域名cname跳转方案
域名配置参考
一、 DNS具体实现
1. 主干系统各业务主机申请test域主机名,指定别名记录。主干系统业务主机域名申请表由业务部署单位填写,并防止与test域原有主机名冲突。
序号 | 业务系统 | 主机名 | 别名 | IP地址 |
1 | 示例:web业务 | web.test | web.abc.test | X.X.X.X |
2. 在test域中创建一个新子域(例如:abc.test),在DNS服务器添加子域授权NS记录和相应A记录,子域权威授权地址指向双活数据中心平台DNS服务器地址。并针对子域备案,防止冲突和占用。
3. 双活数据中心平台智能DNS负责对abc.test新子域的权威解析,并建立各业务主机的相应A记录。
4. 总部及分支部门客户端网络仍采用原有DNS设置。
二、 目前广域网域名相关信息
1. DNS服务IP
序号 | 数据中心 | 设备 | IP |
1 | 数据中心1 | DNS | x.x.x.x |
2 | 数据中心2 | DNS | x.x.x.x |
2. 域名关系对照表
环境 | 系统 | 用户访问域名 | 双活数据中心 |
生产环境 | 系统 | test.test | test.abc.test |
CA(内部)平台 | ca.test | ca.abc.test | |
业务平台 | ebp.test | ebp.abc.test | |
业务平台服务接入 | ebps.test | ebps.abc.test | |
测试环境 | 系统 | testt.test | testt.abc.test |
CA(内部)平台 | cat.test | cat.abc.test | |
业务平台 | ebpt.test | ebpt.abc.test |
三、 参考配置
1. 根DNS服务器参考配置
1) zone test 文件参考配置
abc IN NS ns1.abc.test.
IN NS ns2.abc.test.
ns1.abc.test. IN A 10.91.193.50
ns2.abc.test. IN A 10.91.193.58
test IN CNAME test.abc.test.
ca IN CNAME ca.abc.test
ebp IN CNAME ebp.abc.test
ebps IN CNAME ebps.abc.test
testt IN CNAME testt.abc.test
cat IN CNAME cat.abc.test
ebpt IN CNAME ebpt.abc.test
修改named.conf文件
方案一:named.conf中禁用test域内转发
zone "test"in {
forwarders{};
};
方案二:named.conf中新增abc.test域转发
zone "abc.test" in {
type forward;
forwarders{10.91.193.50;10.91.193.58;};
};
2. 局端DNS服务器参考配置
named.conf 文件中添加子域转发
zone "abc.test" in {
type forward;
forwarders {10.91.193.50;10.91.193.58;};
};
四、 DNS测试
1. 根DNS解析测试
1) 测试结论
生产环境域名可正常解析,测试环境广域网GSLB未配置相应A记录
测试结果
abcdeMacBook-Air:~abc$ dig test.test @10.10.8.121
;<<>> DiG 9.8.3-P1 <<>> test.test @10.10.8.121
;;global options: +cmd
;;Got answer:
;;->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52779
;;flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 0
;;QUESTION SECTION:
;test.test. IN A
;;ANSWER SECTION:
test.test. 172800 IN CNAME test.abc.test.
test.abc.test. 60 IN A 10.91.8.1
;;AUTHORITY SECTION:
abc.test. 172800 IN NS ns2.abc.test.
abc.test. 172800 IN NS ns1.abc.test.
;;Query time: 71 msec
;;SERVER: 10.10.8.121#53(10.10.8.121)
;;WHEN: Fri Feb 19 15:10:52 2016
;;MSG SIZE rcvd: 109
abcdeMacBook-Air:~abc$ dig ca.test @10.10.8.121
;<<>> DiG 9.8.3-P1 <<>> ca.test @10.10.8.121
;;global options: +cmd
;;Got answer:
;;->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63031
;;flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 0
;;QUESTION SECTION:
;ca.test. IN A
;;ANSWER SECTION:
ca.test. 172800 IN CNAME ca.abc.test.
ca.abc.test. 60 IN A 10.91.8.5
;;AUTHORITY SECTION:
abc.test. 172800 IN NS ns1.abc.test.
abc.test. 172800 IN NS ns2.abc.test.
;;Query time: 45 msec
;;SERVER: 10.10.8.121#53(10.10.8.121)
;;WHEN: Fri Feb 19 15:11:01 2016
;;MSG SIZE rcvd: 105
abcdeMacBook-Air:~abc$ dig ebp.test @10.10.8.121
;<<>> DiG 9.8.3-P1 <<>> ebp.test @10.10.8.121
;;global options: +cmd
;;Got answer:
;;->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63849
;;flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 0
;;QUESTION SECTION:
;ebp.test. IN A
;;ANSWER SECTION:
ebp.test. 172800 IN CNAME ebp.abc.test.
ebp.abc.test. 60 IN A 10.91.8.2
;;AUTHORITY SECTION:
abc.test. 172800 IN NS ns2.abc.test.
abc.test. 172800 IN NS ns1.abc.test.
;;Query time: 37 msec
;;SERVER: 10.10.8.121#53(10.10.8.121)
;;WHEN: Fri Feb 19 15:11:10 2016
;;MSG SIZE rcvd: 107
abcdeMacBook-Air:~abc$ dig ebps.test @10.10.8.121
;<<>> DiG 9.8.3-P1 <<>> ebps.test @10.10.8.121
;;global options: +cmd
;;Got answer:
;;->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52230
;;flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 0
;;QUESTION SECTION:
;ebps.test. IN A
;;ANSWER SECTION:
ebps.test. 172800 IN CNAME ebps.abc.test.
ebps.abc.test. 55 IN A 10.91.8.32
;;AUTHORITY SECTION:
abc.test. 172800 IN NS ns1.abc.test.
abc.test. 172800 IN NS ns2.abc.test.
;;Query time: 3 msec
;;SERVER: 10.10.8.121#53(10.10.8.121)
;;WHEN: Fri Feb 19 15:11:24 2016
;;MSG SIZE rcvd: 109
abcdeMacBook-Air:~abc$ dig testt.test @10.10.8.121
;<<>> DiG 9.8.3-P1 <<>> testt.test @10.10.8.121
;;global options: +cmd
;;Got answer:
;;->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1823
;;flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;;QUESTION SECTION:
;testt.test. IN A
;;ANSWER SECTION:
testt.test. 172800 IN CNAME testt.abc.test.
;;Query time: 36 msec
;;SERVER: 10.10.8.121#53(10.10.8.121)
;;WHEN: Fri Feb 19 15:11:35 2016
;;MSG SIZE rcvd: 59
abcdeMacBook-Air:~abc$ dig cat.test @10.10.8.121
;<<>> DiG 9.8.3-P1 <<>> cat.test @10.10.8.121
;;global options: +cmd
;;Got answer:
;;->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31469
;;flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;;QUESTION SECTION:
;cat.test. IN A
;;ANSWER SECTION:
cat.test. 172800 IN CNAME cat.abc.test.
;;Query time: 34 msec
;;SERVER: 10.10.8.121#53(10.10.8.121)
;;WHEN: Fri Feb 19 15:11:45 2016
;;MSG SIZE rcvd: 55
abcdeMacBook-Air:~abc$ dig ebpt.test @10.10.8.121
;<<>> DiG 9.8.3-P1 <<>> ebpt.test @10.10.8.121
;;global options: +cmd
;;Got answer:
;;->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60877
;;flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;;QUESTION SECTION:
;ebpt.test. IN A
;;ANSWER SECTION:
ebpt.test. 172800 IN CNAME ebpt.abc.test.
;;Query time: 41 msec
;;SERVER: 10.10.8.121#53(10.10.8.121)
;;WHEN: Fri Feb 19 15:11:53 2016
;;MSG SIZE rcvd: 57
abcdeMacBook-Air:~abc$