티스토리 뷰

___네임서버

[네임서버] DNS view zonetransfer TEST

변군 변군이글루 2013. 6. 20. 16:43

DNS VIEW 테스트

Master Server

options {

directory "/var/named";

dump-file "/var/named/data/named_dump.db"; // dump file directory

version "Unknown";

statistics-file "/var/named/data/named.stats"; // statistic file directory

pid-file "/var/named/data/named.pid";

#transfer-format many-answers;

           allow-query { any; };

allow-transfer { 127.0.0.1; 192.168.43.0/24; };

also-notify { 192.168.43.72; 192.168.43.55; };

           notify yes;

 

check-names master ignore;

check-names slave ignore;

check-names response ignore;

 

           zone-statistics yes;

recursive-clients 10000;

           };

 

#statistics-channels {

# inet 192.168.0.50 port 7777 allow { 192.168.0.0/24; }

#         };

 

# Use with the following in named.conf, adjusting the allow list as needed:

key "rndc-key" {

algorithm hmac-md5;

secret "QlIEGp+C2PEqTPDp8OJ1Yg==";

};

 

controls {

inet 127.0.0.1 port 953

allow { 127.0.0.1; } keys { "rndc-key"; };

};

# End of named.conf

 

logging {

channel "default_syslog" {

// Send most of the named messages to syslog.

syslog local2;

severity debug;

};

channel "default_syslog" {

file "log/default.log" versions 3 size 20m;

severity debug;

print-category yes;

print-severity yes;

print-time yes;

};

channel "general_syslog" {

file "log/general.log" versions 3 size 20m;

severity debug;

print-category yes;

print-severity yes;

print-time yes;

};

channel "config_syslog" {

file "log/config.log" versions 3 size 20m;

severity debug;

print-category yes;

print-severity yes;

print-time yes;

};

channel "resolver_syslog" {

file "log/resolver.log" versions 3 size 20m;

severity debug;

print-category yes;

print-severity yes;

print-time yes;

};

channel "xfer-in_syslog" {

file "log/xfer-in.log" versions 3 size 20m;

severity debug;

print-category yes;

print-severity yes;

print-time yes;

};

channel "xfer-out_syslog" {

file "log/xfer-out.log" versions 3 size 20m;

severity debug;

print-category yes;

print-severity yes;

print-time yes;

};

channel "notify_syslog" {

file "log/notify.log" versions 3 size 20m;

severity debug;

print-category yes;

print-severity yes;

print-time yes;

};

channel "client_syslog" {

file "log/client.log" versions 3 size 20m;

severity debug;

print-category yes;

print-severity yes;

print-time yes;

};

channel "network_syslog" {

file "log/network.log" versions 3 size 20m;

severity debug;

print-category yes;

print-severity yes;

print-time yes;

};

channel "queries_syslog" {

file "log/queries.log" versions 3 size 20m;

severity debug;

print-category yes;

print-severity yes;

print-time yes;

};

category default { default_syslog; };

category general { general_syslog; };

category config { config_syslog; };

category resolver { resolver_syslog; };

category xfer-in { xfer-in_syslog; };

category xfer-out { xfer-out_syslog; };

category notify { notify_syslog; };

category client { client_syslog; };

category network { network_syslog; };

category queries { queries_syslog; };

};

 

view "ss" {

match-clients { 127.0.0.1; 192.168.43.113; };

 

zone "." IN {

type hint;

file "named.ca";

};

          

           zone "localhost" IN {

type master;

file "localhost.zone";

allow-update { none; };

           };

 

           zone "0.0.127.in-addr.arpa" IN {

type master;

file "named.local";

allow-update { none; };

           };

 

zone "sangchul.kr" IN {

type master;

           file "ss_sangchul.kr.zone";

           };

};

 

view "bd" {

match-clients { any; };

 

zone "." IN {

type hint;

file "named.ca";

};

           zone "localhost" IN {

type master;

file "localhost.zone";

allow-update { none; };

           };

           zone "0.0.127.in-addr.arpa" IN {

type master;

file "named.local";

allow-update { none; };

           };

zone "sangchul.kr" IN {

type master;

file "bd_sangchul.kr.zone";

           };

};

 

Slave Server

options {

directory "/var/named";

dump-file "/var/named/data/named_dump.db"; // dump file directory

version "Unknown";

statistics-file "/var/named/data/named.stats"; // statistic file directory

pid-file "/var/named/data/named.pid";

# transfer-format many-answers;

allow-query { any; };

           allow-notify { 192.168.43.8; };

 

# allow-transfer { 127.0.0.1; 192.168.43.8; };

# also-notify { 192.168.43.8; };

notify yes;

 

check-names master ignore;

check-names slave ignore;

check-names response ignore;

 

zone-statistics yes;

recursive-clients 10000;

 

};

 

# Use with the following in named.conf, adjusting the allow list as needed:

key "rndc-key" {

algorithm hmac-md5;

secret "+nlBPOd+7k8poSRxCEVTMw==";

};

 

controls {

inet 127.0.0.1 port 953

allow { 127.0.0.1; } keys { "rndc-key"; };

};

# End of named.conf

 

logging {

channel "default_syslog" {

// Send most of the named messages to syslog.

syslog local2;

severity debug;

};

channel "default_syslog" {

file "log/default.log" versions 3 size 20m;

severity debug;

print-category yes;

print-severity yes;

print-time yes;

};

channel "general_syslog" {

file "log/general.log" versions 3 size 20m;

severity debug;

print-category yes;

print-severity yes;

print-time yes;

};

channel "config_syslog" {

file "log/config.log" versions 3 size 20m;

severity debug;

print-category yes;

print-severity yes;

print-time yes;

};

channel "resolver_syslog" {

file "log/resolver.log" versions 3 size 20m;

severity debug;

print-category yes;

print-severity yes;

print-time yes;

};

channel "xfer-in_syslog" {

file "log/xfer-in.log" versions 3 size 20m;

severity debug;

print-category yes;

print-severity yes;

print-time yes;

};

channel "xfer-out_syslog" {

file "log/xfer-out.log" versions 3 size 20m;

severity debug;

print-category yes;

print-severity yes;

print-time yes;

};

channel "notify_syslog" {

file "log/notify.log" versions 3 size 20m;

severity debug;

print-category yes;

print-severity yes;

print-time yes;

};

channel "client_syslog" {

file "log/client.log" versions 3 size 20m;

severity debug;

print-category yes;

print-severity yes;

print-time yes;

};

channel "network_syslog" {

file "log/network.log" versions 3 size 20m;

severity debug;

print-category yes;

print-severity yes;

print-time yes;

};

channel "queries_syslog" {

file "log/queries.log" versions 3 size 20m;

severity debug;

print-category yes;

print-severity yes;

print-time yes;

};

category default { default_syslog; };

category general { general_syslog; };

category config { config_syslog; };

category resolver { resolver_syslog; };

category xfer-in { xfer-in_syslog; };

category xfer-out { xfer-out_syslog; };

category notify { notify_syslog; };

category client { client_syslog; };

category network { network_syslog; };

category queries { queries_syslog; };

};

 

view "view01" {

match-clients { 127.0.0.1; 192.168.43.113; }; #dns4

          

           zone "." IN {

type hint;

file "named.ca";

           };

           zone "localhost" IN {

type master;

file "localhost.zone";

allow-update { none; };

           };

           zone "0.0.127.in-addr.arpa" IN {

type master;

file "named.local";

allow-update { none; };

           };

zone "sangchul.kr" IN {

type slave;

           masters { 192.168.43.8; };

# file "slaves/sangchul.kr_view01.zone";

file "slaves/sangchul.kr.zone";

};

};

 

view "view02" {

# match-clients { 192.168.43.72; 192.168.43.113; };

match-clients { 192.168.43.237; };

 

zone "." IN {

type hint;

file "named.ca";

};

zone "localhost" IN {

type master;

file "localhost.zone";

allow-update { none; };

};

zone "0.0.127.in-addr.arpa" IN {

type master;

file "named.local";

allow-update { none; };

};

zone "sangchul.kr" IN {

type slave;

masters { 192.168.43.8; };

# file "slaves/sangchul.kr_view02.zone";

file "slaves/sangchul.kr.zone";

};

};

 

view "view03" {

match-clients { any; };

 

zone "." IN {

type hint;

file "named.ca";

};

zone "localhost" IN {

type master;

file "localhost.zone";

allow-update { none; };

};

zone "0.0.127.in-addr.arpa" IN {

type master;

file "named.local";

allow-update { none; };

};

zone "sangchul.kr" IN {

type slave;

masters { 192.168.43.8; };

# file "slaves/sangchul.kr_view03.zone";

file "slaves/sangchul.kr.zone";

};

};

 

 

 

 

 

댓글
댓글쓰기 폼