摘要: |
[目的]研究如何将策略路由技术应用到DNS系统的构建上,提出一种构建安全可靠的DNS系统的方法。[方法]从网络安全构架、系统安全和BIND安全等多方面,系统阐述如何增强DNS的安全可靠性,并将策略路由技术应用到DNS的构建上。[结果]提出一种构建安全可靠DNS系统的方法,在国际互联网双出口的网络环境下,策略路由技术由网络中的路由器和DNS服务器协同完成,可实现出口链路冗余及优化访问路径、DNS解析业务冗余等功能。[结论]该方法可以解决DNS系统面临的安全威胁,提高DNS系统的可靠性,特别是策略路由技术的应用,在保证可靠性的基础上还优化了网络性能。 |
关键词: 域名系统(DNS) BIND 策略路由 |
DOI: |
投稿时间:2013-12-01修订日期:2013-12-15 |
基金项目: |
|
Constructing DNS System Based on Safety and Reliability |
LI Sen, WEN Jing
|
(Guangxi Economic Information Center, Nanning, Guangxi, 530022, China) |
Abstract: |
[Objective] The application of Policy-Based Routing to DNS system construction is studied and the method of constructing safe and reliable DNS system is illustrated.[Method] From the network security, system security and BIND security aspects, the enhancement on the security and reliability of DNS is stated, and Policy-Based Routing technology is applied to the DNS construction.[Result] A method for constructing safe and reliable DNS system is illustrated. In the double ISP network environment,Policy-Based Routing is accomplished by cooperation of the router and DNS server, which can realize the function of Internet link redundancy, path optimization and domain name resolution redundancy.[Conclusion] The method can solve the security threats faced by DNS system and improve the reliability of the DNS system. Especially, the application of Policy-Based Routing can ensure the reliability and optimize the network performance. |
Key words: domain name system (DNS) BIND policy-based routing |