No one is perfect, and it is understandable that DNS has some flaws. However, it is natural that humans are not perfect. Although the imperfection of DNS is not unreasonable, it is at least unjustifiable. This is determined by the importance of DNS. The emergence of bind9 solves the problem of DNS defects and vulnerabilities to a certain extent. Bind returns different interpretation IPs through the user's source IP. In fact, it is not the actual user who directly accesses my DNS, but the DNS used by the user to access my DNS. Netcom's DNS saves my Netcom's IP. If the user modifies the DNS by himself For example, if Telecom users insist on using China Netcom's DNS or if Netcom users use foreign DNS, this will lead to errors in judgment.
The network problem between the north and the south of China has always been a concern for many people. In addition to using dual-pass or multi-pass computer rooms, you can also use multiple mirror servers to improve user access speeds. However, if the dual-pass computer room used does not have a single IP or uses multiple mirrors, you will face the problem of multiple different server IPs. Many mirror servers use different domain names. This approach is very bad for users and is inconvenient for promotion. Automatically determine and guide to different mirror servers based on the user's line. Using a unified domain name is the smart DNS function.
Do not use the default port bind when starting both DNS servers. The initial bind does not support selecting different IPs by source, so smart DNS can only be implemented through iptabl assistance. The two copies parse different lines respectively, and then use iptabl to send the DNS request of the default port to bind according to the source IP. The shortcomings of this method are obvious. If more line explanations are needed, bind will be opened again.
bind now supports source selection. However, the rewritten bind9 is much more stable and secure than bind8 which is full of loopholes. (Source: http://dns.qy.com.cn )