Pasati papera makore gumi gare gare, vagadziri veRoS (yakagadzikana 10) yakawedzera mashandiro ayo anobvumidza iwe kutungamira zvikumbiro zveDNS zvinoenderana nemitemo yakakosha. Kana pakutanga zvaive zvakafanira kunzvenga neLayer-6.47 mitemo mufirewall, zvino izvi zvinoitwa zviri nyore uye zvinoyevedza:
/ip dns static
add forward-to=192.168.88.3 regexp=".*\.test1\.localdomain" type=FWD
add forward-to=192.168.88.56 regexp=".*\.test2\.localdomain" type=FWD
Mufaro wangu hauna magumo!
Izvi zvinotityisidzira nei?
Zvirinani, isu tinobvisa zvisinganzwisisike NAT inovaka senge iyi:
/ip firewall layer7-protocol
add comment="DNS Nat contoso.com" name=contoso.com regexp="\x07contoso\x03com"
/ip firewall mangle
add action=mark-packet chain=prerouting comment="mark dns contoso.com" dst-address-type=local dst-port=53 in-interface-list=DNSMASQ layer7-protocol=contoso.com new-packet-mark=dns-contoso.com passthrough=yes protocol=udp
add action=mark-packet chain=prerouting comment="mark dns contoso.com" dst-address-type=local dst-port=53 in-interface-list=DNSMASQ layer7-protocol=contoso.com new-packet-mark=dns-contoso.com passthrough=yes protocol=tcp
/ip firewall nat
add action=dst-nat chain=dstnat comment="DST-NAT dns contoso.com" dst-port=53 in-interface-list=DNSMASQ packet-mark=dns-contoso.com protocol=udp to-addresses=192.0.2.15
add action=dst-nat chain=dstnat comment="DST-NAT dns contoso.com" dst-port=53 in-interface-list=DNSMASQ packet-mark=dns-contoso.com protocol=tcp to-addresses=192.0.2.15
add action=masquerade chain=srcnat comment="mask dns contoso.com" dst-port=53 packet-mark=dns-contoso.com protocol=udp
add action=masquerade chain=srcnat comment="mask dns contoso.com" dst-port=53 packet-mark=dns-contoso.com protocol=tcp
Uye handizvo chete, ikozvino unogona kunyoresa akati wandei kuendesa mberi, izvo zvichabatsira kuita dns failover.
Hungwaru DNS kugadzirisa kuchaita kuti zvikwanise kutanga kuunza ipv6 mune network yekambani. Izvi zvisati zvaitika, ini handina kuita izvi, chikonzero ndechekuti ndaifanira kugadzirisa akati wandei mazita edns kumakero emunharaunda, uye mu ipv6 izvi zvaisagona kuitwa pasina madondoro makuru.
Source: www.habr.com