一、什麼是子域授權
DNS是一顆倒扣的樹,每一個下級區域(子域)都是上一級(父域)授權而來的節點
例如:
一個公司申請了一個jeffery.com.的域名,它有兩個子公司,兩個子域分別爲manpower.jeffery.com.和fin.jeffery.com.框架如圖所示:
父域主機ip:192.168.220.100
子域主機ip:192.168.220.101
二、子域授權的配置
①父域授權配置:/etc/named.conf
options { directory "/var/named/"; }; zone "." IN { type hint; file "named.ca"; }; zone "localhost" IN { type master; file "named.localhost"; }; zone "0.0.127.in-addr.arpa" IN { type master; file "named.loopback"; }; zone "jeffery.org" IN { ## 父域的區域文件定義 type master; ## file "jeffery.org.zone"; ##父域區域文件名+位置 };
②父域區域文件定義/var/named/jeffery.org.zone
$TTL 1D @ IN SOA ns.jeffery.org. admin.jeffery.com. ( 200 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum IN NS ns.jeffery.org. ns IN A 192.168.220.100 fin.jeffery.org. IN NS ns.fin.jeffery.org. ##指定子域的DNS位置 ns.fin.jeffery.org. IN A 192.168.220.101 ##指定子域的DNS的A記錄 www IN A 1.1.1.1 ftp IN A 2.2.2.2
①子域主配置文件/etc/named.conf
options { directory "/var/named/"; }; zone "." IN { type hint; file "named.ca"; }; zone "localhost" IN { type master; file "named.localhost"; }; zone "0.0.127.in-addr.arpa" IN { type master; file "named.loopback"; }; zone "fin.jeffery.org" IN { ##子域區域文件定義 type master; ## file "fin.jeffery.org.zone"; ##子域區域文件名+位置 };
②子域區域文件的配置/var/named/fin.jeffery.org.zone
$TTL 1D @ IN SOA ns.fin.jeffery.org. admin.fin.jeffery.com. ( 200 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum IN NS ns.fin.jeffery.org. ns IN A 192.168.220.101 www IN A 3.3.3.3 ftp IN A 4.4.4.4 ##正常的區域解析配置
測試:
測試成功~~