用到了bind 9的view功能,按ip地址解析不同的地址
电信地址:192.168.0.210 解析为192.168.0.100
网通地址:192.168.0.213 解析为192.168.0.200
//定义全局配置选项
options {
//配置文件工作目录
directory"/var/named";
//域名转发器
forwarders {
192.168.0.1;
};
};
key "rndc-key" {
algorithm hmac-md5;
secret "dT68MZ0x70oXNKQ59NFpeQ==";
};
//rndc命令使用的控制通道
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
//ip地址访问列表
acl "telecom" {
192.168.0.210;
};
acl "cnc" {
192.168.0.213;
};
//使用view功能时,所有zone必须包含在view里面
//电信
view "telecom" {
//匹配acl列表
match-clients { "telecom"; };
//递归查询
recursion yes;
//定义根区声明
zone "." IN {
type hint;
file "named.ca";
};
//定义localhost正向解析区声明
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
type master;
file "test.zone.telecom";
allow-update { none; };
};
zone "0.168.192.in-addr.arpa" IN {
type master;
file "0.168.192.arpa";
allow-update { none; };
};
};
//网通
view "cnc" {
match-clients { "cnc"; };
recursion yes;
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
type master;
allow-update { none; };
};
zone "0.168.192.in-addr.arpa" IN {
type master;
file "0.168.192.arpa";
allow-update { none; };
};
};
电信地址的zone文件 test.zone.telecom
[/color]
[color=#339999]//定义出这个记录档案面的各项记录的预设TTL 值
$TTL 86400
//ORIGIN设定,说明下面的记录源出何处
//以"."结尾的域名FQDN,如无"."则系统会在后面加上"@"代表的域名
42
3H
15M
1W
1D )
dns 1D IN A 192.168.0.211
www 1D IN A 192.168.0.100
$TTL 86400
42
3H
15M
1W
1D )
dns 1D IN A 192.168.0.211
www 1D IN A 192.168.0.200
反向解析文件 0.168.192.arpa
$TTL 86400
1997022700
28800
14400
3600000
86400 )
里面不能缺少dns的PTR记录,否则在客户端用nslookup命令查询时会有错误提示 :
** Can't find server name for address 192.168.0.211: Non-existent domain
*** Default servers are not available
Default Server: UnKnown
Address: 192.168.0.211
正确的提示为:
Address: 192.168.0.211[/color]