DNS的view功能可以实现不同网段发出同样的请求却得到不同的DNS解析结果,可以有效的分流网络流量,提高访问控制能力。
以下模拟实现对网通电信的解析。
配置如下:
DNS ip地址:192.168.0.57
网通:
# vim /etc/named.conf
1、配置网通的ACL
acl cnc_acl{
172.16.0.0/16;
};
2、编辑网通的视图
view cnc {
match-clients { cnc_acl; };
recursion yes;
};
3、建立并编辑zone.cnc
# vi etc/named.zone.cnc
zone "ws.com" IN {
type master;
file "ws.com.zone";
};
4、编辑zone文件
# vi var/named/ws.com.zone
$TTL 86400
@ IN SOA dns.ws.com. root (
2011108271
3H
15M
1W
1D )
@ IN NS dns.ws.com.
www IN A 192.168.0.57
dns IN A 192.168.0.57
###############################################
电信:
acl tel_acl{
192.168.0.0/24;
};
view tel {
match-clients { tel_acl; };
recursion yes;
include "/etc/named.zone.tel";
};
vi etc/named.zone.tel
zone "ws.com" IN {
type master;
file "ws.com.zone.tel";
};
vi var/named/ws.com.zone.tel
$TTL 86400
@ IN SOA dns.ws.com. root (
2009102905
3H
15M
1W
1D )
@ IN NS dns.ws.com.
www IN A 192.168.0.57
dns IN A 192.168.0.57