DNS的view功能可以實現不同網段發出同樣的請求卻得到不同的DNS解析結果,可以有效的分流網絡流量,提高訪問控制能力。
以下模擬實現對網通電信的解析。
配置如下:
DNS ip地址:192.168.0.57
網通:
# vim /etc/named.conf
1、配置網通的ACL
acl cnc_acl{
172.16.0.0/16;
};
2、編輯網通的視圖
view cnc {
match-clients { cnc_acl; };
recursion yes;
};
3、建立並編輯zone.cnc
# vi etc/named.zone.cnc
zone "ws.com" IN {
type master;
file "ws.com.zone";
};
4、編輯zone文件
# vi var/named/ws.com.zone
$TTL 86400
@ IN SOA dns.ws.com. root (
2011108271
3H
15M
1W
1D )
@ IN NS dns.ws.com.
www IN A 192.168.0.57
dns IN A 192.168.0.57
###############################################
電信:
acl tel_acl{
192.168.0.0/24;
};
view tel {
match-clients { tel_acl; };
recursion yes;
include "/etc/named.zone.tel";
};
vi etc/named.zone.tel
zone "ws.com" IN {
type master;
file "ws.com.zone.tel";
};
vi var/named/ws.com.zone.tel
$TTL 86400
@ IN SOA dns.ws.com. root (
2009102905
3H
15M
1W
1D )
@ IN NS dns.ws.com.
www IN A 192.168.0.57
dns IN A 192.168.0.57