這裏寫了基本的CDN工作原理
還有這裏
*(這裏貌似是一本書的部分章節,有興趣的可以瞭解下)
[root@mail ~]# vim /etc/nsswitch.conf (這裏面定義瞭解析先找那個文件)
[root@mail ~]# vim /etc/resolv.conf (這裏自定義DNS服務器,最多指定三臺)
試驗環境
192.168.10.14 dns-view
192.168.10.15 dxview
192.168.10.13 ltview
開始試驗
dns-view 這裏更改
[root@mail named]# vim /etc/named.conf
view "dxview" {
match-clients { 192.168.10.15; };
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones"; (這個引導文件路勁別忘記加上)
zone "abc.com" IN {
type master;
file "dx.abc.com.zone";
};
};
view "ltview" {
match-clients { 192.168.10.13; }; (多個ip用分號隔開)
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
zone "abc.com" IN {
type master;
file "lt.abc.com.zone";
};
};
view "qitaview" {
match-clients { any; };
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
zone "abc.com" IN {
type master;
file "lt.abc.com.zone";
};
};
[root@mail named]# cd /var/named/ (創建對應的數據文件)
[root@mail named]# ls
chroot dx.abc.com.zone lt.abc.com.zone named.empty named.loopback
data dynamic named.ca named.localhost slaves
[root@mail named]# diff dx.abc.com.zone lt.abc.com.zone
10c10
< www A 1.1.1.1
---
> www A 2.2.2.2
[root@mail named]# cat dx.abc.com.zone(內容)
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS @
A 192.168.10.14
www A 1.1.1.1
客戶端別忘記指定DNS----192.168.10.14(當然也可以使用server指定)
但是呢有個問題,那麼多ip不可能都寫進配置字段吧?解決方法
ACL參數控制
acl "qita" { any; }; acl+名字+ip或網段
view "qitaview" {
match-clients { qita; }; (這裏直接寫acl的名字即可)
好像輕鬆了一些,但感覺還是很亂?解決方法
#acl "qita" { any; };
include "/etc/qitaip"; (添加一個引導文件,在文件裏面寫acl)
view "qitaview" {
match-clients { qita; };
*(注意include的/etc/qitaip,是放在真實路徑下的,ps -ef可以看出來,這裏就是/var/named/chroot/etc/)
dns-view主從
類似於dns的主從
view的數量決定你從機網卡的數量
現在我選擇15作爲從機,就只做一個view的同步,我選取qitaip做實驗
小插曲(灰常有意思,同樣的配置,同樣的系統,同樣版本的軟件。有一臺機器怎麼調試都不好使。。。搗鼓了一大頓,先把實驗貼出來吧)
如果大家做的途中出現什麼問題請參考下這裏是個思路,大部分思路都是如此。耐心
*(哪位大神知道此問題的解決方法,歡迎評論給下連接---slave文件死活同步不過來)
關閉防火牆和selinux
******************主機**********************
[root@192 named]# vim /etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options { //服務器的全局配置選項及一些默認設置
listen-on port 53 { any; }; //監聽端口,也可寫爲 { 127.0.0.1; 192.168.10.20; }
# listen-on-v6 port 53 { ::1; }; //對ip6支持
directory "/var/named"; //區域文件存儲目錄
dump-file "/var/named/data/cache_dump.db"; //dump cach的目錄directory
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; }; //指定允許進行查詢的主機,當然是要所有的電腦都可以查啦
recursion yes; //設置進行遞歸查詢
allow-transfer { 192.168.10.21; }; //指定允許接受區域傳送請求的主機,說明白一點就是輔dns的ip
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging { //指定服務器日誌記錄的內容和日誌信息來源
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
include "/etc/qitaip";
view "qitaview" {
match-clients { "qita"; 192.168.10.21; };
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones"; //包含文件,這裏也就是載入/etc/named.rfc1912.zones
zone "abc.com" IN {
type master;
file "lt.abc.com.zone";
notify yes;
also-notify { 192.168.10.21; };
allow-update { none; };
allow-transfer { 192.168.10.21; };
};
};
#include "/etc/named.root.key";
***********************從機************************
[root@localhost tmp]# vim /etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
listen-on port 53 { any; };
# listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
#include "/etc/named.root.key";
[root@localhost tmp]# vim /etc/named.rfc1912.zones
// named.rfc1912.zones:
//
// Provided by Red Hat caching-nameserver package
//
// ISC BIND named zone configuration for zones recommended by
// RFC 1912 section 4.1 : localhost TLDs and address zones
// and http://www.ietf.org/internet-drafts/draft-ietf-dnsop-default-local-zones-02.txt
// (c)2007 R W Franks
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
#zone "localhost.localdomain" IN {
# type master;
# file "named.localhost";
# allow-update { none; };
#};
include "/etc/qitaip"
view "qitaview" {
matchclients { "qita"; 192.168.10.21; };
transfer-source 192.168.10.21;
recursion yes;
zone "abc.com" IN {
type slave;
masters { 192.168.10.20; };
file "slaves/lt.abc.com.zone";
#allow-update { none;};
masters { 192.168.10.20; };
allow-update { none;};
};
#zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
# type master;
# file "named.loopback";
# allow-update { none; };
#};
# allow-update { none; };
#zone "0.in-addr.arpa" IN {
# type master;
# file "named.empty";
# allow-update { none; };
#};
修改完配置文件先重啓主機再重啓從機!!!!!!!
遇到的問題:
之前升級過yum源碼,前後軟件的依賴關係,版本注意下
http://ju.outofmemory.cn/entry/245070