/*
* The architecture automatically resolves DNS servers of different IP addresses based on Telecom and Netcom users
* This article describes how to allow the DNS server to parse different image server IP addresses based on the user's IP address.
* Version: 1.1.0
* Author: phonograph (milk cover)
* Website: http://wuhongsheng.com
* Copyright: (C) 1999-2006 wuhongsheng.com
* Revision:
* Original Source: http://wuhongsheng.com/blog? P = 235
*/
This document is based on FreeBSD and BIND platforms. Win users should be avoided. If there is no FreeBSD basic, do not. Linux or other Unix users can serve as reference documents.
Revision history:
The IP addresses of some Netcom users were revised, the NS section was corrected, some errors were fixed, and common problems were added.
Configuration steps:
1. Preface
2. Software List
3. Install BIND 9
4. Configure BIND 9
5. Test BIND 9
6. Add an NS address
7. Add a domain name
8. Test Domain Name
9. FAQs
I. Preface
This article assumes that you have some experience in FreeBSD operations, understand the daily FreeBSD operations, and have good patience.
After reading the document, you can handle unexpected problems.
This article assumes that you already have a domain name that directs to the operating server, the/etc/rc. conf of the server.
This domain name has been correctly set. In this article, the domain name is ns.naizhao.com and the IP address is 219.132.1.1.
/Etc/rc. conf is set as follows
Hostname = "ns.naizhao.com" # The domain name of the machine. Modify the domain name as appropriate.
Ifconfig_fxp0 = "inet 219.132.1.1 netmask 255.255.255.0" # This line may be different,
Do not copy it. Fxp0 is the NIC on my machine.
2. Software List
The software used in this article can be obtained from the following address. Last updated to 2005/12/12
BIND 9.3.1
Ftp://ftp.isc.org/isc/bind9/9.3.1/bind-9.3.1.tar.gz
3. Install BIND 9
Assume that you have used fetch or wget to/root/For BIND 9 and su is root.
# Tar zxvf bind-9.3.1.tar.gz
# Cd bind-9.3.1
#./Configure
# Make
# Make install
# Make clean
By now, BIND 9 has been installed. If there are any problems during the installation process, it is generally not your character,
Analyze the error information and install the missing package.
4. Configure BIND 9
Don't worry. Check your BIND version.
# Named-v
If you are FreeBSD 4, it is estimated that the prompt you see is similar to the following
Named 8.3.7-REL Sun Dec 12 04:15:36 CST 2004
If you are FreeBSD 5, it is estimated that you will not see the above information. Then let's enter
#/Usr/local/sbin/named-v
This time, no matter whether you are FreeBSD 4 or FreeBSD 5, you will see the following information
BIND 9.3.1
So here, we use/usr/local/sbin/named
Let's get started with configuration.
# Cd/etc/namedb
# Chmod x make-localhost
#./Make-localhost
A localhost. rev and localhost-v6.rev are generated in the current directory. The latter is used for IPv6
Generate the rndc key
#/Usr/local/sbin/rndc-confgen> rndc. conf
Open rndc. conf and
# Use with the following in named. conf, adjusting the allow list as needed:
......
# End of named. conf
Remove the comment # and add it to named. conf.
Edit named. conf
# Ee named. conf
Find
Zone "." {
Type hint;
File "named. root ";
};
Zone "0.0.127.IN-ADDR. ARPA "{
Type master;
File "localhost. rev ";
};
// RFC 3152
Zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa "{
Type master;
File localhost-v6.rev ";
};
// RFC 1886-deprecated
Zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.int "{
Type master;
File localhost-v6.rev ";
};
Use/**/to annotate all the above content
/*
Zone "." {
Type hint;
......
File localhost-v6.rev ";
};
*/
At the end of the named. conf file, add the content in rndc. conf.
Key "rndc-key "{
Algorithm hmac-md5;
Secret "ILzfx8ONk2444ix9jnDfKA = ";
};
Controls {
Inet 127.0.0.1 port 953
Allow {127.0.0.1;} keys {"rndc-key ";};
};
(The above content is for reference only)
Next, it is the main drama in the article.
Add the following content after the content added above:
// Include cnc acl
Include "acl. conf ";
// View add by naizhao
View "view_cnc "{
Match-clients {CNC ;};
Zone "." {
Type hint;
File "named. root ";
};
Zone "0.0.127.IN-ADDR. ARPA "{
Type master;
File "localhost. rev ";
};
Include "master/cnc. def ";
};
View "view_any "{
Match-clients {any ;};
Zone "." {
Type hint;
File "named. root ";
};
Zone "0.0.127.IN-ADDR. ARPA "{
Type master;
File "localhost. rev ";
};
Include "master/telecom. def ";
};
Save the settings.
# Ee acl. conf
Enter the following content:
// Cnc acl list by naizhao
Acl "CNC "{
58.16.0.0/16;
58.17.0.0/17;
58.17.128.0/17;
58.18.0.0/16;
58.19.0.0/16;
58.255.0.0/16;
58.21.0.0/16;
58.22.0.0/15;
58.240.0.0/15;
58.242.0.0/15;
58.244.0.0/15;
58.246.0.0/15;
58.248.0.0/13;
60.0.0.0/13;
60.8.0.0/15;
60.10.0.0/16;
60.11.0.0/16;
60.12.0.0/16;
60.13.0.0/18;
60.13.128.0/17;
60.14.0.0/15;
60.16.0.0/13;
60.24.0.0/14;
60.30.0.0/16;
60.31.0.0/16;
60.208.0.0/13;
60.216.0.0/15;
60.218.0.0/15;
60.220.0.0/14;
61.48.0.0/13;
61.133.0.0/17;
61.134.96.0/19;
61.134.128.0/17;
61.135.0.0/16;
61.137.128.0/17;
61.138.0.0/17;
61.138.128.0/18;
61.139.128.0/18;
61.148.0.0/15;
61.156.0.0/16;
61.158.0.0/16;
61.159.0.0/18;
61.161.0.0/18;
61.161.128.0/17;
61.162.0.0/16;
61.163.0.0/16;
61.167.0.0/16;
61.168.0.0/16;
61.176.0.0/16;
61.179.0.0/16;
61.180.128.0/17;
61.181.0.0/16;
61.182.0.0/16;
61.189.0.0/17;
125.32.0.0/16;
125.40.0.0/13;
202.96.0.0/18;
202.96.64.0/21;
202.96.72.0/21;
202.97.128.0/18;
202.97.224.0/21;
202.97.240.0/20;
202.98.0.0/21;
202.98.8.0/21;
202.99.64.0/19;
202.99.96.0/21;
202.99.128.0/19;
202.99.160.0/21;
202.99.168.0/21;
202.99.176.0/20;
202.99.208.0/20;
202.99.224.0/21;
202.99.232.0/21;
202.99.240.0/20;
202.102.128.0/21;
202.102.224.0/21;
202.102.232.0/21;
202.106.0.0/16;
202.107.0.0/17;
202.108.0.0/16;
202.110.0.0/17;
202.111.128.0/18;
203.93.8.0/24;
203.93.192.0/18;
210.13.128.0/17;
210.14.160.0/19;
210.14.192.0/19;
210.15.32.0/19;
210.15.96.0/19;
210.15.128.0/18;
210.16.128.0/18;
210.21.0.0/16;
210.51.0.0/16;
210.52.128.0/17;
210.53.0.0/17;
210.53.128.0/17;
210.74.96.0/19;
210.74.128.0/19;
210.82.0.0/15;
211.152.0.0/13;
218.7.0.0/16;
218.8.0.0/14;
218.12.0.0/16;
218.21.128.0/17;
218.24.0.0/14;
218.28.0.0/15;
218.56.0.0/14;
218.60.0.0/15;
218.62.0.0/17;
218.67.128.0/17;
218.68.0.0/15;
218.104.0.0/14;
219.154.0.0/15;
219.156.0.0/15;
219.158.0.0/17;
219.158.128.0/17;
219.159.0.0/18;
220.252.0.0/16;
221.0.0.0/15;
221.2.0.0/16;
221.3.0.0/17;
221.3.128.0/17;
221.4.0.0/16;
221.5.0.0/17;
221.5.128.0/17;
221.6.0.0/16;
221.7.0.0/19;
221.7.32.0/19;
221.7.64.0/19;
221.7.96.0/19;
221.7.128.0/17;
221.8.0.0/15;
221.10.0.0/16;
221.11.0.0/17;
221.11.128.0/18;
221.11.192.0/19;
221.12.0.0/17;
221.12.128.0/18;
221.13.0.0/18;
221.13.64.0/19;
221.13.96.0/19;
221.13.128.0/17;
221.14.0.0/15;
221.192.0.0/15;
221.194.0.0/16;
221.195.0.0/16;
221.196.0.0/15;
221.198.0.0/16;
221.199.0.0/19;
221.199.32.0/20;
221.199.128.0/18;
221.199.192.0/20;
221.200.0.0/14;
221.204.0.0/15;
221.206.0.0/16;
221.207.0.0/18;
221.207.64.0/18;
221.207.128.0/17;
221.208.0.0/14;
221.212.0.0/16;
221.213.0.0/16;
221.216.0.0/13;
222.128.0.0/14;
222.132.0.0/14;
222.136.0.0/13;
222.160.0.0/15;
222.162.0.0/16;
222.163.0.0/19;
222.163.32.0/19;
222.163.64.0/18;
222.163.128.0/17;
219.235.56.194;
};
// Cnc acl list by naizhao
# Mkdir master
# Touch master/cnc. def
# Touch master/telecom. def
Complete, followed by testing
5. Test BIND 9
#/Usr/local/sbin/named-gc/etc/namedb/named. conf
Normally, you will see the following information
12-Dec-2005 13:55:46. 772 starting BIND 9.3.1-gc/etc/namedb/named. conf
12-Dec-2005 13:55:46. 816 loading confi