通过配置view实现智能DNS

1. 环境描述

当上海用户访问www.intra.com时,DNS返回上海的web server地址
当北京用户访问www.intra.com时,DNS返回北京的web server地址

服务器	IP地址	用途
DNS	192.168.31.66	DNS服务器
web-sh	192.168.31.21	www.intra.com上海服务器
web-bj	10.0.0.8	www.intra.com北京服务器

2. 服务器配置

2.1 添加网卡

DNS服务器和北京web服务器都新加一个10.0.0.0Lan网段网卡

2.2 网络配置

DNS服务器

ip a a 10.0.0.1/24 dev eth1
ifup eth1

北京WEB服务器

ip a a 10.0.0.8/24 dev eth1
ifup eth1

2.3 网络调通

从dns服务器分别ping通上海web和北京web服务器.

3. DNS配置

3.1 安装bind

yum install bind bind-utils -y

3.2 配置/etc/named.conf

[root@dns01 ~]# vi /etc/named.conf

options {
	listen-on port 53 { any; };
	directory 	"/var/named";
	dump-file 	"/var/named/data/cache_dump.db";
	statistics-file "/var/named/data/named_stats.txt";
	memstatistics-file "/var/named/data/named_mem_stats.txt";
	recursing-file  "/var/named/data/named.recursing";
	secroots-file   "/var/named/data/named.secroots";
	allow-query     { any; };
	recursion yes;
	dnssec-enable no;
	dnssec-validation no;
	pid-file "/run/named/named.pid";
	session-keyfile "/run/named/session.key";
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
acl beijingnet {
	10.0.0.0/24;
};
acl shanghainet {
	192.168.31.0/24;
};

include "/etc/named.rfc1912.zones";

3.3 配置/etc/named.rfc1912.zones

view beijingview {
	match-clients { beijingnet;};
	include "/etc/named.zone.bj";
	include "/etc/named.root.key";
};
view shanghaiview {
	match-clients { shanghainet;};
	include "/etc/named.zone.sh";
	include "/etc/named.root.key";
};

3.4 配置/etc/named.zone.bj和named.zone.sh

[root@dns01 ~]# cat /etc/named.zone.bj

zone "." IN {
	type hint;
	file "named.ca";
};
zone "intra.com" {
	type master;
	file "intra.zone.bj";
};

[root@dns01 ~]# cat /etc/named.zone.sh

zone "." IN {
	type hint;
	file "named.ca";
};
zone "intra.com" {
	type master;
	file "intra.zone.sh";
};

3.5 配置/var/named/intra.zone.bj和/var/named/intra.zone.sh

[root@dns01 ~]# cat /var/named/intra.zone.bj

$TTL 1d
@	IN 	SOA	ns1.intra.com.	qiuqin.cn.com. (
			20210831
			1H
			5M
			1W
			1D)
	IN	NS	ns1.intra.cn.
ns1 	IN	A	10.0.0.1
www.intra.com.	IN	A	10.0.0.8

[root@dns01 ~]# cat /var/named/intra.zone.sh

$TTL 1d
@	IN 	SOA	ns1.intra.com.	qiuqin.cn.com. (
			20210831
			1H
			5M
			1W
			1D)
	IN	NS	ns1.intra.cn.
ns1	IN	A	192.168.31.66
www.intra.com.	IN	A	192.168.31.21

3.6 检查配置并重启服务

named-checkconf
没有返回就没问题
systemctl restart named
或者
rndc reload

4. 测试

4.1 上海网段测试

4.2 北京网段测试