DNS视图以及日志压力测试

时间:2024-12-20 13:08:14

1    访问控制列表 配置在/etc/named.conf文件的最顶端
    acl innct {
        192.168.1.0/24;
        127.0.0.0/8;
    };
    allow query { innct; };
    
2-    视图
named.conf

acl telecom {
    192.168.1.0/24;
    127.0.0.8;
};

acl unicom {
    192.161.14.0/24;
    127.0.0.8;
};

options    {
    directory "/var/named";
    allow-recursion {    innet; };
};
view telecom {
    match-clients { telecom; };
    zone "xingxing.com" IN {
        type master;
        file "telecom.xingxing.com.zone";
    };
    zone  "xx.com" IN {
        type master;
        file "xx.com.zone";
    };
};
view unicom {
    match-clients { unicom; };
    zone "xingxing.com" IN {
        type master;
        file "unicom.xingxing.com.zone";
    };
    zone  "xx.com" IN {
        type master;
        file "xx.com.zone";
    };
};

vim /var/named/telecom.xingxing.com.zone

$TTL 43200
@    IN     SOA     dns.xingxing.com.    root (
                    2
                    1H
                    10M
                    7D
                    1D)
@            IN     NS       dns
@            IN   MX 10 mail
dns         IN     A     192.168.1.5
mail        IN     A        192.168.1.5
na            IN     A     192.168.1.3

vim /var/named/iunicom/unicom.xingxing.com.zone
$TTL 43200
@    IN     SOA     dns.xingxing.com.    root (
                    2
                    1H
                    10M
                    7D
                    1D)
@             IN     NS       dns
@            IN   MX 10 mail
dns         IN     A     192.168.1.5
mail        IN     A        192.168.1.5
na            IN     A     192.161.14.3

3-    启用dnsLog日志

vim /etc/named.conf
options {
    querylog yes;
    
}

测试
dig -t A na.xingxing.com @192.168.1.5
6 21:57:37 nagios named[16147]: client 192.168.1.3#33698: view telecom: query: na.xingxing.com IN A + (192.168.1.5)
16 21:58:21 nagios named[16147]: client 192.161.14.3#47972: view unicom: query: na.xingxing.com IN A + (192.161.14.5)
vim /etc/named.conf

logging {
    channel querylog {
    file "/var/log/named/bind_query.log" versions 5 size 10M; //模式为file,名称为log.msgs,保存3个版本,大小为10k滚动
    severity dynamic;    //日志级别
    print-time yes;//打印时间
    print-category yes;//打印种类
    print-severity yes;//打印级别
    };
    channel my_syslog {
    syslog local0;
    severity info;
    };
    category queries { querylog; };//查询日志
    category xfer-out { my_file; };//传输出去日志 dig -t axfs xingxing.com @192.168.1.1
    category update { my_syslog; };
};

queryperf :压力测试
tar -zxvf bind-9.11.0.tgz
cd bind-9.11.0/contrib
./configure
make
vi test
ns.xingxing.com A
xingxing.com  NS
nagios.xingxing.com A

queryperf -d test -s 192.168.1.5

DNS Query Performance Testing Tool
Version: $Id: queryperf.c,v 1.12 2007/09/05 07:36:04 marka Exp $

[Status] Processing input data
[Status] Sending queries (beginning with 192.168.1.5)
[Status] Testing complete

Statistics:

  Parse input file:     once
  Ended due to:         reaching end of file

  Queries sent:         3 queries
  Queries completed:    3 queries
  Queries lost:         0 queries
  Queries delayed(?):   0 queries

  RTT max:              0.002752 sec
  RTT min:              0.002543 sec
  RTT average:          0.002648 sec
  RTT std deviation:    0.000082 sec
  RTT out of range:     0 queries

  Percentage completed: 100.00%
  Percentage lost:        0.00%

  Started at:           Sun Oct 16 23:34:52 2016
  Finished at:          Sun Oct 16 23:34:52 2016
  Ran for:              0.002870 seconds

  Queries per second:   1045.296167 qps
 
 
  安装dnstop
  dnstop -4 -Q -R eth0