DNS subdomain and related authorization under Linux
The forward feature is a domain name that cannot be resolved locally and is forwarded to the specified DNS server
Forward only; All unresolved domain names are forwarded to the specified DNS server and must have parse results
Forward first; the unresolved domain name, forwarded to the specified DNS server, if the specified DNS server cannot be resolved,
Forwarding resolution to the root through its own DNS server
Forwarders {specify DNS server;}; If the local DNS cannot be resolved, forwarding the resolved domain name to the specified DNS server
Note forward is used in conjunction with forwarders
2. To build the primary domain and subdomain, the requirements are as follows:
A. The primary domain is WILLOW.COM,IP to 1.1.1.18
B. Subdomain is a.willow.com,ip to 1.1.1.20
C. If the subdomain cannot resolve the willow.com primary domain, point the forwarder to the primary domain willow.com, and the other domain name resolves itself
D. If the subdomain cannot resolve all non-local domain names, point the forwarder to the primary domain willow.com
2.1. Add the main domain willow.com configuration file, the method does not change the same as before the blog to build DNS
Vim/etc/named.conf, add the following:
Options {
Directory "/var/named";
allow-recursion {1.1.1.0/24;};
notify yes;
Also-notify {1.1.1.19;};
};
Zone "." in {
Type hint;
File "named.ca";
};
Zone "localhost" in {
Type master;
File "Named.localhost";
allow-transfer {none;};
};
Zone "0.0.127.in-addr.arpa" in {
Type master;
File "Named.loopback";
allow-transfer {none;};
};
Zone "Willow.com" {
Type master;
File "Willow.com.zone";
allow-transfer {1.1.1.19;};
};
Zone "1.1.1.in-addr.arpa" in {
Type master;
File "1.1.1.zone";
allow-transfer {1.1.1.19;};
};
2.2. new Willow.com.zone forward zone file
Vim/var/named/willow.com.zone primarily adds NS and a records for subdomain a.wilow.com to the configuration file
$TTL 600
Willow.com. In SOA ns1.willow.com. Root.willow.com. (
20160521
1H
10M
3D
1D)
Willow.com. In NS ns1
Willow.com. In NS ns2
In MX ten Mail
A in NS ns1.a
ns1.a in a 1.1.1.20
NS1 in A 1.1.1.18
NS2 in A 1.1.1.19
Mail.willow.com. In A 1.1.1.23
www in A 1.1.1.30
www in A 1.1.1.31
www in A 1.1.1.32
FTP in CNAME www.willow.com.
Hello in A 1.1.1.33
2.3. Add named.conf file for subdomain a.willow.com
If the subdomain cannot resolve all non-local domain names, point the forwarder to the primary domain willow.com
Vim/etc/named.conf adds the following:
Options {
Directory "/var/named";
forward first; #开启转发功能
Forwarders {1.1.1.18;}; #转发器指定主域
};
Zone "." in {
Type hint;
File "named.ca";
};
Zone "localhost" in {
Type master;
File "Named.localhost";
Allow-transfer {none;};
};
Zone "0.0.127.in-addr.arpa" in {
Type master;
File "Named.loopback";
Allow-transfer {none;};
};
Zone "A.willow.com" {
Type master;
File "A.willow.com.zone";
};
2.4. Add a forward zone file for subdomain a.willow.com
Vim/var/named/a.willow.com, add the following:
$TTL 600
A.willow.com. In SOA ns1.a.willow.com. Root.a.willow.com. (
20160516
1H
10M
3D
1D)
A.willow.com. In NS ns1
In MX ten Mail
NS1 in A 1.1.1.20
Mail in A 1.1.1.223
www in A 1.1.1.224
DNS servers such as the above subdomain authorization are established and can be tested and used properly
2.5. If the subdomain cannot resolve the willow.com primary domain, point the forwarder to the primary domain willow.com, and the other domain name resolves itself
Modify only the subdomain Master profile named.conf
Options {
Directory "/var/named";
};
Zone "." in {
Type hint;
File "named.ca";
};
Zone "localhost" in {
Type master;
File "Named.localhost";
Allow-transfer {none;};
};
Zone "0.0.127.in-addr.arpa" in {
Type master;
File "Named.loopback";
Allow-transfer {none;};
};
Zone "A.willow.com" {
Type master;
File "A.willow.com.zone";
};
Zone "Willow.com" {
Type forward;
Forward first;
Forwarders {1.1.1.18;};
};
Please note that the forward and forwarders placement are different, the effect is not the same, one placed in the options, the other in the Zone command unit, please look carefully, ha!
This article is from the "Xavier Willow" blog, please be sure to keep this source http://willow.blog.51cto.com/6574604/1774364
DNS subdomain and related authorization under Linux