ProHoster > Π‘Π»ΠΎΠ³ > Kev tswj hwm > Mikrotik split-dns: lawv ua nws

Mikrotik split-dns: lawv ua nws

Tsawg tshaj li 10 xyoo dhau los txij li cov neeg tsim khoom ntawm RoS (nyob ruaj khov 6.47) ntxiv kev ua haujlwm uas tso cai rau koj hloov pauv DNS thov raws li cov cai tshwj xeeb. Yog tias ua ntej nws yog qhov tsim nyog yuav tsum tsis txhob nrog Layer-7 cov cai hauv firewall, tam sim no qhov no yog ua kom yooj yim thiab zoo nkauj:

/ip dns static
add forward-to=192.168.88.3 regexp=".*\.test1\.localdomain" type=FWD
add forward-to=192.168.88.56 regexp=".*\.test2\.localdomain" type=FWD

Kuv txoj kev zoo siab paub tsis muaj kev cia siab!

Qhov no hem peb li cas?

Yam tsawg kawg, peb tau tshem ntawm NAT coj txawv txawv zoo li no:


/ip firewall layer7-protocol
add comment="DNS Nat contoso.com" name=contoso.com regexp="\x07contoso\x03com"
/ip firewall mangle
add action=mark-packet chain=prerouting comment="mark dns contoso.com" dst-address-type=local dst-port=53 in-interface-list=DNSMASQ layer7-protocol=contoso.com new-packet-mark=dns-contoso.com passthrough=yes protocol=udp
add action=mark-packet chain=prerouting comment="mark dns contoso.com" dst-address-type=local dst-port=53 in-interface-list=DNSMASQ layer7-protocol=contoso.com new-packet-mark=dns-contoso.com passthrough=yes protocol=tcp
/ip firewall nat
add action=dst-nat chain=dstnat comment="DST-NAT dns contoso.com" dst-port=53 in-interface-list=DNSMASQ packet-mark=dns-contoso.com protocol=udp to-addresses=192.0.2.15
add action=dst-nat chain=dstnat comment="DST-NAT dns contoso.com" dst-port=53 in-interface-list=DNSMASQ packet-mark=dns-contoso.com protocol=tcp to-addresses=192.0.2.15
add action=masquerade chain=srcnat comment="mask dns contoso.com" dst-port=53 packet-mark=dns-contoso.com protocol=udp
add action=masquerade chain=srcnat comment="mask dns contoso.com" dst-port=53 packet-mark=dns-contoso.com protocol=tcp

Thiab qhov tsis yog tag nrho, tam sim no koj tuaj yeem sau npe ntau tus xa mus, uas yuav pab ua rau dns tsis ua haujlwm.
Intelligent DNS ua yuav ua rau nws muaj peev xwm pib qhia ipv6 rau hauv lub tuam txhab network. Ua ntej ntawd, kuv tsis tau ua qhov no, yog vim li cas kuv xav tau los daws ntau lub npe dns rau cov chaw nyob hauv zos, thiab hauv ipv6 qhov no tsis tuaj yeem ua tsis tau yam tsis muaj lub qhov rooj loj.

Tau qhov twg los: www.hab.com