Kere ju ọdun 10 lẹhinna, awọn olupilẹṣẹ ti RoS (ni iduroṣinṣin 6.47) ṣafikun iṣẹ ṣiṣe ti o fun ọ laaye lati ṣe atunṣe awọn ibeere DNS ni ibamu si awọn ofin pataki. Ti o ba jẹ iṣaaju o jẹ dandan lati yago fun awọn ofin Layer-7 ninu ogiriina, ni bayi o ṣee ṣe ni irọrun ati ẹwa:
/ip dns static
add forward-to=192.168.88.3 regexp=".*\.test1\.localdomain" type=FWD
add forward-to=192.168.88.56 regexp=".*\.test2\.localdomain" type=FWD
Idunnu mi ko mọ awọn aala!
Kí ni èyí ń halẹ̀ mọ́ wa?
Ni o kere ju, a yọkuro kuro ninu awọn iṣelọpọ NAT ajeji bii eyi:
/ip firewall layer7-protocol
add comment="DNS Nat contoso.com" name=contoso.com regexp="\x07contoso\x03com"
/ip firewall mangle
add action=mark-packet chain=prerouting comment="mark dns contoso.com" dst-address-type=local dst-port=53 in-interface-list=DNSMASQ layer7-protocol=contoso.com new-packet-mark=dns-contoso.com passthrough=yes protocol=udp
add action=mark-packet chain=prerouting comment="mark dns contoso.com" dst-address-type=local dst-port=53 in-interface-list=DNSMASQ layer7-protocol=contoso.com new-packet-mark=dns-contoso.com passthrough=yes protocol=tcp
/ip firewall nat
add action=dst-nat chain=dstnat comment="DST-NAT dns contoso.com" dst-port=53 in-interface-list=DNSMASQ packet-mark=dns-contoso.com protocol=udp to-addresses=192.0.2.15
add action=dst-nat chain=dstnat comment="DST-NAT dns contoso.com" dst-port=53 in-interface-list=DNSMASQ packet-mark=dns-contoso.com protocol=tcp to-addresses=192.0.2.15
add action=masquerade chain=srcnat comment="mask dns contoso.com" dst-port=53 packet-mark=dns-contoso.com protocol=udp
add action=masquerade chain=srcnat comment="mask dns contoso.com" dst-port=53 packet-mark=dns-contoso.com protocol=tcp
Ati pe kii ṣe gbogbo rẹ, ni bayi o le forukọsilẹ ọpọlọpọ awọn olutọpa, eyiti yoo ṣe iranlọwọ lati jẹ ki dns kuna.
Sisẹ DNS ti oye yoo jẹ ki o ṣee ṣe lati bẹrẹ iṣafihan ipv6 sinu nẹtiwọọki ile-iṣẹ naa. Ṣaaju pe, Emi ko ṣe eyi, idi ni pe Mo nilo lati yanju nọmba kan ti awọn orukọ dns si awọn adirẹsi agbegbe, ati ni ipv6 eyi ko le ṣee ṣe laisi dipo awọn crutches nla.
orisun: www.habr.com