如何为权威(auth)dnsmasq dns 服务器配置通配符子域?
How to configure wildcard subdomains for authoritative (auth) dnsmasq dns server?
我编译了 dnsmasq v2.76,包括对 运行 其权威 dns 服务器的支持(在 Makefile 中删除了 NOAUTH)。
Wildcard subdomains with dnsmasq 可以用于服务器的缓存部分。
我试过了:
host-record=*.domain.tld,1.2.3.4host-record=.domain.tld,1.2.3.4host-record=domain.tld,1.2.3.4address=/domain.tld/1.2.3.4
None 其中 return 是 www.domain.tld 的预期答案。
如何为权威方配置通配符A记录?
如 dnsmasq man page 中所述,只有一些选项用于填充权威区域的数据:
When dnsmasq is configured to act as an authoritative server, the following data is used to populate the authoritative zone.
--mx-host, --srv-host, --dns-rr, --txt-record, --naptr-record , as long as the record names are in the authoritative domain.
--cname as long as the record name is in the authoritative domain. If the target of the CNAME is unqualified, then it is qualified with the authoritative zone name.
IPv4 and IPv6 addresses from /etc/hosts (and --addn-hosts ) and --host-record and --interface-name provided the address falls into one of the subnets specified in the --auth-zone.
Addresses of DHCP leases, provided the address falls into one of the subnets specified in the --auth-zone. (If contructed DHCP ranges are is use, which depend on the address dynamically assigned to an interface, then the form of --auth-zone which defines subnets by the dynamic address of an interface should be used to ensure this condition is met.)
In the default mode, where a DHCP lease has an unqualified name, and possibly a qualified name constructed using --domain then the name in the authoritative zone is constructed from the unqualified name and the zone's domain. This may or may not equal that specified by --domain. If --dhcp-fqdn is set, then the fully qualified names associated with DHCP leases are used, and must match the zone's domain.
特别是只有 host-record、主机文件条目和 DHCP 租约可以生成 A/AAAA 记录并且 --address 选项 未 被考虑帐户。不幸的是,--address 选项是为域及其所有子域指定 A/AAAA 响应的唯一方法。
dnsmasq 没有其他 DNS 服务器已知的通配符记录功能,如绑定,如 my answer to the question you linked 中所述。
在即将发布的 dnsmasq 2.77 版本中,将有一个用于 CNAME 记录的通配符选项。
可以像这些例子那样配置:
cname=*.domain.tld,domain.tld
cname=*.otherdomain.tld,host.even-another-domain.tld
自 commit b637d7815da89b5fb04c27b1d9a361fe5b2622a0 2016 年 12 月 13 日星期二 18:44:11 +0200 开始支持 CNAME 通配符。
Commit 2.77test4 包含最新添加的通配符代码。
我编译了 dnsmasq v2.76,包括对 运行 其权威 dns 服务器的支持(在 Makefile 中删除了 NOAUTH)。
Wildcard subdomains with dnsmasq 可以用于服务器的缓存部分。
我试过了:
host-record=*.domain.tld,1.2.3.4host-record=.domain.tld,1.2.3.4host-record=domain.tld,1.2.3.4address=/domain.tld/1.2.3.4
None 其中 return 是 www.domain.tld 的预期答案。
如何为权威方配置通配符A记录?
如 dnsmasq man page 中所述,只有一些选项用于填充权威区域的数据:
When dnsmasq is configured to act as an authoritative server, the following data is used to populate the authoritative zone.
--mx-host,--srv-host,--dns-rr,--txt-record,--naptr-record, as long as the record names are in the authoritative domain.
--cnameas long as the record name is in the authoritative domain. If the target of the CNAME is unqualified, then it is qualified with the authoritative zone name.IPv4 and IPv6 addresses from /etc/hosts (and
--addn-hosts) and--host-recordand--interface-nameprovided the address falls into one of the subnets specified in the--auth-zone.Addresses of DHCP leases, provided the address falls into one of the subnets specified in the
--auth-zone. (If contructed DHCP ranges are is use, which depend on the address dynamically assigned to an interface, then the form of--auth-zonewhich defines subnets by the dynamic address of an interface should be used to ensure this condition is met.)In the default mode, where a DHCP lease has an unqualified name, and possibly a qualified name constructed using
--domainthen the name in the authoritative zone is constructed from the unqualified name and the zone's domain. This may or may not equal that specified by--domain. If--dhcp-fqdnis set, then the fully qualified names associated with DHCP leases are used, and must match the zone's domain.
特别是只有 host-record、主机文件条目和 DHCP 租约可以生成 A/AAAA 记录并且 --address 选项 未 被考虑帐户。不幸的是,--address 选项是为域及其所有子域指定 A/AAAA 响应的唯一方法。
dnsmasq 没有其他 DNS 服务器已知的通配符记录功能,如绑定,如 my answer to the question you linked 中所述。
在即将发布的 dnsmasq 2.77 版本中,将有一个用于 CNAME 记录的通配符选项。
可以像这些例子那样配置:
cname=*.domain.tld,domain.tld
cname=*.otherdomain.tld,host.even-another-domain.tld
自 commit b637d7815da89b5fb04c27b1d9a361fe5b2622a0 2016 年 12 月 13 日星期二 18:44:11 +0200 开始支持 CNAME 通配符。 Commit 2.77test4 包含最新添加的通配符代码。