DNS子域授权
2016-07-10 15:03
246 查看
DNS子域授权
正向区域:
SUB_ZONE_NAME IN NS NSSERVER_SUB_ZONE_NAME
NSSERVER_SUB_ZONE_NAME IN A IP
.com
mylinux.com. IN NS ns1.mylinux.com.
IN NS ns2.mylinux.com.
ns1.mylinux.com. IN A 192.168.10.2
ns2.mylinux.com. IN A 192.168.10.3
--------------------------------------------
在mylinux.com 下添加2个子域类容如下
mylinux.com.
fin.mylinux.com. IN NS ns1.fin.mylinux.com.
ns1.fin.mylinux.com. IN A 192.168.10.4
1.在主服务器上定义。vim /var/named/mylinux.com.zone(子域和父域可以不再同一个网络中)
[root@localhost ~]# vim /var/named/mylinux.com.zone
$TTL 600
@ IN SOA ns1.mylinux.com. admin.mylinux.com. (
20170709
1H
5M
2D
6H)
IN NS ns2
IN NS ns1
IN MX 10 mail
ns2 IN A 192.168.10.3
ns1 IN A 192.168.10.2
mail IN A 192.168.10.4
www IN A 192.168.10.2
www IN A 192.168.10.3
ftp IN CNAME www
mylinux.com. IN A 192.168.10.3
*.mylinux.com. IN A 192.168.10.3
fin IN NS ns1.fin
fin IN NS ns2.fin
ns1.fin IN A 192.168.10.8
ns2.fin IN A 192.168.10.9
market IN NS ns1.market
ns1.market IN A 192.168.10.20
[root@localhost ~]# rndc reload 让服务器重读一下
server reload successful
在查看从服务器得到配置没有。从服务器得到配置后表面工作正常
2.下一步安装子域名服务器
和从服务器安装过程一样
[root@localhost yum.repos.d]# yum list all |grep bind
[root@localhost yum.repos.d]# yum remove bind-libs
[root@localhost yum.repos.d]# yum remove bind-utils
yum install bind.i686
网络配置
DNS指向自己
子域:fin.mylinux.com
关闭selinux
清空防火墙规则 iptables -F
[root@localhost yum.repos.d]# mv /etc/named.conf /etc/named.conf.back
[root@localhost yum.repos.d]# scp root@192.168.10.3:/etc/named.conf /etc
[root@localhost yum.repos.d]# chgrp named /etc/named.conf
[root@localhost yum.repos.d]# vi /etc/named.conf
options {
directory "/var/named";
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" {
type master;
file "named.localhost";
allow-transfer { none; };
};
zone "fin.mylinux.com" {
type master;
file "fin.mylinux.com";
allow-transfer { none; };
};
zone "0.0.127.in-addr.arpa" {
type master;
file "named.loopback";
allow-transfer { none; };
};
[root@localhost named]# scp root@192.168.10.2:/var/named/mylinux.com.zone /var/named 从主服务器上复制过来进行修改
[root@localhost named]# chgrp named mylinux.com.zone
[root@localhost named]# mv mylinux.com.zone fin.mylinux.com
[root@localhost named]# vim fin.mylinux.com
$TTL 600
@ IN SOA ns1.fin.mylinx.com. admin.fin.mylinux.com. (
2016071001
1H
3M
1D
1H
)
IN NS ns1
IN MX 9 mail
ns1 IN A 192.168.10.4
mail IN A 192.168.10.100
www IN A 192.168.10.101
----------------------------------------------------
搭建完成:
默认清空下子域是不知道父域的。
forward {only解析不了后转发给制定的服务器|firest先转发,不返回答案就找根}
设置子域服务器,让其转发给父域
[root@localhost named]# vim /etc/named.conf
options {
directory "/var/named";
forward first;
forwarders { 192.168.10.2; }; (全局转发,除了fin.mylinux.com域意外全部转发给主服务器)
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" {
type master;
file "named.localhost";
allow-transfer { none; };
};
zone "fin.mylinux.com" {
type master;
file "fin.mylinux.com";
allow-transfer { none; };
};
zone "0.0.127.in-addr.arpa" {
type master;
file "named.loopback";
allow-transfer { none; };
};
--------------------------------------------------------------------------------------------
options {
directory "/var/named";
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" {
type master;
file "named.localhost";
allow-transfer { none; };
};
zone "fin.mylinux.com" {
type master;
file "fin.mylinux.com";
allow-transfer { none; };
};
zone "0.0.127.in-addr.arpa" {
type master;
file "named.loopback";
allow-transfer { none; };
};
zone "mylinux.com" IN {
type forward; (单独定义一个区域,仅转发此区域)
forward first;
forwarders { 192.168.10.2; };
};
正向区域:
SUB_ZONE_NAME IN NS NSSERVER_SUB_ZONE_NAME
NSSERVER_SUB_ZONE_NAME IN A IP
.com
mylinux.com. IN NS ns1.mylinux.com.
IN NS ns2.mylinux.com.
ns1.mylinux.com. IN A 192.168.10.2
ns2.mylinux.com. IN A 192.168.10.3
--------------------------------------------
在mylinux.com 下添加2个子域类容如下
mylinux.com.
fin.mylinux.com. IN NS ns1.fin.mylinux.com.
ns1.fin.mylinux.com. IN A 192.168.10.4
1.在主服务器上定义。vim /var/named/mylinux.com.zone(子域和父域可以不再同一个网络中)
[root@localhost ~]# vim /var/named/mylinux.com.zone
$TTL 600
@ IN SOA ns1.mylinux.com. admin.mylinux.com. (
20170709
1H
5M
2D
6H)
IN NS ns2
IN NS ns1
IN MX 10 mail
ns2 IN A 192.168.10.3
ns1 IN A 192.168.10.2
mail IN A 192.168.10.4
www IN A 192.168.10.2
www IN A 192.168.10.3
ftp IN CNAME www
mylinux.com. IN A 192.168.10.3
*.mylinux.com. IN A 192.168.10.3
fin IN NS ns1.fin
fin IN NS ns2.fin
ns1.fin IN A 192.168.10.8
ns2.fin IN A 192.168.10.9
market IN NS ns1.market
ns1.market IN A 192.168.10.20
[root@localhost ~]# rndc reload 让服务器重读一下
server reload successful
在查看从服务器得到配置没有。从服务器得到配置后表面工作正常
2.下一步安装子域名服务器
和从服务器安装过程一样
[root@localhost yum.repos.d]# yum list all |grep bind
[root@localhost yum.repos.d]# yum remove bind-libs
[root@localhost yum.repos.d]# yum remove bind-utils
yum install bind.i686
网络配置
DNS指向自己
子域:fin.mylinux.com
关闭selinux
清空防火墙规则 iptables -F
[root@localhost yum.repos.d]# mv /etc/named.conf /etc/named.conf.back
[root@localhost yum.repos.d]# scp root@192.168.10.3:/etc/named.conf /etc
[root@localhost yum.repos.d]# chgrp named /etc/named.conf
[root@localhost yum.repos.d]# vi /etc/named.conf
options {
directory "/var/named";
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" {
type master;
file "named.localhost";
allow-transfer { none; };
};
zone "fin.mylinux.com" {
type master;
file "fin.mylinux.com";
allow-transfer { none; };
};
zone "0.0.127.in-addr.arpa" {
type master;
file "named.loopback";
allow-transfer { none; };
};
[root@localhost named]# scp root@192.168.10.2:/var/named/mylinux.com.zone /var/named 从主服务器上复制过来进行修改
[root@localhost named]# chgrp named mylinux.com.zone
[root@localhost named]# mv mylinux.com.zone fin.mylinux.com
[root@localhost named]# vim fin.mylinux.com
$TTL 600
@ IN SOA ns1.fin.mylinx.com. admin.fin.mylinux.com. (
2016071001
1H
3M
1D
1H
)
IN NS ns1
IN MX 9 mail
ns1 IN A 192.168.10.4
mail IN A 192.168.10.100
www IN A 192.168.10.101
----------------------------------------------------
搭建完成:
默认清空下子域是不知道父域的。
forward {only解析不了后转发给制定的服务器|firest先转发,不返回答案就找根}
设置子域服务器,让其转发给父域
[root@localhost named]# vim /etc/named.conf
options {
directory "/var/named";
forward first;
forwarders { 192.168.10.2; }; (全局转发,除了fin.mylinux.com域意外全部转发给主服务器)
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" {
type master;
file "named.localhost";
allow-transfer { none; };
};
zone "fin.mylinux.com" {
type master;
file "fin.mylinux.com";
allow-transfer { none; };
};
zone "0.0.127.in-addr.arpa" {
type master;
file "named.loopback";
allow-transfer { none; };
};
--------------------------------------------------------------------------------------------
options {
directory "/var/named";
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" {
type master;
file "named.localhost";
allow-transfer { none; };
};
zone "fin.mylinux.com" {
type master;
file "fin.mylinux.com";
allow-transfer { none; };
};
zone "0.0.127.in-addr.arpa" {
type master;
file "named.loopback";
allow-transfer { none; };
};
zone "mylinux.com" IN {
type forward; (单独定义一个区域,仅转发此区域)
forward first;
forwarders { 192.168.10.2; };
};
相关文章推荐
- 如何使用 bind 设置 DNS 服务器
- 网友问答之:AD、DNS转发器、WINS不能自动启动
- 使用批处理命令设置windows系统的ip地址和dns附图
- 保护DNS服务器的几点方法小结
- DNS的工作原理图解说明
- 计算机名DNS网关IP(大家可以用来学习)
- CMD和vbs修改 IP地址及DNS的实现代码
- PHP中PDO连接数据库中各种DNS设置方法小结
- linux下如何快速让DNS修改生效
- linux中查询dns示例
- MySQL DNS的使用过程详细分析
- winmydns DNS服务器架设
- Shell脚本获取本地网卡IP、mac地址、子网掩码、dns IP、外网IP
- windows服务器 的DNS服务器备份与还原步骤小结
- 浅析PHP程序防止ddos,dns,集群服务器攻击的解决办法
- Linux命令行修改IP、网关、DNS的方法
- 用VBS设置静态IP和DNS服务器地址的代码
- Linux下用dnsmasq做dns cache server的配置方法
- Win7+xp命令行 一键修改IP、DNS
- Windows Server 2008 R2 DNS 服务器迁移方法