detailed
DNS
Common Records of (top)in the previous blog post, we introduced the DNS server architecture, where we learned that if we want to register a domain name, then we must go through the top-level domain name server or its subordinate domain name server for the domain name we requested to be delegated, the resolution is delegated to our DNS server, This allows us to obtain the right to resolve the domain name of the application. In this article we will further, assuming that we have successfully applied for a company domain name hexun.com, now hexun.com the resolution of the delegation to the company's DNS server 202.99.16.1, then we on the 202.99.16.1 server on what configuration?
a
installation
DNS
ServerFirst we will install the DNS component on the server, as shown in the TCP/IP configuration of the server. Installing the DNS component is very simple, click Control Panel-Add or Remove Programs-add/Remove Windows Components-network services, as shown in, select Domain Name System.
two
Create a zoneafter the DNS server is created, we will create the DNS zone, the DNS server is responsible for the namespace, the DNS server has a forward zone and reverse zone, the positive zone is responsible for the domain name to the IP, and the reverse zone is responsible for IP resolution to the domain name. There are three types of DNS zones, forward zones, reverse zones, and stub zones. To understand the zone type, first understand that the DNS server has the difference between the primary server and the secondary server. In general, the enterprise application domain name will be considered with two DNS servers, one is the primary server, and the other is a secondary server. The general resolution request is responsible for the primary server, the secondary server data is copied from the primary server, the secondary server data is read-only, when the primary server fails or because the load is too heavy to respond to the client's resolution request, the secondary server will come forward to assume the task of domain name resolution. Now let's go back and explain what the primary area is, the primary server uses the area that is the primary zone, and the area that the secondary server uses is the secondary zone. The stub area can be seen as a special, simplified, secondary area, which we'll cover in the next blog post. In general, we use more forward regions, and logically, we must first create primary areas, because both the secondary and stub areas need to replicate data from the primary region, so our task now is to create a positive primary region for the zone hexun.com. As shown, we chose to create a forward zone on the DNS server. When the New Zone Wizard appears, click Next to continue. Select Create a primary zone. The name of the zone is the same as the filed name, Hexun.com. The zone data file is Hexun.com.dns, and all the records in the region are stored in this file, note that this file we will use later. The Wizard asks if the zone is allowed to update dynamically, in general, if the DNS zone is used on the intranet, we allow dynamic updates, and if you use it for the Internet, you generally do not need dynamic updates. as shown, the zone is created. once the zone has been created, as shown, there is only one NS record in the zone and one SOA record, the next thing we do is create the appropriate DNS records in the zone.
three
Create a recordDNS records are the specific representation of DNS zone data, and we will introduce several of the most common DNS records, you can master these records to master the basic application of DNS.
1.
A
Recorda record, also known as a host record, is the most widely used DNS record, and the basic role of a record is to describe how much IP a domain name corresponds to, for example, We want to use a record to explain the domain name of a host is Bbs.hexun.com,ip is 202.99.16.185, then we can do the following. As shown, we select "New Host" in the Hexun.com area. as shown, we explained in the a record that the IP of the domain name bbs.hexun.com corresponds to 202.99.16.185. It mentions the concept of a fully qualified domain name, here we introduce. A fully qualified domain name refers to a point-end domain name, such as Bbs.hexun.com. is a fully qualified domain name. In the general network application, we can omit the right-most point of the fully qualified domain name, but the DNS for this point cannot be omitted casually. Because this point represents the root of the DNS, with this point, the fully qualified domain name can be expressed as an absolute path, such as bbs.hexun.com. You can represent a host named BBS in the hexun.com domain under a COM subdomain under the DNS root. If DNS discovers that a domain name is not a fully qualified domain name at the end of a point, it will be suffixed with the current domain name to meet the formal requirements of a fully qualified domain name. For example, DNS will treat the domain name BBS as bbs.hexun.com. Therefore, if you are asked to enter a fully qualified domain name, we should be careful to let the domain name end with a dot. the basic usage of a record is to describe the correspondence between the domain name and IP, in fact a record has an advanced usage, a record has the function of load balance. DNS is often used as a low-cost load-balancing solution, mostly relying on a record. For example, we have four Web servers collectively responsible for [Url]www.hexun.com[/url] this site, The IP addresses of the four Web servers are 202.99.16.81,202.99.16.82,202.99.16.83 and 202.99.16.84, so we should create the following host records.
above we use four A records respectively described [Url]www.hexun.com[/url] corresponding four IP, then, in the end how to use these IP to achieve load balance? The principle is that the Client Access Web server generally uses a domain name, so the DNS server needs to be used to resolve the domain name to IP. When the first client queries [Url]www.hexun.com[/url], The DNS server tells the client that the IP for this domain name is 202.99.16.81, and the second client queries the DNS server to change the answer to 202.99.16.82, and so on, DNS uses "polling" Technology has led different access users to four different Web servers, thus achieving a simple load balancing effect. we can use a simple experiment to verify the effect of DNS polling, as shown in, we used ping [Url]www.hexun.com[/url] on the client to query the IP address of the domain name, but strangely, the client two times the domain name to get the same result, What is it then? Does the DNS polling not work? In fact, the DNS polling is not a problem, but because the client has a DNS caching mechanism, when the client first query DNS server to obtain the IP address of the domain name, the customer opportunity to put the query results into the cache, so that the next time the query will be directly from the cache to get results without asking the DNS server. Understand this, we just use Ipconfig/flushdns clear the client's DNS cache can continue to experiment, the experimental results as shown, we can see that the DNS polling has played a role.
2.
NS
RecordNS records and SOA records are two records that are essential for any DNS zone, and NS records are also called name server records that describe which DNS servers in the zone are responsible for parsing, and the SOA records describe which of the DNS servers responsible for resolving are the primary servers. Therefore, it is not possible for any one DNS zone to be missing these two records. assuming the hexun.com zone has two DNS servers responsible for parsing, ns1.hexun.com is the primary server, ns2.hexun.com is the secondary server, ns1.hexun.com IP is 202.99.16.1,ns2.hexun.com IP is 202.9 9.16.2. Then we should create two NS records, of course, NS records depend on the resolution of a records, we should first create two A records for ns1.hexun.com and ns2.hexun.com, and create a record as shown. with the support of two host records, we can edit the NS record, as shown in, the NS record of the current region is created automatically by the system when the hexun.com zone is created. This NS record does not work properly because nsserver is not a fully qualified domain name that can be resolved, so we delete this record and recreate two NS records. as shown, we create an NS record, the fully qualified domain name of the NS server is ns1.hexun.com:, the resolved IP is 202.99.16.1, this record indicates that there is a server ns1.hexun.com responsible for hexun.com domain name resolution. Create the ns2.hexun.com NS record in the same way as shown in the completed results.
3.
SOA
RecordThe NS record shows that there are two DNS servers responsible for hexun.com domain name resolution, but which one is the primary server? The NS record does not indicate that this task is done by the SOA record. The SOA record is also known as the start-of-authority record, which is responsible for explaining which DNS server is the primary server and some associated parameters between the primary and secondary servers. As shown in Hexun.com's SOA records, we analyze them one by one. first we want to analyze the serial number, the serial number reflects the number of DNS server data changes, DNS server data update every time, the serial number is increased by one. But when we think about it, it doesn't make sense for administrators to understand this parameter, because the DNS server has been updated 10,000 or 9,999 times and has no substantial impact on the administrator. In fact, this parameter is used for the secondary server. As we mentioned earlier, the data of the secondary server is copied from the primary server, so how does the secondary server determine if the data of the master server is being updated? Secondary server simply check the serial number of the primary server to understand that if the primary server's serial number is larger than the secondary server's serial number, then the secondary server should go to the primary server for incremental updates. The importance of the primary server parameter is self-evident, and the main server parameter in the current SOA record is nsserver. This is not a fully qualified domain name that can be resolved, we should change the primary server to ns1.hexun.com. As shown, this is the correct primary server parameter. There may be questions about why NS records and SOA records are nsserver by default, mainly because of nsserver. is the NetBIOS name of this DNS server. As we know, we have changed the owner parameter in the SOA record to admin.hexun.com., looks like a host of fully qualified domain name, actually means [email protected], is an email address. So why is the owner of this parameter not directly written [email protected] it? After all, it's so much more understandable, because the @ symbol has a special meaning in DNS, @ in DNS represents the current region, that is, hexun.com, so we were forced to write the e-mail address into a fully qualified domain name format. The refresh interval refers to the secondary server that contacts the primary server every 15 minutes to see if the master server has any data updates. The retry interval of 10 minutes value is if the secondary server and the primary server lose contact, then the secondary server contacts the primary server every 10 minutes, during which the secondary server is responsible for the domain name resolution of the current zone. Expiration time is 1 days refers to if the secondary server has not contacted the primary server after a day, the secondary server will assume that the primary server will never come back, their data is not saved, so it will announce the expiration of data, and refused to continue to provide users with parsing services. TTL one hours refers to the lifetime of the record in the DNS cache is one hours. in this blog post we describe three types of DNS records, A records, NS records, and SOA records, which are clearly necessary for any DNS zone in terms of content, and we'll cover Mx,cname,srv and PTR records in the next blog post.
This article is from the "Yuere Microsoft Online Classroom" blog, make sure to keep this source http://yuelei.blog.51cto.com/202879/106921
< turn > Detailed DNS Common Records (top): DNS Series II
