안녕하세요.
제가 만든 서버 무료점검사이트인 www.serverchk.com 사이트를 다른IDC에 서버이중화 해놓았습니다.
(퇴근하고만 시간이 되서, 어제 퇴근하고 새벽 3시까지 작업했네요 ㅎㅎ)
기능이 좋아서라기보다는 다른사이트에서 홍보를 많이 해주셔서, 하루에 1000명이상 접속을 하네요 ^^
(단지, 웹서버가 2대로 분리했더니 카운터 1000에서 500,500으로 표시되네요 ㅎㅎ)
어제 네임서버와 웹서버이중화 했습니다. 참고로 네임서버 설정은 올립니다.
1. ns1설정
[root@localhost ~]# cd /etc
[root@localhost etc]# more named.conf
acl "localarea" {
211.35.64.72;
};
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
pid-file "/var/run/named.pid";
version " No touch !!! No !!";
allow-transfer { 211.35.64.72; };
};
logging {
channel debug_log {
file "/var/log/named/debug.log" versions 3 size 10m;
severity debug;
print-category yes;
print-severity yes;
print-time yes;
};
channel audit_log {
file "/var/log/named/audit.log" versions 3 size 10m;
severity debug;
print-category yes;
print-severity yes;
print-time yes;
};
channel query_log {
file "/var/log/named/query.log" versions 3 size 10m;
severity debug;
print-category yes;
print-severity yes;
print-time yes;
};
category default { debug_log; };
category general { debug_log; };
category security { audit_log; debug_log; };
category config { debug_log; };
category resolver { audit_log; };
category xfer-in { audit_log; };
category xfer-out { audit_log; };
category notify { audit_log; };
category client { audit_log; };
category network { audit_log; };
category update { audit_log; };
category queries { query_log; };
category lame-servers { audit_log; };
};
//
// a caching only nameserver config
//
# Use with the following in named.conf, adjusting the allow list as needed:
key "rndc-key" {
algorithm hmac-md5;
secret "s60KMc/Rb6gRrN+wQppvZA==";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
# End of named.conf
view "local" {
match-clients { localarea; };
recursion yes;
zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "serverchk.com" IN {
type master;
file "serverchk.com.zone";
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};
};
view "external" {
match-clients { any; };
recursion yes;
zone "serverchk.com" IN {
type master;
file "serverchk.com.zone";
allow-update { none; };
};
zone "yahooms.com" IN {
type master;
file "yahooms.com.zone";
allow-update { none; };
};
zone "yahooms.co.kr" IN {
type master;
file "yahooms.co.kr.zone";
allow-update { none; };
};
zone "msyahoo.co.kr" IN {
type master;
file "msyahoo.co.kr.zone";
allow-update { none; };
};
zone "foxylady.co.kr" IN {
type master;
file "foxylady.co.kr.zone";
allow-update { none; };
};
zone "yejin.pe.kr" IN {
type master;
file "yejin.pe.kr.zone";
allow-update { none; };
};
include "/etc/synchole.conf";
};
[root@localhost etc]#
[root@localhost etc]# cd /var/named/
[root@localhost named]# more serverchk.com.zone
$TTL 10
@ IN SOA ns1.serverchk.com. root (
2007072007 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS ns1.serverchk.com.
IN NS ns2.serverchk.com.
IN MX 0 mail.serverchk.com.
IN A 210.116.123.25
IN A 211.35.64.72
ns1.serverchk.com. IN A 210.116.123.25
ns2.serverchk.com. IN A 211.35.64.72
mail IN A 210.116.123.25
www IN A 210.116.123.25
IN A 211.35.64.72
serverchk.com. IN TXT "v=spf1 ip4:210.116.123.25 ~all"
[root@localhost named]#
2. ns2설정 - Slave이니 Zone File은 Master에서 가져온갑니다.
[root@proxy01 root]# cd /etc
[root@proxy01 etc]# more named.conf
acl "localarea" {
127.0.0.1;
210.116.123.25;
211.35.64.72;
};
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
pid-file "/var/run/named.pid";
version " No touch !!! No !!";
allow-transfer { 211.35.64.72; };
};
logging {
channel debug_log {
file "/var/log/named/debug.log" versions 3 size 10m;
severity debug;
print-category yes;
print-severity yes;
print-time yes;
};
channel audit_log {
file "/var/log/named/audit.log" versions 3 size 10m;
severity debug;
print-category yes;
print-severity yes;
print-time yes;
};
channel query_log {
file "/var/log/named/query.log" versions 3 size 10m;
severity debug;
print-category yes;
print-severity yes;
print-time yes;
};
category default { debug_log; };
category general { debug_log; };
category security { audit_log; debug_log; };
category config { debug_log; };
category resolver { audit_log; };
category xfer-in { audit_log; };
category xfer-out { audit_log; };
category notify { audit_log; };
category client { audit_log; };
category network { audit_log; };
category update { audit_log; };
category queries { query_log; };
category lame-servers { audit_log; };
};
//
// a caching only nameserver config
//
view "local" {
match-clients { localarea; };
recursion yes;
zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "serverchk.com" IN {
type slave;
file "serverchk.com.zone";
masters { 210.116.123.25; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" I
N {
type master;
file "named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};
};
view "external" {
match-clients { any; };
recursion yes;
zone "serverchk.com" IN {
type slave;
file "serverchk.com.zone";
masters { 210.116.123.25; };
};
zone "yahooms.com" IN {
type slave;
file "yahooms.com.zone";
masters { 210.116.123.25; };
};
zone "yahooms.co.kr" IN {
type slave;
file "yahooms.co.kr.zone";
masters { 210.116.123.25; };
allow-update { none; };
};
zone "msyahoo.co.kr" IN {
type slave;
file "msyahoo.co.kr.zone";
masters { 210.116.123.25; };
allow-update { none; };
};
zone "foxylady.co.kr" IN {
type slave;
file "foxylady.co.kr.zone";
masters { 210.116.123.25; };
allow-update { none; };
};
zone "yejin.pe.kr" IN {
type slave;
file "yejin.pe.kr.zone";
masters { 210.116.123.25; };
allow-update { none; };
};
//include "/etc/synchole.conf";
};
[root@proxy01 etc]#
[root@proxy01 etc]# cd /var/named/
[root@proxy01 named]# more serverchk.com.zone
$ORIGIN .
$TTL 10 ; 10 seconds
serverchk.com IN SOA ns1.serverchk.com. root.serverchk.com. (
2007072007 ; serial
10800 ; refresh (3 hours)
900 ; retry (15 minutes)
604800 ; expire (1 week)
86400 ; minimum (1 day)
)
NS ns1.serverchk.com.
NS ns2.serverchk.com.
A 210.116.123.25
A 211.35.64.72
MX 0 mail.serverchk.com.
TXT "v=spf1 ip4:210.116.123.25 ~all"
$ORIGIN serverchk.com.
mail A 210.116.123.25
ns1 A 210.116.123.25
ns2 A 211.35.64.72
www A 210.116.123.25
A 211.35.64.72
[root@proxy01 named]#
3. 확인
[root@proxy01 root]# dig @127.0.0.1 www.serverchk.com
; <<>> DiG 9.3.2 <<>> @127.0.0.1 www.serverchk.com
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63702
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;www.serverchk.com. IN A
;; ANSWER SECTION:
www.serverchk.com. 10 IN A 210.116.123.25
www.serverchk.com. 10 IN A 211.35.64.72
;; AUTHORITY SECTION:
serverchk.com. 10 IN NS ns2.serverchk.com.
serverchk.com. 10 IN NS ns1.serverchk.com.
;; ADDITIONAL SECTION:
ns1.serverchk.com. 10 IN A 210.116.123.25
ns2.serverchk.com. 10 IN A 211.35.64.72
;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Dec 15 09:50:03 2007
;; MSG SIZE rcvd: 135
- 이상 끝 -