";
Include "Cucc.cfg";
Include "Cmcc.cfg";
Include "Local.cfg";
Include "Others.cfg";
[Root@slave named]#/usr/local/named/sbin/named-compilezone-f raw-f text-o/tmp/111cn.net.txt Slaves/local/local.111cn.net.zone
Zone 111cn.net/in:loaded Serial 2015050101
Dump Zone To/tmp/111cn.net.txt...done
Ok
[Root@slave named]# Cat/tmp/111cn.net.txt
111cn.net in SOA ns1.111cn.net. Admin.111cn.net 2015050101 120 600 604800 10800
111cn.net in NS ns1.111cn.net.
111cn.net in NS ns2.111cn.net.
111cn.net in A 1.1.1.19
Ns1.111cn.net in A 1.1.1.19
Ns2.111cn.net in A 172.28.1.1
Www.111cn.net in A 101.1.1.1
Slave server (TSIG KEY):
[Root@slave named]# Cat Named.rfc1912.zones
View "Local" {
match-clients {key local; local; };
Server 1.1.1.19 {keys local;};
Transfer-source 1.1.1.20;
Allow-notify {1.1.1.20;};
recursion Yes;
Zone "." in {
Type hint;
File "Named.root";
};
Zone "111cn.net" in {
Type slave;
File "Slaves/local/local.111cn.net.zone";
Masters {1.1.1.19;};
};
};
View "CTCC" {
match-clients {key CTCC; CTCC; };
Server 1.1.1.19 {keys CTCC;};
Transfer-source 1.1.1.20;
Allow-notify {1.1.1.20;};
recursion Yes;
Zone "." in {
Type hint;
File "Named.root";
};
Zone "111cn.net" in {
Type slave;
File "Slaves/ctcc/ctcc.111cn.net.zone";
Masters {1.1.1.19;};
};
};
View "CUCC" {
match-clients {key cucc; CUCC; };
Server 1.1.1.19 {keys cucc;};
Transfer-source 1.1.1.20;
Allow-notify {1.1.1.20;};
recursion Yes;
Zone "." in {
Type hint;
File "Named.root";
};
Zone "111cn.net" in {
Type slave;
File "Slaves/cucc/cucc.111cn.net.zone";
Masters {1.1.1.19;};
};
};
View "CMCC" {
match-clients {key CMCC; CMCC; };
Server 1.1.1.19 {keys cmcc;};
Transfer-source 1.1.1.20;
Allow-notify {1.1.1.20;};
recursion Yes;
Zone "." in {
Type hint;
File "Named.root";
};
Zone "111cn.net" in {
Type slave;
File "Slaves/cmcc/cmcc.111cn.net.zone";
Masters {1.1.1.19;};
};
};
View "Others" {
match-clients {key others; others; };
Server 1.1.1.19 {keys others;};
Transfer-source 1.1.1.20;
Allow-notify {1.1.1.20;};
recursion Yes;
Zone "." in {
Type hint;
File "Named.root";
};
Zone "111cn.net" in {
Type slave;
File "Slaves/others/others.111cn.net.zone";
Masters {1.1.1.19;};
};
};
Include "Ctcc.cfg";
Include "Cucc.cfg";
Include "Cmcc.cfg";
Include "Local.cfg";
Include "Others.cfg";
Include "Keys/cmcc.key";
Include "Keys/ctcc.key";
Include "Keys/cucc.key";
Include "Keys/local.key";
Include "Keys/others.key";
MASTR log:
[Root@master named]#/usr/local/named/sbin/rndc Reload
MASTER named[15783]: Zone 111cn.net/in/cmcc:loaded serial 2015050401
MASTER named[15783]: Zone 111cn.net/in/cmcc:sending notifies (serial 2015050401)
MASTER named[15783]: Client 1.1.1.19#38731:view others:received notify for zone ' 111cn.net '
MASTER named[15783]: Client 172.28.1.4#46615 (111cn.net): View cmcc:transfer of ' 111cn.net/in ': Axfr-style IXFR started
MASTER named[15783]: Client 172.28.1.4#46615 (111cn.net): View cmcc:transfer of ' 111cn.net/in ': Axfr-style IXFR Ended
MASTER named[15783]: Client 1.1.1.20#32818:view others:received notify for zone ' 111cn.net '
Slave log:
Slave named[2464]: Zone 111cn.net/in/cucc:sending notifies (serial 2015050303)
Slave named[2464]: Client 1.1.1.20#39845:view others:received notify for zone ' 111cn.net '
Slave named[2464]: Zone 111cn.net/in/others:refused notify from non-master:1.1.1.20#39845
Slave named[2464]: Client 1.1.1.19#47047:view others:received notify for zone ' 111cn.net '
Slave named[2464]: Zone 111cn.net/in/others:notify from 1.1.1.19#47047:zone be up to date
Slave named[2464]: Zone 111cn.net/in/cmcc:transfer started.
Slave named[2464]: Transfer of ' 111CN.NET/IN/CMCC ' from 1.1.1.19#53:connected using 172.28.1.4#46615
Slave named[2464]: Zone 111cn.net/in/cmcc:transferred serial 2015050401
Slave named[2464]: Transfer of ' 111CN.NET/IN/CMCC ' from 1.1.1.19#53:transfer status:success
Slave named[2464]: Transfer of ' 111CN.NET/IN/CMCC ' from 1.1.1.19#53:transfer completed:1, 8 messages, records 219, 0.002 secs (109500 bytes/sec)
Slave named[2464]: Zone 111cn.net/in/cmcc:sending notifies (serial 2015050401)
Slave Server dig test:
Queries:info:client 1.1.1.11#49076 (www.111cn.net): View ctcc:query:www.111cn.net in A + (1.1.1.20)
Queries:info:client 1.1.1.18#35667 (www.111cn.net): View cucc:query:www.111cn.net in A + (1.1.1.20)
Queries:info:client 1.1.1.1#64052 (www.111cn.net): View cmcc:query:www.111cn.net in A + (1.1.1.20)
Queries:info:client 1.1.1.20#40230 (www.111cn.net): View others:query:www.111cn.net in A +e (1.1.1.20)
Note: When more than one view of the use of configuration must choose multiple IP mode or adopt Tgis mode can!
Note: Notify does not mean that has been updated, but only to notify the slave server!
0
NOTIFY does not indicate this zone data has changed, but rather that the zone of the data may have. The receiver of the NOTIFY message should query the zone SOA directly to the IP (s) defined in the zone ' s Masters stateme NT.
Test environment Download: http://pan.baidu.com/s/1nuC4csx Password: dwch
Disclaimer: Local testing, not the actual production environment test, there may be bugs, or other unknown problems please forgive me! (If there is anything wrong with the configuration, please correct me!) )
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
