zoukankan      html  css  js  c++  java

  • bind主从配置非DLZ

     
    1. 编译安装bind
    ./configure --prefix=/usr/local/bind --enable-threads --disable-openssl-version-check  && make && make install
     
    2. 主节点生成key并scp至从节点
    /usr/local/bind/sbin/rndc-confgen -s 127.0.0.1 -r /dev/urandom > rndc.conf
     
    echo "aaa" > aaa
    echo "bbb" > bbb 
    /usr/local/bind/sbin/rndc-confgen -a -b -r aaa 128 -c /usr/local/bind/etc/b.key -k b
    /usr/local/bind/sbin/rndc-confgen -a -b -r bbb 128 -c /usr/local/bind/etc/a.key -k b
    scp a.key 1.1.1.2:/usr/local/bind/etc/a.key
    scp b.key 1.1.1.2:/usr/local/bind/etc/b.key
     
    3. 配置主节点:1.1.1.1

    include "/usr/local/bind/etc/a.key";
    include "/usr/local/bind/etc/b.key";
    options {
    directory "/usr/local/bind/etc/";
    recursion yes;
    auth-nxdomain yes;
    transfer-format one-answer;
    version "[secured]";
    allow-query {any;};
    files 102400;
    };
    controls {
    inet 127.0.0.1 port 953
    allow { 127.0.0.1; };
    };
    logging {
    channel debug_log {
    file "named.log" versions 3 ;
    severity debug 10;
    print-time yes;
    print-category yes;
    print-severity yes;
    };
    category xfer-out {
    debug_log;
    };
    };

    view "a" {
    server 1.1.1.2 { keys a; };

    match-clients { !key b; 1.1.1.0/24; };
    recursion yes;

    zone "test.me" {
    type master;
    file "/usr/local/bind/etc/zonea";
    allow-transfer { 1.1.1.2; };
    };
    };

    view "b" {
    server 1.1.1.2 { keys b; };

    match-clients { !key a; 1.1.1.0/24; };
    recursion yes;

    zone "test.me" {
    type master;
    file "/usr/local/bind/etc/zoneb";
    allow-transfer { 1.1.1.2; };
    };
    };

    4. 配置从节点 : 1.1.1.2

    include "/usr/local/bind/etc/a.key";
    include "/usr/local/bind/etc/b.key";

    options {
    directory "/usr/local/bind/etc/";
    recursion yes;
    auth-nxdomain yes;
    transfer-format one-answer;
    version "[secured]";
    allow-query {any;};
    files 102400;
    };
    controls {
    inet 127.0.0.1 port 953
    allow { 127.0.0.1; };
    };
    logging {
    channel debug_log {
    file "named.log" versions 3 ;
    severity debug 10;
    print-time yes;
    print-category yes;
    print-severity yes;
    };
    category xfer-out {
    debug_log;
    };
    };

    view "a" {
    server 1.1.1.1 { keys a; };

    match-clients { !key b; 1.1.1.0/24; };
    recursion yes;

    zone "55tuan.me" {
    type slave;
    masters { 1.1.1.1; };
    file "/usr/local/bind/etc/zonea";
    };
    };

    view "b" {
    server 1.1.1.1 { keys b; };

    match-clients { !key a; 1.1.1.0/24; };
    recursion yes;

    zone "55tuan.me" {
    type slave;
    masters { 1.1.1.1; };
    file "/usr/local/bind/etc/zoneb";
    };
    };

     
    注意:
    1. master zone file serial NO. must be diff.
    2. match client must exclude the other key.
     
     
     
     
  • 相关阅读:
    Codeforces977D ---Divide by three, multiply by two 深搜+map存出现的数
    HDU4522 湫湫系列故事——过年回家
    2018浙江省赛记录
    POJ3259 :Wormholes(SPFA判负环)
    上海高校金马五校赛 F题:1 + 2 = 3?
    牛客练习赛15A-吉姆的运算式(Python正则表达式瞎搞)
    ZOJ2018/4月月赛G题Traffic Light(广搜)
    luogu 3960 列队
    noip2017
    10.3 模拟赛
  • 原文地址:https://www.cnblogs.com/devops/p/3037580.html
Copyright © 2011-2022 走看看