一、什麼是子域授權
DNS是一顆倒扣的樹,每一個下級區域(子域)都是上一級(父域)授權而來的節點
例如:
一個公司申請了一個jeffery.com.的域名,它有兩個子公司,兩個子域分別爲manpower.jeffery.com.和fin.jeffery.com.框架如圖所示:
父域主機ip:192.168.220.100
子域主機ip:192.168.220.101
二、子域授權的配置
①父域授權配置:/etc/named.conf
options {
directory "/var/named/";
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "named.localhost";
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.loopback";
};
zone "jeffery.org" IN { ## 父域的區域文件定義
type master; ##
file "jeffery.org.zone"; ##父域區域文件名+位置
};②父域區域文件定義/var/named/jeffery.org.zone
$TTL 1D @ IN SOA ns.jeffery.org. admin.jeffery.com. ( 200 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum IN NS ns.jeffery.org. ns IN A 192.168.220.100 fin.jeffery.org. IN NS ns.fin.jeffery.org. ##指定子域的DNS位置 ns.fin.jeffery.org. IN A 192.168.220.101 ##指定子域的DNS的A記錄 www IN A 1.1.1.1 ftp IN A 2.2.2.2
①子域主配置文件/etc/named.conf
options {
directory "/var/named/";
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "named.localhost";
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.loopback";
};
zone "fin.jeffery.org" IN { ##子域區域文件定義
type master; ##
file "fin.jeffery.org.zone"; ##子域區域文件名+位置
};②子域區域文件的配置/var/named/fin.jeffery.org.zone
$TTL 1D @ IN SOA ns.fin.jeffery.org. admin.fin.jeffery.com. ( 200 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum IN NS ns.fin.jeffery.org. ns IN A 192.168.220.101 www IN A 3.3.3.3 ftp IN A 4.4.4.4 ##正常的區域解析配置
測試:
測試成功~~