实现智能DNS

第一、实现智能DNSnn大概的过程：nt安装配置模板－－》 视图（相当于shell里的条件判断）－－》视图根据一个acl列表（对不同地域的IP进行归类命名）进行读取不同的区域文件nn做准备：nt主机

第一、实现智能DNSnn大概的过程：nt安装配置模板－－》 视图（相当于shell里的条件判断）－－》视图根据一个acl列表（对不同地域的IP进行归类命名）进行读取不同的区域文件nn做准备：nt主机名nt关闭防火墙,Selinuxnt同步时间nn1、对各个线路的IP进行归类nn安装ripe-dbase-client-v3nn下载网通的IPnwhois3 -h whois.apnic.net -l -i mb MAINT-CNCGROUP > /tmp/test/cncnn下载电信的IPnwhois3 -h whois.apnic.net -l -i mb MAINT-CHINANET > /tmp/test/chinann这些文件需要二次处理nnn这里实现模拟，写两个IP的aclnn网络使用 <=10.1.1.120n# vim /var/named/chroot/var/named/data/acl_cncnacl cnc{n10.1.1.1;n10.1.1.20;n10.1.1.73;n10.1.1.100;n10.1.1.104;n192.168.20/24;n}; //《－－－别忘记;nn中国电信的IPn# vim /var/named/chroot/var/named/data/acl_chinanacl china{n10.1.1.146;n10.1.1.168;n10.1.1.187;n};nnn2、配置DNSn安装模板文件 caching-nameservernn先把原来的文件重命名n# mv named.conf named.conf.bkn# mv named.caching-nameserver.conf named.confnnnoptions {n listen-on port 53 { any; }; //<---###n listen-on-v6 port 53 { ::1; };n directory "/var/named";n dump-file "/var/named/data/cache_dump.db";n statistics-file "/var/named/data/named_stats.txt";n memstatistics-file "/var/named/data/named_mem_stats.txt";ntn allow-query { any; }; //<---###ntforwarders { 10.1.1.1; };n};nlogging {n channel default_debug {n file "data/named.run";n severity dynamic;n };n};nn//视图n//view localhost_resolver {n// match-clients { localhost; };n// match-destinations { localhost; };n// recursion yes;n// include "/etc/named.rfc1912.zones";n//};nninclude "data/acl_cnc";ninclude "data/acl_china";nnview "cnc_resolver" {n match-clients { cnc;10.1.1.19; };n zone "upl.com" in {n type master;n file "data/master.cnc.upl.com.zone";n };n};nnview "china_resolver" {n match-clients { china;10.1.1.21; };n zone "upl.com" in {n type master;n file "data/master.china.upl.com.zone";n };n};nnview "other" {n match-clients { any; };n zone "upl.com" in {n type master;n file "data/master.other.upl.com.zone";n };n};nn//////////////////////////////////////////////nif [ con_1 ];thenntcommand1;nelif [ con_2 ];thenntcommand2;nelsentcommand3;nfinn/////////////////////////////////////nn编写不同的区域文件：n# vim /var/named/chroot/var/named/data/master.china.upl.com.zonen$TTL 86400n@ IN SOA upl.com. root. (n 2010080401n 60n 30n 1Dn 1Hn