上篇文章写到自建DNS,自建DNS服务器搭建(多域名解析) ,有了DNS,就会有智能DNS,有了智能DNS,离CDN就不远了,智能DNS有很多种,比如基于运营商,基于IP物理地址,基于机房AS号,基于网络环境的复杂性,导致小鸡只对某一运营商速度不错,本套系统就是拒绝小鸡吃灰。666666
DNS搭建参考上篇博文,本篇在上篇的基础上,利用DNS view实现三大运营商,分别解析到对应IP,需要修改4个文件,分别是named.conf,并生成kaifashuo.com针对某一运行的zone文件。
named.conf文件:
[root@vultr etc]# cat named.conf
key "rndc-key" {
algorithm hmac-md5;
secret "Z3cDonurt8GqXl9eRcRKFw==";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
include "/usr/local/named/etc/ispip/chinatelecom_acl"; //电信IP段
include "/usr/local/named/etc/ispip/cmcc_acl"; //移动IP段
include "/usr/local/named/etc/ispip/unicom_cnc_acl"; //联通IP段
options {
listen-on port 53 { 207.246.82.114; };
directory "/usr/local/named/etc/named";
dump-file "/usr/local/named/etc/data/cache_dump.db";
statistics-file "/usr/local/named/etc/data/bind_stats.txt";
pid-file "named.pid";
allow-query { any; };
};
//移动View cmcc_acl 名称自定义,下同
view cmcc_acl {
match-clients { cmcc; };
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "localhost.zone";
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "kaifashuo.com" IN {
type master;
file "cmcc-kaifashuo.com.zone"; //移动kaifashuozone,下同
allow-update { none; };
};
zone "114.82.246.in-addr.arpa" in {
type master;
file "207.zone";
allow-update { none; };
};
};
view chinatelecom_acl {
match-clients { telcom; };
zone "kaifashuo.com" IN {
type master;
file "telcom-kaifashuo.com.zone";
allow-update { none; };
};
};
view unicom_cnc_acl {
match-clients { unicom; };
zone "kaifashuo.com" IN {
type master;
file "unicom-kaifashuo.com.zone";
allow-update { none; };
};
};
view default {
zone "kaifashuo.com" IN {
type master;
file "unicom-kaifashuo.com.zone"; //如果三个IP段都未匹配,则用此kaifashuo zone解析
allow-update { none; };
};
};
named.conf 对应三个kaifashuo zone文件,仅仅是修改了解析的A记录,其余一样。
[root@vultr named]# cat telcom-kaifashuo.com.zone
$TTL 86400
@ IN SOA kaifashuo.com. kf@kaifashuo.com.foxmail.com. (
2017112800 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
@ IN NS ns1.kaifashuo.com.
@ IN NS ns2.kaifashuo.com.
ns1 IN A 207.246.82.114
ns2 IN A 207.246.82.114
www IN A 107.174.221.14
@ IN A 107.174.221.14
[root@vultr named]# cat cmcc-kaifashuo.com.zone
$TTL 86400
@ IN SOA kaifashuo.com. kf@kaifashuo.com.foxmail.com. (
2017112800 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
@ IN NS ns1.kaifashuo.com.
@ IN NS ns2.kaifashuo.com.
ns1 IN A 207.246.82.114
ns2 IN A 207.246.82.114
www IN A 207.246.82.114
whois IN A 207.246.82.114
@ IN A 207.246.82.114
[root@vultr named]# cat unicom-kaifashuo.com.zone
$TTL 86400
@ IN SOA kaifashuo.com. kf@kaifashuo.com.foxmail.com. (
2017112800 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
@ IN NS ns1.kaifashuo.com.
@ IN NS ns2.kaifashuo.com.
ns1 IN A 207.246.82.114
ns2 IN A 207.246.82.114
@ IN A 107.174.217.70
www IN A 107.174.217.70
[root@vultr named]#
DNS view 运营商IP段生成脚本。
cat ip.sh
#!/bin/bash
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin
export PATH
# this scrip write by Clang at 2014-08-12.
# discriminate per isp from apnic.
yum install wget bc whois -y
# define save ip result directory.
save_dir="$HOME/ispip"
# download ip info from apnic website.
apnic_ip_info="$save_dir/apnic_ip_info"
# get all ip list values from apnic.
apnic_all_ip="$save_dir/apnic_all_ip"
if [ ! -d "$save_dir" ]; then
mkdir "$save_dir"
fi
# delete old exist file.
rm -f $save_dir/*
wget -c --progress=bar:force --prefer-family=IPv4 --no-check-certificate http://ftp.apnic.net/apnic/stats/apnic/delegated-apnic-latest -O $apnic_ip_info
grep "apnic|CN|ipv4|" "$apnic_ip_info" | awk -F'|' '{print $4"/"32-log($5)/log(2)}' > "$apnic_all_ip"
while read line
do
isp_ip=`echo $line | awk -F'/' '{print $1}'`
isp_info=`whois -h whois.apnic.net $isp_ip | grep -E "(mnt-|netname|e-mail)" | awk '{print $2}' | xargs`
# GWBN
into_gwbn=`echo $isp_info | sed -n '/GWBN/p'`
into_gwbl=`echo $isp_info | sed -n '/GXBL/p'`
# CNC
into_cnc=`echo $isp_info | sed -n '/CNC/p'`
into_cnc_small=`echo $isp_info | sed -n '/cnc/p'`
# CHINAUNICOM
into_unicom=`echo $isp_info | sed -n '/UNICOM/p'`
# CHINATELECOM
into_chinatelecom=`echo $isp_info | sed -n '/CHINANET/p'`
into_telecom=`echo $isp_info | sed -n '/TELECOM/p'`
into_bjtel=`echo $isp_info | sed -n '/BJTEL/p'`
# CERNET
into_cernet=`echo $isp_info | sed -n '/CERNET/p'`
# CRTC
into_crtc=`echo $isp_info | sed -n '/CRTC/p'`
# CHINAMOBILE
into_cmcc=`echo $isp_info | sed -n '/CMCC/p'`
into_cmnet=`echo $isp_info | sed -n '/CMNET/p'`
if [ "${into_gwbn}" != "" ];then
echo "$line;" >> ${save_dir}/gwbn.acl
elif [ "${into_gwbl}" != "" ];then
echo "$line;" >> ${save_dir}/gwbn.acl
elif [ "${into_cnc}" != "" ];then
echo "$line;" >> ${save_dir}/unicom_cnc.acl
elif [ "${into_cnc_small}" != "" ];then
echo "$line;" >> ${save_dir}/unicom_cnc.acl
elif [ "${into_unicom}" != "" ];then
echo "$line;" >> ${save_dir}/unicom_cnc.acl
elif [ "${into_chinatelecom}" != "" ];then
echo "$line;" >> ${save_dir}/chinatelecom.acl
elif [ "${into_telecom}" != "" ];then
echo "$line;" >> ${save_dir}/chinatelecom.acl
elif [ "${into_bjtel}" != "" ];then
echo "$line;" >> ${save_dir}/chinatelecom.acl
elif [ "${into_cernet}" != "" ];then
echo "$line;" >> ${save_dir}/cernet.acl
elif [ "${into_crtc}" != "" ];then
echo "$line;" >> ${save_dir}/crtc.acl
elif [ "${into_cmcc}" != "" ];then
echo "$line;" >> ${save_dir}/cmcc.acl
elif [ "${into_cmnet}" != "" ];then
echo "$line;" >> ${save_dir}/cmcc.acl
else
echo "$line;" >> ${save_dir}/othernet.acl
fi
done<$apnic_all_ip
sed -i '1{s/^/acl "gwbn" { \n/;}' ${save_dir}/gwbn.acl
echo " }; " >> ${save_dir}/gwbn.acl
sed -i '1{s/^/acl "unicom_cnc" { \n/;}' ${save_dir}/unicom_cnc.acl
echo " }; " >> ${save_dir}/unicom_cnc.acl
sed -i '1{s/^/acl "chinatelecom" { \n/;}' ${save_dir}/chinatelecom.acl
echo " }; " >> ${save_dir}/chinatelecom.acl
sed -i '1{s/^/acl "cernet" { \n/;}' ${save_dir}/cernet.acl
echo " }; " >> ${save_dir}/cernet.acl
sed -i '1{s/^/acl "crtc" { \n/;}' ${save_dir}/crtc.acl
echo " }; " >> ${save_dir}/crtc.acl
sed -i '1{s/^/acl "cmcc" { \n/;}' ${save_dir}/cmcc.acl
echo " }; " >> ${save_dir}/cmcc.acl
sed -i '1{s/^/acl "othernet" { \n/;}' ${save_dir}/othernet.acl
echo " }; " >> ${save_dir}/othernet.acl
验证ping www.kaifashuo.com
电信 107.174.221.14
移动 207.246.82.114
联通 107.174.217.70
还没有任何评论,你来说两句吧