基于运营商的分布式DNS搭建 - 开发说
当前位置: 主页 » Bind » 基于运营商的分布式DNS搭建

基于运营商的分布式DNS搭建

      2017年11月28日   阅读 2,760 次     0 评论   Tags: · ·

上篇文章写到自建DNS,自建DNS服务器搭建(多域名解析) ,有了DNS,就会有智能DNS,有了智能DNS,离CDN就不远了,智能DNS有很多种,比如基于运营商,基于IP物理地址,基于机房AS号,基于网络环境的复杂性,导致小鸡只对某一运营商速度不错,本套系统就是拒绝小鸡吃灰。666666

DNS搭建参考上篇博文,本篇在上篇的基础上,利用DNS view实现三大运营商,分别解析到对应IP,需要修改4个文件,分别是named.conf,并生成kaifashuo.com针对某一运行的zone文件。

named.conf文件:

[root@vultr etc]# cat named.conf
key "rndc-key" {
    algorithm hmac-md5;
    secret "Z3cDonurt8GqXl9eRcRKFw==";
};

controls {
    inet 127.0.0.1 port 953
        allow { 127.0.0.1; } keys { "rndc-key"; };
};

include "/usr/local/named/etc/ispip/chinatelecom_acl";    //电信IP段
include "/usr/local/named/etc/ispip/cmcc_acl";      //移动IP段
include "/usr/local/named/etc/ispip/unicom_cnc_acl";     //联通IP段

options {

        listen-on port 53 { 207.246.82.114; };   

        directory "/usr/local/named/etc/named"; 

        dump-file "/usr/local/named/etc/data/cache_dump.db";

        statistics-file "/usr/local/named/etc/data/bind_stats.txt";

        pid-file "named.pid";

        allow-query     { any; };

};

//移动View  cmcc_acl 名称自定义,下同
view cmcc_acl {
    match-clients { cmcc; };

zone "." IN {

        type hint;

        file "named.ca";

    };

zone "localhost" IN {

        type master;

        file "localhost.zone";

    };

zone "0.0.127.in-addr.arpa" IN {

        type master;

        file "named.local";

        allow-update { none; };  

    };

zone "kaifashuo.com" IN {

        type master;         

        file "cmcc-kaifashuo.com.zone";     //移动kaifashuozone,下同

        allow-update { none; };

    };


zone "114.82.246.in-addr.arpa" in {   

        type master;  

        file "207.zone";         

        allow-update { none; };

    };

};

view chinatelecom_acl {
    match-clients { telcom; };


zone "kaifashuo.com" IN {

        type master;

        file "telcom-kaifashuo.com.zone";

        allow-update { none; };

};


};


view unicom_cnc_acl {
    match-clients { unicom; };


zone "kaifashuo.com" IN {

        type master;

        file "unicom-kaifashuo.com.zone";

        allow-update { none; };

    };


};



view default {

zone "kaifashuo.com" IN {

        type master;

        file "unicom-kaifashuo.com.zone";   //如果三个IP段都未匹配,则用此kaifashuo zone解析

        allow-update { none; };

    };

};

named.conf 对应三个kaifashuo zone文件,仅仅是修改了解析的A记录,其余一样。

[root@vultr named]# cat telcom-kaifashuo.com.zone 
$TTL       86400
@               IN SOA  kaifashuo.com.  kf@kaifashuo.com.foxmail.com. (
                        2017112800    ; serial (d. adams)
                                           3H                 ; refresh
                                           15M                ; retry
                                           1W                 ; expiry
                                           1D )               ; minimum



@                  IN      NS         ns1.kaifashuo.com.
@                  IN      NS         ns2.kaifashuo.com.
ns1                IN      A          207.246.82.114
ns2                IN      A          207.246.82.114
www                IN      A          107.174.221.14
@                  IN      A          107.174.221.14
[root@vultr named]# cat cmcc-kaifashuo.com.zone 
$TTL       86400
@               IN SOA  kaifashuo.com.  kf@kaifashuo.com.foxmail.com. (
                        2017112800    ; serial (d. adams)
                                           3H                 ; refresh
                                           15M                ; retry
                                           1W                 ; expiry
                                           1D )               ; minimum



@                  IN      NS         ns1.kaifashuo.com.
@                  IN      NS         ns2.kaifashuo.com.
ns1                IN      A          207.246.82.114
ns2                IN      A          207.246.82.114
www                IN      A          207.246.82.114
whois              IN      A          207.246.82.114
@                  IN      A          207.246.82.114
[root@vultr named]# cat unicom-kaifashuo.com.zone
$TTL       86400
@               IN SOA  kaifashuo.com.  kf@kaifashuo.com.foxmail.com. (
                        2017112800    ; serial (d. adams)
                                           3H                 ; refresh
                                           15M                ; retry
                                           1W                 ; expiry
                                           1D )               ; minimum



@                  IN      NS         ns1.kaifashuo.com.
@                  IN      NS         ns2.kaifashuo.com.
ns1                IN      A          207.246.82.114
ns2                IN      A          207.246.82.114
@                  IN      A          107.174.217.70
www                IN      A          107.174.217.70

[root@vultr named]# 

DNS view 运营商IP段生成脚本。

cat ip.sh 
#!/bin/bash
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin
export PATH
# this scrip write by Clang at 2014-08-12.
# discriminate per isp from apnic.

yum install wget bc whois -y

# define save ip result directory.
save_dir="$HOME/ispip"

# download ip info from apnic website.
apnic_ip_info="$save_dir/apnic_ip_info"

# get all ip list values from apnic.
apnic_all_ip="$save_dir/apnic_all_ip"


if [ ! -d "$save_dir" ]; then
mkdir "$save_dir"
fi

# delete old exist file.
rm -f $save_dir/*


wget -c --progress=bar:force --prefer-family=IPv4 --no-check-certificate http://ftp.apnic.net/apnic/stats/apnic/delegated-apnic-latest -O $apnic_ip_info

grep "apnic|CN|ipv4|" "$apnic_ip_info" | awk -F'|' '{print $4"/"32-log($5)/log(2)}' > "$apnic_all_ip"

while read line
do

isp_ip=`echo $line | awk -F'/' '{print $1}'`
isp_info=`whois -h whois.apnic.net $isp_ip | grep -E "(mnt-|netname|e-mail)" | awk '{print $2}' | xargs`

# GWBN
into_gwbn=`echo $isp_info | sed -n '/GWBN/p'`
into_gwbl=`echo $isp_info | sed -n '/GXBL/p'`

# CNC
into_cnc=`echo $isp_info | sed -n '/CNC/p'`
into_cnc_small=`echo $isp_info | sed -n '/cnc/p'`

# CHINAUNICOM
into_unicom=`echo $isp_info | sed -n '/UNICOM/p'`

# CHINATELECOM
into_chinatelecom=`echo $isp_info | sed -n '/CHINANET/p'`
into_telecom=`echo $isp_info | sed -n '/TELECOM/p'`
into_bjtel=`echo $isp_info | sed -n '/BJTEL/p'`

# CERNET
into_cernet=`echo $isp_info | sed -n '/CERNET/p'`

# CRTC
into_crtc=`echo $isp_info | sed -n '/CRTC/p'`

# CHINAMOBILE
into_cmcc=`echo $isp_info | sed -n '/CMCC/p'`
into_cmnet=`echo $isp_info | sed -n '/CMNET/p'`


if [ "${into_gwbn}" != "" ];then
   echo "$line;" >> ${save_dir}/gwbn.acl
elif [ "${into_gwbl}" != "" ];then
   echo "$line;" >> ${save_dir}/gwbn.acl
elif [ "${into_cnc}" != "" ];then
   echo "$line;" >> ${save_dir}/unicom_cnc.acl
elif [ "${into_cnc_small}" != "" ];then
     echo "$line;" >> ${save_dir}/unicom_cnc.acl
elif [ "${into_unicom}" != "" ];then
     echo "$line;" >> ${save_dir}/unicom_cnc.acl
elif [ "${into_chinatelecom}" != "" ];then
     echo "$line;" >> ${save_dir}/chinatelecom.acl
elif [ "${into_telecom}" != "" ];then
     echo "$line;" >> ${save_dir}/chinatelecom.acl
elif [ "${into_bjtel}" != "" ];then
     echo "$line;" >> ${save_dir}/chinatelecom.acl
elif [ "${into_cernet}" != "" ];then
     echo "$line;" >> ${save_dir}/cernet.acl
elif [ "${into_crtc}" != "" ];then
     echo "$line;" >> ${save_dir}/crtc.acl
elif [ "${into_cmcc}" != "" ];then
     echo "$line;" >> ${save_dir}/cmcc.acl
elif [ "${into_cmnet}" != "" ];then
     echo "$line;" >> ${save_dir}/cmcc.acl
else
     echo "$line;" >> ${save_dir}/othernet.acl
fi

done<$apnic_all_ip


sed -i '1{s/^/acl "gwbn" { \n/;}' ${save_dir}/gwbn.acl
echo " }; " >> ${save_dir}/gwbn.acl

sed -i '1{s/^/acl "unicom_cnc" { \n/;}' ${save_dir}/unicom_cnc.acl
echo " }; " >> ${save_dir}/unicom_cnc.acl

sed -i '1{s/^/acl "chinatelecom" { \n/;}' ${save_dir}/chinatelecom.acl
echo " }; " >> ${save_dir}/chinatelecom.acl

sed -i '1{s/^/acl "cernet" { \n/;}' ${save_dir}/cernet.acl
echo " }; " >> ${save_dir}/cernet.acl

sed -i '1{s/^/acl "crtc" { \n/;}' ${save_dir}/crtc.acl
echo " }; " >> ${save_dir}/crtc.acl


sed -i '1{s/^/acl "cmcc" { \n/;}' ${save_dir}/cmcc.acl
echo " }; " >> ${save_dir}/cmcc.acl

sed -i '1{s/^/acl "othernet" { \n/;}' ${save_dir}/othernet.acl
echo " }; " >> ${save_dir}/othernet.acl



验证ping www.kaifashuo.com

电信     107.174.221.14
移动     207.246.82.114
联通     107.174.217.70

QQ截图20171129000700.jpg

QQ截图20171129003056.jpg

  • 版权声明:本文版权归开发说和原作者所有,未经许可不得转载。文章部分来源于网络仅代表作者看法,如有不同观点,欢迎进行交流。除非注明,文章均由 开发说 整理发布,欢迎转载,转载请带版权。

  • 来源:开发说 ( https://www.kaifashuo.com/ ),提供主机优惠信息深度测评和服务器运维编程技术。
  • 链接:https://www.kaifashuo.com/157.html
  • 评论(0

    1. 还没有任何评论,你来说两句吧

    发表回复

    您的电子邮箱地址不会被公开。 必填项已用 * 标注