Linux DNS View instance operation of cerebral fissure (iv)

DNS views

Bind view:
View, Split (split-brain) dual-line access. such as: Telecommunications and Unicom dual-line access
The same name is resolved to a different address depending on the source of the client;

Case: We next configure the internal and external network bidirectional resolution DNS server: the same name resolution, assigned to a different IP address

Experimental conditions: We here in order to facilitate the understanding of the operation directly on the server to add two network card, (in real-world operation as long as the DNS server can communicate) the actual operation as follows!!

We are the way to explain: convenient operation set the following address (you understand.) ）

650) this.width=650; "title=" 0201.jpg "src=" http://s3.51cto.com/wyfs02/M02/44/B3/ Wkiom1piqtnifizoaaewuypkgqg404.jpg "alt=" Wkiom1piqtnifizoaaewuypkgqg404.jpg "/>
Instance:

Main configuration: Main profile settings, copy the root domain to the secondary configuration file, look at the configuration file!!
#vim/etc/named.conf
Options {
Listen-on Port 53 {127.0.0.1;};
Listen-on-v6 Port 53 {:: 1;};
Directory "/var/named";
Dump-file "/var/named/data/cache_dump.db";
Statistics-file "/var/named/data/named_stats.txt";
Memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query {localhost;};
Recursion Yes,------------------------the main configuration is commented out here, we specify it separately in the view

Dnssec-enable Yes;
Dnssec-validation Yes;
Dnssec-lookaside Auto;

/* Path to ISC DLV key */
Bindkeys-file "/etc/named.iscdlv.key";

Managed-keys-directory "/var/named/dynamic";
};

Logging {
Channel Default_debug {
File "Data/named.run";
Severity dynamic;
};
};
Include "/etc/named.rfc1912.zones";
Include "/etc/named.root.key";

Secondary configuration files:
[Email protected] ~]# Vim/etc/named.rfc1912.zones
Named.rfc1912.zones:
//
Provided by the Red Hat Caching-nameserver Package
//
ISC BIND named zone configuration for zones recommended by
RFC 1912 Section 4.1:localhost TLDs and address zones
and Http://www.ietf.org/internet-drafts/draft-ietf-dnsop-default-local-zones-02.txt
(c) R W Franks
//
See/usr/share/doc/bind*/sample/for example named configuration files.
//
View Ning {--------------------------------------------------Specifies the name of the split region can be defined by itself
match-clients {172.16.3.0/16; 127.0.0.1;}; The range of addresses to be accessed------the specified intranet
recursion yes;--------------------------supports recursive queries.
Zone "Hong.com" in {------------------specified range:
Type master;
File "Hong.com.zone1";--------------Specify the name of the intranet library file to be created under/var/named/
};
Zone "." In {-----------------copy root parsing from/etc/named.conf to/etc/named.rfc1912.zones here
Type hint;
File "named.ca";
};
Zone "Localhost.localdomain" in {
Type master;
File "Named.localhost";
allow-update {none;};
};

Zone "localhost" in {
Type master;
File "Named.localhost";
allow-update {none;};
};

Zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" in {
Type master;
File "Named.loopback";
allow-update {none;};
};

Zone "1.0.0.127.in-addr.arpa" in {
Type master;
File "Named.loopback";
allow-update {none;};
};

Zone "0.in-addr.arpa" in {
Type master;
File "Named.empty";
allow-update {none;};
};
Zone "ning.com." in {
Type master;
File "Ning.com.zone";
allow-update {none;};
//};
Zone "3.16.172.in-addr.arpa." in {
Type master;
File "172.16.3.zone";
//};
};
View Liang {-------------------------Specify split area
match-clients {any;}; --------------specifies that all of the above libraries are parsed.
Recursion no;------------------do not support recursive queries (extranet access)
Zone "Hong.com" in {----------specified area
Type master;
File "Hong.com.zone2";---------------Specifies the name of the parse library file except for intranet access.
};
};

Below we say, the configuration in the library:
[Email protected] ~]# vim/var/named/hong.com.zone1

$TTL 3600
$ORIGIN hong.com.
@ in SOA ns.hong.com ning.qq.com (
20140860
1H
3M
3D
1D)
In NS NS
NS in A 172.16.3.1
www in A 172.16.3.2-----Intranet Resolution Address
[Email protected] ~]# Vim/var/named/hong.com.zone2

$TTL 3600
$ORIGIN hong.com.
@ in SOA ns.hong.com ning.qq.com (
20140860
1H
3M
3D
1D)
In NS NS
NS in A 172.16.3.1
Address of the WWW in A 192.168.1.2----External network

Test:

#dig-T A www.hong.com @127.0.0.1

Test commands in XP:

650) this.width=650; "title=" XP test. jpg "src=" http://s3.51cto.com/wyfs02/M01/44/B7/wKiom1PiTpCSMfTJAAFW4cmNO_ Q249.jpg "alt=" Wkiom1pitpcsmftjaafw4cmno_q249.jpg "/>

This article is from the "struggling People" blog, be sure to keep this source http://wodemeng.blog.51cto.com/1384120/1536671