高手請進幫忙配置雙線路的動態DNS
想配置一台動態DNS伺服器。
我這邊有兩條線路,一條是教育網,另外一條是電信。
電信DNS ip:202.103.224.X
教育網DNS ip :210.36.x.x
本人想在DNS伺服器上運行多個BIND,每個BIND為來自內網用戶提供解析,比如
檢查到訪問電信的就用電信的202.103.224.x解析,訪問教育網的使用210.36.x.x解析
要實現是不是需要配置內核,配置netfilter?
運用不同的BIND及運用iptables進行ip地址及埠改寫?
有高手配置實現過嗎?需要內核版本是?
請高手指點,或者有相關的配置文件和網址?
《解決方案》
回復 #1 wcxgo 的帖子
配置雙線路和DNS沒有什麼關係的,除非是外面的來訪問你的伺服器,你可以根據來訪地址,給出不同的
IP地址,以提高訪問速度。
你應該使用路由表來控制出口。
《解決方案》
bind自己就可以解決這個問題
《解決方案》
原帖由 wcxgo 於 2008-4-17 11:46 發表 http://linux.chinaunix.net/bbs/images/common/back.gif
想配置一台動態DNS服務器。
我這邊有兩條線路,一條是教育網,另外一條是電信。
電信DNS ip:202.103.224.X
教育網DNS ip :210.36.x.x
本人想在DNS服務器上運行多個BIND,每個BIND為來自內網用戶提供解析,比如
檢查到訪問電信的就用電信的202.103.224.x解析,訪問教育網的使用210.36.x.x解析
要實現是不是需要配置內核,配置netfilter?
運用不同的BIND及運用iptables進行ip地址及埠改寫?
有高手配置實現過嗎?需要內核版本是?
請高手指點,或者有相關的配置文件和網址?
請參閱 bind manual,有個 view 參數可以針對不同查詢來源回應給不同 ip 結果. 另外一種作法是使用 sortlist 參數,詳細請參閱 bind manual。
--
《解決方案》
樓主,
另外一種作法是使用 sortlist 參數,請問有沒有中文手冊或給個案例帖子
謝謝!!!
《解決方案》
原帖由 wxjsr 於 2008-4-20 10:49 發表 http://linux.chinaunix.net/bbs/images/common/back.gif
樓主,
另外一種作法是使用 sortlist 參數,請問有沒有中文手冊或給個案例帖子
謝謝!!!
有英文版:
http://www.isc.org/sw/bind/arm93/Bv9ARM.ch06.html
找 sortlist 區段說明...
The sortlist Statement
The response to a DNS query may consist of multiple resource records (RRs) forming a resource records set (RRset). The name server will normally return the RRs within the RRset in an indeterminate order (but see the rrset-order statement in the section called 「RRset Ordering」). The client resolver code should rearrange the RRs as appropriate, that is, using any addresses on the local net in preference to other addresses. However, not all resolvers can do this or are correctly configured. When a client is using a local server the sorting can be performed in the server, based on the client's address. This only requires configuring the name servers, not all the clients.
The sortlist statement (see below) takes an address_match_list and interprets it even more specifically than the topology statement does (the section called 「Topology」). Each top level statement in the sortlist must itself be an explicit address_match_list with one or two elements. The first element (which may be an IP address, an IP prefix, an ACL name or a nested address_match_list) of each top level list is checked against the source address of the query until a match is found.
Once the source address of the query has been matched, if the top level statement contains only one element, the actual primitive element that matched the source address is used to select the address in the response to move to the beginning of the response. If the statement is a list of two elements, then the second element is treated the same as the address_match_list in a topology statement. Each top level element is assigned a distance and the address in the response with the minimum distance is moved to the beginning of the response.
In the following example, any queries received from any of the addresses of the host itself will get responses preferring addresses on any of the locally connected networks. Next most preferred are addresses on the 192.168.1/24 network, and after that either the 192.168.2/24 or 192.168.3/24 network with no preference shown between these two networks. Queries received from a host on the 192.168.1/24 network will prefer other addresses on that network to the 192.168.2/24 and 192.168.3/24 networks. Queries received from a host on the 192.168.4/24 or the 192.168.5/24 network will only prefer other addresses on their directly connected networks.
sortlist {
{ localhost; // IF the local host
{ localnets; // THEN first fit on the
192.168.1/24; // following nets
{ 192.168.2/24; 192.168.3/24; }; }; };
{ 192.168.1/24; // IF on class C 192.168.1
{ 192.168.1/24; // THEN use .1, or .2 or .3
{ 192.168.2/24; 192.168.3/24; }; }; };
{ 192.168.2/24; // IF on class C 192.168.2
{ 192.168.2/24; // THEN use .2, or .1 or .3
{ 192.168.1/24; 192.168.3/24; }; }; };
{ 192.168.3/24; // IF on class C 192.168.3
{ 192.168.3/24; // THEN use .3, or .1 or .2
{ 192.168.1/24; 192.168.2/24; }; }; };
{ { 192.168.4/24; 192.168.5/24; }; // if .4 or .5, prefer that net
};
};
The following example will give reasonable behavior for the local host and hosts on directly connected networks. It is similar to the behavior of the address sort in BIND 4.9.x. Responses sent to queries from the local host will favor any of the directly connected networks. Responses sent to queries from any other hosts on a directly connected network will prefer addresses on that same network. Responses to other queries will not be sorted.
sortlist {
{ localhost; localnets; };
{ localnets; };
};
學 linux 盡量把英文閱讀能力加強好,這樣對於走這條路才會輕鬆。
《解決方案》
回復 #6 kenduest 的帖子
可不要誤導阿。
bind9確實有view的功能,但那是根據來訪問的IP給出不同的地址,作為智能DNS是可以的。
怎麼可以解決樓主說的雙線路問題呢?樓主是要為內網的用戶提供解析。
《解決方案》
原帖由 weixuejun 於 2008-4-20 14:09 發表 http://linux.chinaunix.net/bbs/images/common/back.gif
可不要誤導阿。
bind9確實有view的功能,但那是根據來訪問的IP給出不同的地址,作為智能DNS是可以的。
怎麼可以解決樓主說的雙線路問題呢?樓主是要為內網的用戶提供解析。
重新看一下原本樓主的問題確與 DNS 配置無關,真是我真是大烏龍了。
不過看一下原本作者需求:
檢查到訪問電信的就用電信的202.103.224.x解析,訪問教育網的使用210.36.x.x解析
只是我完全不懂這樣解析的用途有啥幫助與意義,因為準備問之前就已經確定使用固定的 dns server 來查詢了,簡單說 client 端本身固定使用某一台 dns server,怎麼會有突然能夠知道實際 ip 目的在哪邊突然跳到使用某一台 nameserver 去查詢這種現象呢 ?
也許原本樓主需要再把問題釐清需求才能夠討論。
--
[ 本帖最後由 kenduest 於 2008-4-20 14:51 編輯 ]
《解決方案》
感謝各位,詳細情況
感謝各位的回帖和幫助,我詳細解釋我的提問。目前單位內網訪問教育網都要通過電信解釋轉到教育網,怎麼解決訪問教育網的直接轉教育網,訪問電信的轉電信,當然內網訪問單位教育網的資源就不需要走電信了,請高手給予指導,謝謝
《解決方案》
回復 #9 wcxgo 的帖子
不是說了嗎?做目的地址路由阿。
