拓扑
配置
IP的基本配置
r2
[R2]int g0/0/0
[R2-GigabitEthernet0/0/0]ip add 12.0.0.2 255.255.255.0
[R2]int g0/0/2
[R2-GigabitEthernet0/0/2]ip add 210.1.1.254 255.255.255.0
[R2-GigabitEthernet0/0/2]int g0/0/1
[R2-GigabitEthernet0/0/1]ip add 200.1.1.254 255.255.255.0
r3
[R3]int g0/0/0
[R3-GigabitEthernet0/0/0]ip add 13.0.0.3 255.255.255.0
[R3]int g0/0/1
[R3-GigabitEthernet0/0/1]ip add 100.1.1.254 255.255.255.0
[R3-GigabitEthernet0/0/1]int g0/0/2
[R3-GigabitEthernet0/0/2]ip add 110.1.1.254 255.255.255.0
防火墙
实服务器
[FW]slb enable --开启负载均衡
[FW]slb
[FW-slb]group 0 dns
[FW-slb-group-0]rserver 0 rip 200.1.1.1 port 53
[FW-slb-group-0]rserver 1 rip 100.1.1.1 port 53---实服务器IP,端口号
虚服务器
[FW-slb]vserver 0 dns
[FW-slb-vserver-0]vip 0 10.10.10.10
[FW-slb-vserver-0]group dns
透明DNS代理
[FW]dns-transparent-policy
[FW-policy-dns]dns transparent-proxy enable
[FW-policy-dns]dns server bind interface GigabitEthernet 1/0/1 preferred 100.1.1.1
[FW-policy-dns]dns server bind interface GigabitEthernet 1/0/2 preferred 200.1.1.1
透明DNS策略
[FW-policy-dns]rule name dns_p
[FW-policy-dns-rule-dns_p]source-address 192.168.1.0 24
[FW-policy-dns-rule-dns_p]enable
Info: The policy is enabled successfully.
[FW-policy-dns-rule-dns_p]action tpdns
测试
