ProHoster > Π‘Π»ΠΎΠ³ > Kev tswj hwm > Rov qab cheeb tsam delegation rau subnets tsawg dua /24 hauv BIND. Nws ua haujlwm li cas

Rov qab cheeb tsam delegation rau subnets tsawg dua /24 hauv BIND. Nws ua haujlwm li cas

Muaj ib hnub kuv tau ntsib nrog txoj haujlwm ntawm kev muab ib qho ntawm kuv cov neeg siv khoom muaj cai los hloov PTR cov ntaub ntawv ntawm /28 subnet muab rau nws. Kuv tsis muaj automation rau kho BIND nqis los ntawm sab nraud. Yog li ntawd, kuv tau txiav txim siab coj txoj kev sib txawv - kom xa mus rau tus neeg siv khoom ib feem ntawm PTR cheeb tsam ntawm /24 subnet.

Nws yuav zoo li - dab tsi yuav yooj yim dua? Peb tsuas sau npe rau lub subnet raws li xav tau thiab coj nws mus rau qhov xav tau NS, raws li ua tiav nrog subdomain. Tab sis tsis muaj. Nws tsis yog qhov yooj yim heev (txawm hais tias qhov tseeb nws feem ntau yog qhov tseem ceeb, tab sis qhov kev xav yuav tsis pab), yog vim li cas kuv thiaj sau tsab xov xwm no.

Leej twg xav paub txog lawv tus kheej tuaj yeem nyeem RFC
Leej twg xav tau kev npaj npaj, txais tos miv.

Txhawm rau kom tsis txhob ncua cov neeg uas nyiam txoj kev theej-paste, kuv yuav tshaj tawm qhov ua tau zoo ua ntej, thiab tom qab ntawd qhov kev xav.

1. xyaum. Delegating zone /28

Wb hais tias peb muaj subnet 7.8.9.0/24. Peb yuav tsum delegate lub subnet 7.8.9.240/28 rau dns client 7.8.7.8 (ns1.client.domain).

Ntawm tus kws kho mob DNS koj yuav tsum nrhiav cov ntaub ntawv uas piav qhia txog thaj tsam rov qab ntawm lub subnet no. Cia nws 9.8.7.in-addr.arpa ib.
Peb tawm tswv yim ntawm kev nkag los ntawm 240 txog 255, yog tias muaj. Thiab thaum kawg ntawm cov ntaub ntawv peb sau cov hauv qab no:

255-240  IN  NS      7.8.7.8
$GENERATE 240-255 $ CNAME $.255-240

tsis txhob hnov ​​​​qab kom serial cheeb tsam thiab ua 

rndc reload

Qhov no ua tiav qhov chaw muab kev pabcuam. Cia peb mus rau tus neeg siv khoom dns.

Ua ntej, cia peb tsim cov ntaub ntawv /etc/bind/master/255-240.9.8.7.in-addr.arpa cov ntsiab lus hauv qab no:

$ORIGIN 255-240.9.8.7.in-addr.arpa.
$TTL 1W
@                       1D IN SOA       ns1.client.domain. root.client.domain. (
                        2008152607      ; serial
                        3H              ; refresh
                        15M             ; retry
                        1W              ; expiry
                        1D )            ; minimum
@                       IN NS        ns1.client.domain.
@                       IN NS        ns2.client.domain.
241                     IN PTR          test.client.domain.
242                     IN PTR          test2.client.domain.
245                     IN PTR          test5.client.domain.

Thiab hauv npe.conf ntxiv cov lus piav qhia ntawm peb cov ntaub ntawv tshiab:

zone "255-240.9.8.7.in-addr.arpa." IN {
        type master;
        file "master/255-240.9.8.7.in-addr.arpa";
};

B rov pib txheej txheem khi.

/etc/init.d/named restart

Tag nrho. Tam sim no koj tuaj yeem kuaj xyuas.

#>  host 7.8.9.245 
245.9.8.7.in-addr.arpa is an alias for 245.255-240.9.8.7.in-addr.arpa.
245.255-240.9.8.7.in-addr.arpa domain name pointer test5.client.domain.

Thov nco ntsoov tias tsis yog tsuas yog PTR cov ntaub ntawv tau muab, tab sis kuj yog CNAME. Yog li nws yuav tsum ua. Yog tias koj xav paub yog vim li cas, ces txais tos mus rau tshooj tom ntej.

2. Kev xav. Nws ua haujlwm li cas.

Nws yog ib qho nyuaj rau configure thiab debug lub thawv dub. Nws yooj yim dua yog tias koj nkag siab tias muaj dab tsi tshwm sim hauv.

Thaum peb delegate ib tug subdomain nyob rau hauv ib tug sau sau, ces peb sau tej yam zoo li no:

client.domain.	NS	ns1.client.domain.
ns1.client.domain.	A	7.8.7.8

Peb qhia rau txhua tus neeg uas nug tias peb tsis muaj lub luag haujlwm rau lub xaib no thiab hais tias leej twg yog tus lav. Thiab txhua qhov kev thov rau client.domain redirect rau 7.8.7.8. Thaum kuaj xyuas, peb pom cov duab hauv qab no (peb yuav tshem tawm yam uas tus neeg siv khoom muaj. Nws tsis muaj teeb meem):

# host test.client.domain
test.client.domain has address 7.8.9.241

Cov. Peb tau ceeb toom tias muaj xws li A cov ntaub ntawv thiab nws tus IP yog 7.8.9.241. Tsis muaj ntaub ntawv tsis tsim nyog.

Yuav ua li cas tib yam yuav ua tau nrog ib tug subnet?

Vim peb cov DNS server tau sau npe hauv RIPE, tom qab ntawd thaum thov PTR IP chaw nyob los ntawm peb lub network, thawj qhov kev thov tseem yuav yog rau peb. Lub logic yog tib yam li nrog cov thawj. Tab sis ua li cas koj nkag mus rau subnet rau hauv ib cheeb tsam cov ntaub ntawv?

Cia peb sim nkag mus zoo li no:

255-240  IN  NS      7.8.7.8

Thiab ... qhov txuj ci tseem ceeb tsis tau tshwm sim. Peb tsis tau txais ib qho kev thov redirection. Qhov tshaj plaws yog tias khi tsis txawm paub tias cov ntaub ntawv nkag rau hauv cov ntaub ntawv rov qab yog IP chaw nyob, thiab ntau dua li tsis nkag siab txog ntau yam nkag. Rau nws, qhov no tsuas yog qee yam ntawm cov cim subdomain. Cov. rau khi yuav tsis muaj qhov sib txawv ntawm "255-240"Thiab"peb superclient". Thiab rau qhov kev thov mus qhov twg nws yuav tsum mus, qhov chaw nyob hauv kev thov yuav tsum zoo li no: 241.255-240.9.8.7.in-addr.arpa. Los yog zoo li no yog tias peb siv lub cim subdomain: 241.oursuperclient.9.8.7.in-addr.arpa. Qhov no txawv ntawm qhov qub: 241.9.8.7.in-addr.arpa ib.

Nws yuav nyuaj rau ua qhov kev thov manually. Thiab txawm tias nws ua haujlwm, nws tseem tsis paub meej tias yuav siv nws li cas hauv lub neej tiag tiag. Tom qab tag nrho, raws li kev thov 7.8.9.241 Tus kws kho mob DNS tseem teb rau peb, tsis yog tus neeg siv khoom.

Thiab qhov no yog qhov uas lawv tuaj ua si CNAME.

Ntawm tus kws kho mob sab, koj yuav tsum ua ib qho npe rau txhua tus IP chaw nyob ntawm subnet hauv hom ntawv uas yuav xa cov lus thov mus rau tus neeg siv khoom DNS.

255-240  IN  NS      ns1.client.domain.
241     IN  CNAME   241.255-240
242     IN  CNAME   242.255-240
ΠΈ Ρ‚.Π΄.

Qhov no yog rau kev ua haujlwm hnyav =).

Thiab rau cov tub nkeeg, cov qauv hauv qab no yog qhov tsim nyog dua:

255-240  IN  NS      ns1.client.domain.
$GENERATE 240-255 $ CNAME $.255-240

Tam sim no thov cov ntaub ntawv ntawm 7.8.9.241 los ntawm 241.9.8.7.in-addr.arpa ib ntawm tus muab kev pabcuam DNS server yuav raug hloov mus rau 241.255-240.9.8.7.in-addr.arpa thiab mus rau dns tus neeg siv khoom.

Cov neeg sab nrauv yuav tsum tau ua raws li cov lus thov. Raws li, peb tsim ib cheeb tsam 255-240.9.8.7.in-addr.arpa. Hauv nws, peb tuaj yeem, hauv paus ntsiab lus, tso qhov rov qab nkag rau ib qho ip ntawm tag nrho /24 subnet, tab sis lawv tsuas yog nug peb txog cov uas tus kws kho mob xa tuaj rau peb, yog li peb yuav tsis tuaj yeem ua si ib puag ncig =).
Txhawm rau ua piv txwv, kuv yuav rov muab ib qho piv txwv ntawm cov ntsiab lus ntawm cov ntaub ntawv rov qab los ntawm cov neeg siv khoom:

$ORIGIN 255-240.9.8.7.in-addr.arpa.
$TTL 1W
@                       1D IN SOA       ns1.client.domain. root.client.domain. (
                        2008152607      ; serial
                        3H              ; refresh
                        15M             ; retry
                        1W              ; expiry
                        1D )            ; minimum
@                       IN NS        ns1.client.domain.
@                       IN NS        ns2.client.domain.
241                     IN PTR          test.client.domain.
242                     IN PTR          test2.client.domain.
245                     IN PTR          test5.client.domain.

Nws yog vim peb siv CNAME ntawm tus kws kho mob sab, thiab teb rau qhov kev thov rau cov ntaub ntawv los ntawm IP chaw nyob peb tau txais ob cov ntaub ntawv, tsis yog ib qho.

#>  host 7.8.9.245 
245.9.8.7.in-addr.arpa is an alias for 245.255-240.9.8.7.in-addr.arpa.
245.255-240.9.8.7.in-addr.arpa domain name pointer test5.client.domain.

Thiab tsis txhob hnov ​​​​qab txhim kho ACL kom raug. Vim nws ua rau tsis muaj kev nkag siab rau qhov chaw PTR rau koj tus kheej thiab tsis teb rau leej twg los ntawm sab nraud =).

Tau qhov twg los: www.hab.com

Ntxiv ib saib