中文字幕在线观看,亚洲а∨天堂久久精品9966,亚洲成a人片在线观看你懂的,亚洲av成人片无码网站,亚洲国产精品无码久久久五月天

智能DNS的安裝與配置的詳細(xì)教程

2018-09-14    來(lái)源:愛(ài)站科技

容器云強(qiáng)勢(shì)上線!快速搭建集群,上萬(wàn)Linux鏡像隨意使用

  今天小編跟大家分享一篇關(guān)于智能DNS的安裝與配置的詳細(xì)教程,感興趣的朋友跟小編一起來(lái)了解一下吧!

  注:對(duì)于配置智能DNS,主要用途為:1、解決網(wǎng)通與電信問(wèn)題 2、實(shí)現(xiàn)區(qū)域規(guī)劃(不同區(qū)域訪問(wèn)各自最近的服務(wù)器),下面以解決網(wǎng)通與電信連接問(wèn)題的配置。至于實(shí)現(xiàn)2的功能,只需稍加更改即可。

  一、DNS服務(wù)器安裝......................................................................................... 1

  二、named.conf的配置....................................................................................... 2

  三、更新根區(qū)文件:.......................................................................................... 3

  四、建立啟動(dòng)腳本:.......................................................................................... 4

  五、添加一個(gè)NS............................................................................................... 5

  六、添加一個(gè)域名.............................................................................................. 5

  附:獲取IP地址范圍方法:................................................................................. 7

  一、DNS服務(wù)器安裝

  1、 軟件列表

  BIND 9.3.2

  ftp://ftp.isc.org/isc/bind9/9.3.2/bind-9.3.2.tar.gz

  2、 安裝BIND 9

  安裝BIND9:

  # tar zxvf bind-9.3.2.tar.gz

  # cd bind-9.3.2

  # ./configure

  --prefix=/usr/local/named

  --disable-ipv6

  # make && make install

  建立BIND用戶:

  # groupadd bind

  # useradd -g bind -d /usr/local/named -s /sbin/nologin bind

  創(chuàng)建配置文件目錄:

  # mkdir –p /usr/local/named/etc

  # chown bind:bind /usr/local/named/etc

  # chmod 700 /usr/local/named/etc

  二、named.conf的配置

  創(chuàng)建主要的配置文件:

  # vi /usr/local/named/etc/named.conf

  ===========================named.conf=======================

  acl "trust-lan" { 127.0.0.1/8; 192.168.0.0/16;};

  options {

  directory "/usr/local/named/etc/";

  pid-file "/var/run/named/named.pid";

  version "0.0.0";

  datasize 40M;

  allow-transfer {

  "trust-lan";};

  recursion yes;

  allow-notify {

  "trust-lan";

  };

  allow-recursion {

  "trust-lan";

  };

  auth-nxdomain no;

  forwarders {

  202.99.160.68;

  202.99.168.8;};

  };

  logging {

  channel warning

  { file "/var/log/named/dns_warnings" versions 3 size 1240k;

  severity warning;

  print-category yes;

  print-severity yes;

  print-time yes;

  };

  channel general_dns

  { file "/var/log/named/dns_logs" versions 3 size 1240k;

  severity info;

  print-category yes;

  print-severity yes;

  print-time yes;

  };

  category default { warning; };

  category queries { general_dns; };

  };

  zone "." {

  type hint;

  file "named.root";

  };

  acl "CNC" {

  58.16.0.0/16;

  58.17.0.0/17;

  58.17.128.0/17;

  58.18.0.0/16;

  58.19.0.0/16;

  58.20.0.0/16;

  58.21.0.0/16;

  注:這些根據(jù)情況輸入IP地址段

  };

  view "view_cnc" {

  match-clients { CNC; };

  zone "." {

  type hint;

  file "named.root";

  };

  zone "0.0.127.IN-ADDR.ARPA" {

  type master;

  file "localhost.rev";

  };

  include "master/cnc.def";

  };

  view "view_any" {

  match-clients { any; };

  zone "." {

  type hint;

  file "named.root";

  };

  zone "0.0.127.IN-ADDR.ARPA" {

  type master;

  file "localhost.rev";

  };

  include "master/telecom.def";

  };

  添加完成后,保存。三、更新根區(qū)文件:

  # cd /usr/local/named/etc/

  # wget ftp://ftp.internic.org/domain/named.root

  創(chuàng)建PID和日志文件:

  # mkdir /var/run/named/

  # chmod 777 /var/run/named/

  # chown bind:bind /var/run/named/

  # mkdir /var/log/named/

  # touch /var/log/named/dns_warnings

  # touch /var/log/named/dns_logs

  # chown bind:bind /var/log/named/*

  # mkdir master

  # touch master/cnc.def

  # touch master/telecom.def

  生成rndc-key:

  # cd /usr/local/named/etc/

  # ../sbin/rndc-confgen > rndc.conf

  把rndc.conf中:

  # Use with the following in named.conf, adjusting the allow list as needed:

  后面以的部分加到/usr/local/named/etc/named.conf中并去掉注釋

  運(yùn)行測(cè)試:

  # /usr/local/named/sbin/named -gc /usr/local/named/etc/named.conf &

  狀態(tài)檢查:

  # /usr/local/named/sbin/rndc status

  四、建立啟動(dòng)腳本:

  # vi /etc/init.d/named

  ============================== named.sh============================

  #!/bin/bash

  #

  # named a network name service.

  #

  #

  # chkconfig: 545 35 75

  # description: a name server

  #

  if [ `id -u` -ne 0 ]

  then

  echo "ERROR:For bind to port 53,must run as root."

  exit 1

  fi

  case "$1" in

  start)

  if [ -x /usr/local/named/sbin/named ]; then

  /usr/local/named/sbin/named -u bind -c /usr/local/named/etc/named.conf && echo . && echo 'BIND9 server started.'

  fi

  ;;

  stop)

  kill `cat /var/run/named/pid` && echo . && echo 'BIND9 server stopped.'

  ;;

  restart)

  echo .

  echo "Restart BIND9 server"

  $0 stop

  sleep 10

  $0 start

  ;;

  *)

  echo "$0 start | stop | restart"

  ;;

  esac

  ===============================named.sh============================

  # chmod 755 /etc/init.d/named

  # chown root:root /etc/init.d/named

  # chkconfig --add named

  # chkconfig named on 五、添加一個(gè)NS

  在域名的管理網(wǎng)站上,設(shè)定NS服務(wù)器為你安裝的DNS

  六、添加一個(gè)域名

  # cd /usr/local/named/etc/master

  # mkdir cnc

  # mkdir telecom

  # vi cnc.def

  添加

  zone "daoyou.com" {

  type master;

  file "master/cnc/daoyou.com";

  };

  # vi telecom.def

  添加

  zone "daoyou.com" {

  type master;

  file "master/telecom/daoyou.com";

  };

  添加網(wǎng)通的解析,解析到的IP為61.45.55.78

  #vi cnc/daoyou.com

  添加

  $TTL 3600

  $ORIGIN daoyou.com.

  @ IN SOA ns.daoyou.com. root.ns.daoyou.com.(

  2005121013 ;Serial

  3600 ; Refresh ( seconds )

  900 ; Retry ( seconds )

  68400 ; Expire ( seconds )

  15 );Minimum TTL for Zone ( seconds )

  ;

  @ IN NS ns.daoyou.com.

  @ IN A 61.45.55.78

  www IN A 61.45.55.78

  ;

  ;end

  添加電信的解析,解析到的IP為210.75.1.178

  #vi telecom/daoyou.com

  添加

  $TTL 3600

  $ORIGIN daoyou.com.

  @ IN SOA ns.daoyou.com. root.ns.daoyou.com.(

  2005121013 ;Serial

  3600 ; Refresh ( seconds )

  900 ; Retry ( seconds )

  68400 ; Expire ( seconds )

  15 );Minimum TTL for Zone ( seconds )

  ;

  @ IN NS ns.daoyou.com.

  @ IN A 210.75.1.178

  www IN A 210.75.1.178

  ;

  ;end

  #/usr/local/named/sbin/rndc reload

  OK,到此你的DNS服務(wù)器就算是跑起來(lái)了。試一下分別用網(wǎng)通和電信的線路ping一下吧.

  附:獲取IP地址范圍方法:

  1、 利用shell程序獲取IP地址段

  #!/bin/sh

  FILE=/root/study/apnic/ip_apnic

  rm -f $FILE

  wget http://ftp.apnic.net/apnic/stats/apnic/delegated-apnic-latest -O $FILE

  grep 'apnic|CN|ipv4|' $FILE | cut -f 4,5 -d'|'|sed -e 's/|/ /g' | while read ip cnt

  do

  echo $ip:$cnt

  mask=$(cat > cn.net

  NETNAME=`whois $ip@whois.apnic.net | sed -e '/./{H;$!d;}' -e 'x;/netnum/!d' |grep ^netname | sed -e 's/.*: \(.*\)/\1/g' | sed -e 's/-.*//g'`

  case $NETNAME in

  CNC)

  echo $ip/$mask >> CNCGROUP

  ;;

  CHINANET|CNCGROUP)

  echo $ip/$mask >> $NETNAME

  ;;

  CHINANET|CNCGROUP)

  echo $ip/$mask >> $NETNAME

  ;;

  CHINATELECOM)

  echo $ip/$mask >> CHINANET

  ;;

  *)

  echo $ip/$mask >> OTHER

  ;;

  esac

  done

  2、 可以利用網(wǎng)上的資料,下面是最新的信息,然后利awk行成地址段即可。

  wget http://218.66.103.230/vpn_route/cnc.new 新的網(wǎng)通路由表

  wget http://218.66.103.230/vpn_route/chinanet.new 新的電信路由表

  以上就是關(guān)于智能DNS的安裝與配置的詳細(xì)教程,想必都了解了吧,更多相關(guān)內(nèi)容請(qǐng)繼續(xù)關(guān)注愛(ài)站技術(shù)頻道。

標(biāo)簽: dns dns服務(wù) dns服務(wù)器 whois 服務(wù)器 服務(wù)器安裝 腳本 域名 智能dns

版權(quán)申明:本站文章部分自網(wǎng)絡(luò),如有侵權(quán),請(qǐng)聯(lián)系:west999com@outlook.com
特別注意:本站所有轉(zhuǎn)載文章言論不代表本站觀點(diǎn)!
本站所提供的圖片等素材,版權(quán)歸原作者所有,如需使用,請(qǐng)與原作者聯(lián)系。

上一篇:怎樣利用procmail來(lái)防范垃圾郵件?

下一篇:apache的配置詳細(xì)解析