1,内网段10.10.54.0/24

      master_IP :10.10.54.20

      slave_IP  :10.10.54.22

   外网段172.16.100.0/24

      172.16.100.20

      172.16.100.21

 其中，NAT主机的eth0网卡IP为10.10.54.20

      eth1网卡的I盘IP为172.16.100.20

   172.16.100.21为外网IP

   10.10.54.22为内网IP

 2，在NAT主机编辑配置文件

    vi /etc/named.conf

---------------------------------------------------------

options {        listen-on port 53 { any; };        listen-on-v6 port 53 { ::1; };        directory       "/var/named";        dump-file       "/var/named/data/cache_dump.db";        statistics-file "/var/named/data/named_stats.txt";        memstatistics-file "/var/named/data/named_mem_stats.txt";        allow-query     { any; };        recursion yes;           };       acl  intranet { 10.10.54.0/24 ; };       acl  internet { 172.16.100.0/24 ; };view  "lan" {          match-clients { "intranet"; };  zone "." IN {        type hint;        file "named.ca";       };  zone "wang.tiger" IN {        type master;        file "named.wang.tiger";        allow-transfer { 10.10.54.22; };  };  zone "54.10.10.in-addr.arpa" IN {        type  master;        file "named.54.10.10";        allow-transfer { 10.10.54.22; };    };};view  "wan" {   match-clients { "internet"; };   zone "." IN {        type hint;        file "named.ca";    };   zone "wang.tiger" IN {          type master;          file "named.wang.tiger.inter";    };};

--------------------------------------------

vi /var/named/named.wang.tiger

$TTL 86400@               IN SOA master.wang.tiger. tiger.www.wang.tiger.  (                  2014010899;                         3H;                         15M;                         1W;                         1D;                         ) ;@               IN      NS      master.wang.tiger. ;@               IN      NS      slave.wang.tiger. ;master.wang.tiger.    IN A      10.10.54.20slave.wang.tiger.     IN A      10.10.54.22www.wang.tiger.       IN A      10.10.54.20linux.wang.tiger.     IN CNAME  www.wang.tigerftp.wang.tiger.       IN CNAME  www.wang.tiger

----------------------------------------------------------------

vi /var/named/named.54.10.10

$TTL 86400@               IN SOA master.wang.tiger. tiger.www.wang.tiger.  (                  2014010899;                         3H;                         15M;                         1W;                         1D;                         ) ;@               IN      NS      master.wang.tiger. ;@               IN      NS      slave.wang.tiger. ;20     IN       PTR     master.wang.tiger. ;22     IN       PTR     slave.wang.tiger. ;20     IN       PTR     www.wang.tiger. ;20     IN       PTR     ftp.wang.tiger. ;20     IN       PTR     linux.wang.tiger. ;

---------------------------------------------------------------

cp -a /var/named/named.wang.tiger  /var/named/named.wang.tiger.inter

vi /var/named/named.wang.tiger.inter

---------------------------------------------------------------

$TTL 86400@               IN SOA master.wang.tiger. tiger.www.wang.tiger.  (                  2014010899;                         3H;                         15M;                         1W;                         1D;                         ) ;@               IN      NS      master.wang.tiger. ;wang.tiger.     IN       A      172.16.100.20master.wang.tiger.    IN A      172.16.100.20www.wang.tiger.       IN A      172.16.100.20linux.wang.tiger.     IN CNAME  www.wang.tigerftp.wang.tiger.       IN CNAME  www.wang.tiger

---------------------------------------------------------------------

3，更改客户机的/etc/resolv.conf文件

    172.16.100.21更改为

    nameserver 172.16.100.20

    nameserver 10.10.54.20

    nameserver 10.10.54.22

   10.10.54.22更改为

    nameserver 10.10.54.20

    nameserver 10.10.54.22

    nameserver 172.16.100.20

4,重启NAT主机的DNS服务即可，并开放主机的53号UDP端口

  iptables -A INPUT -i eth1 -p udp --doprt 53 -j ACCEPT

  service named restart

5，测试

    10.10.54.22主机dig www.wang.tiger

   [root ~]# dig www.wang.tiger

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6 <<>> www.wang.tiger

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62354

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:

;www.wang.tiger. IN A

;; ANSWER SECTION:

www.wang.tiger. 86400 IN A 10.10.54.20

;; AUTHORITY SECTION:

wang.tiger. 86400 IN NS master.wang.tiger.

wang.tiger. 86400 IN NS slave.wang.tiger.

;; ADDITIONAL SECTION:

master.wang.tiger. 86400 IN A 10.10.54.20

slave.wang.tiger. 86400 IN A 10.10.54.22

;; Query time: 1 msec

;; SERVER: 10.10.54.20#53(10.10.54.20)

;; WHEN: Thu Jan  9 14:01:58 2014

;; MSG SIZE  rcvd: 121

 172.16.100.21主机dig www.wang.tiger

   [root ~]# dig www.wang.tiger

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6 <<>> www.wang.tiger

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35603

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:

;www.wang.tiger. IN A

;; ANSWER SECTION:

www.wang.tiger. 86400 IN A 172.16.100.20

;; AUTHORITY SECTION:

wang.tiger. 86400 IN NS master.wang.tiger.

;; ADDITIONAL SECTION:

master.wang.tiger. 86400 IN A 172.16.100.20

;; Query time: 0 msec

;; SERVER: 172.16.100.20#53(172.16.100.20)

;; WHEN: Thu Jan  9 14:06:10 2014

;; MSG SIZE  rcvd: 85

###############################################################################