我正在为我的 DNS 服务器网络使用 Debian 服务器 10 和 bind9,我想要非常简单地使用 DNS 服务器,我的拓扑如下所示:
client <-> DNS <-> voip.example.com
client IP: 172.17.106.9
client DNS primary: 172.17.106.15
client DNS secondary: 8.8.8.8
DNS IP: 172.17.106.15
voip.example.com IP: 172.17.106.12
我想在收到客户端的每个请求时检查DNS记录,如果不匹配,则转到存储在客户端辅助DNS(8.8.8.8)中的辅助DNS
我在客户端 cmd 上收到此错误:
C:\Users\Farhad>nslookup voip.example.com
Server: ns1.example.com
Address: 172.17.106.15
*** ns1.example.com can't find voip.example.com: Server failed
我的 bind9 配置在这里:
/etc/bind/named.conf.local
zone "example.com" {
type master;
file "/etc/bind/db.example.com"; # zone file path
};
zone "17.172.in-addr.arpa" {
type master;
file "/etc/bind/db.172.17"; # 172.17.0.0/16 subnet
};
/etc/bind/named.conf.options
acl "trusted" {
172.17.106.15; # ns1
172.17.106.9; # client
172.17.106.12; # VoIP
};
options {
directory "/var/cache/bind";
recursion yes; # enables resursive queries
allow-recursion { trusted; }; # allows recursive queries from "trusted" clients
listen-on { 172.17.106.15; }; # ns1 private IP address - listen on private network only
allow-transfer { none; }; # disable zone transfers by default
forwarders {
8.8.8.8;
8.8.4.4;
};
};
/etc/bind/db.example.com
$TTL 604800
@ IN SOA ns1.example.com. f.example.com. (
3 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
; name servers - NS records
IN NS ns1.example.com.
; name servers - A records
ns1.example.com. IN A 172.17.106.15
; 172.16.0.0/16 - A records
voip.example.com. IN A 172.17.106.12
/etc/bind/db.172.17
$TTL 604800
@ IN SOA ns1.example.com. f.example.com. (
3 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
; name servers
IN NS ns1.example.com.
; PTR Records
15.106 IN PTR ns1.example.com. ; 172.17.106.15
12.106 IN PTR voip.example.com. ; 172.17.106.12