I. Domain Name and domain name resolution
Network
In order to distinguish each host, you must assign a unique address to each host. This address is called "IP Address
Address ". However, these numbers are hard to remember, so they are replaced by domain names. However
The host can be accessed only when the domain name is converted to the corresponding IP address.
The DNS service, also known as the domain name resolution service, provides mutual conversion between domain names and IP addresses. The forward resolution of the domain name is
When the host name is converted into an IP address, reverse resolution of the domain name is the process of converting the IP address into a host name. Normally
You do not need to convert the IP address to the host name, that is, reverse resolution. Reverse resolution is often used by some background programs and is invisible to users.
Ii. DNS Architecture
The hierarchical structure of the domain is like the same inverted tree. The hierarchy is very clear ,. The root domain is at the top, followed
There are several top-level domains under the root domain, and each top-level domain can
Further divided into different second-level domain, second-level domain again
Subdomain: the subdomain can be either a host or a subdomain that can be further divided until the last host. The domain in the Internet is composed
InterNIC is responsible for management, and the Domain Name Service is implemented by DNS.
(Click a thumbnail to view the larger image)
Iii. DNS resolution process
1. The client requests to parse the IP address of www.exmaple.com.cn. If there is no related resolution in the local hosts file,
Sends a resolution request to the local DNS server;
2. If the local DNS server has the resolution information for this domain name
Return to the client. If the local DNS Service
If the DNS server does not have the resolution information for this domain name, the local DNS server will ask the root DNS server for the IP address of www.exmaple.com.cn.
Address;
3. If the root DNS server has the resolution information for this domain name, the system will directly return the information to the local DNS server.
The DNS server then returns the resolution information to the client. If the root DNS server does not have the resolution information for this domain name
The IP address of the DNS server governing the. cn Resolution Service;
4. The local DNS server requests the IP address of www.exmaple.com.cn from the DNS server under the jurisdiction of. CN;
5. If the. cn server has the resolution information for this domain name, the system will directly return the information to the local DNS server.
The server then returns the resolution information to the client. If the. cn DNS server does not have the resolution information for this domain name, The. cn DNS server will be responsible for resolving the domain name.
Analyze the DNS server of the business to inform .com.cn of the IP address of the DNS server;
6. The local DNS server requests the IP address of www.exmaple.com.cn from the DNS server under the jurisdiction of .com.cn;
7. If the .com.cn server has the resolution information for this domain name, the system will directly return the information to the local DNS server.
The DNS server then returns the resolution information to the client. If the .com.cn DNS server does not have the resolution information for this domain name
The DNS Server responsible For the .com.cn Resolution Service informs .example.com.cn of the IP address of the DNS server;
8. The local DNS server asks the DNS server under the jurisdiction of .example.com.cn for the IP address of www. example.com.cn.
Address;
9. the DNS server under the jurisdiction of .example.com.cn informs www.exmaple.com.cn of the IP address of the DNS server;
10. The local DNS server resolves the IP address www.exmaple.com.cn and sends it back to the client.
4. Build a DNS multi-domain Resolution Server under centos5.3
System Platform: centos5.3 kernel version: 2.6.18-128.2.1.el5
DNS Server IP Address: 192.168.2.210
Web Server A: www.chinaunix.net 192.168.2.181
Mail Server B: mail.chinaunix.net 192.168.2.182
Web Server C: www.chinaunix.org 192.168.2.183
Mail Server D: mail.chinaunix.org 192.168.2.185
1. Install bind Software Package [root @ server ~] # Yum-y install bind * caching-nameserver
2. Modify the master configuration file
[Root @ server ~] # Cd/var/named/chroot/etc/
[Root @ Server etc] # cp-P named. caching-nameserver.conf named. conf
[Root @ Server etc] # cp-P named. rfc1912.zones named. rfc1912.zones. Bak
Note: In addition to copying the source file content, the CP parameter-P also copies the modification time and access permissions to the new file.
Here, the owner of most configuration files is root and the group is named. If it is only CP, it will be reported when the named service is started.
Error.
[Root @ Server etc] # vi named. conf
//
// Named. caching-nameserver.conf
//
// Provided by Red Hat caching-nameserver package to configure
// Isc bind named (8) DNS server as a caching only nameserver
// (As a localhost DNS resolver only ).
//
// See/usr/share/doc/Bind */sample/For example named Configuration
Files.
//
// Do not edit this file-use system-config-bind or an editor
// To create named. conf-edits to this file will be lost on
// Caching-nameserver package upgrade.
//
Options {
Listen-on port 53 {Any
;};
Listen-on-v6 port 53 {: 1 ;};
Directory "/var/named ";
Dump-file "/var/named/data/cache_dump.db ";
Statistics-file "/var/named/data/named_stats.txt ";
Memstatistics-file "/var/named/data/named_mem_stats.txt ";
// Those options shocould be used carefully because they disable port
// Randomization
// Query-source port 53;
// Query-source-v6 port 53;
Allow-query {Any
;};
};
Logging {
Channel default_debug {
File "Data/named. Run ";
Severity dynamic;
};
};
View localhost_resolver {
Match-clients {Any
;};
Match-destinations {Any
;};
Recursion yes;
Include "/etc/named. rfc1912.zones ";
};
[Root @ Server etc] # vi named. rfc1912.zones
// Named. rfc1912.zones:
//
// Provided by Red Hat caching-nameserver package
//
// Isc bind named zone configuration for zones recommended
// RFC 1912 section 4.1: localhost TLDs and address zones
//
// See/usr/share/doc/Bind */sample/For example named Configuration
Files.
//
Zone "." In {
Type hint;
File "named. ca ";
}; # Configuration file of the root DNS server;
Zone "localdomain" in {
Type master;
File "localdomain. Zone ";
Allow-update {none ;};
}; # TEMPLATE 1;
Zone "0.0.127.in-ADDR. Arpa" in {
Type master;
File "named. Local ";
Allow-update {none ;};
}; # Template 2;
Zone "chinaunix.net" in {
Type master;
File "chinaunix.net. Zone ";
Allow-update {none ;};
}; # TEMPLATE 1 copied and modified;
Zone "chinaunix.org" in {
Type master;
File "chinaunix.org. Zone ";
Allow-update {none ;};
}; # TEMPLATE 1 copied and modified;
Zone "Limit 192.in-ADDR. Arpa" in {
Type master;
File "2017192.in-ADDR. Local ";
Allow-update {none ;};
}; # Template 2 copied and modified;
Note: The Blue font is added or modified;
3. Zone configuration file
[Root @ Server etc] # CD ../var/named/
[Root @ server named] # cp-P localdomain. Zone chinaunix.net. Zone
[Root @ server named] # cp-P localdomain. Zone chinaunix.org. Zone
[Root @ server named] # cp-P named. Local restart 192.in-ADDR. Local
[Root @ server named] # vi chinaunix.net. Zone
$ TTL 86400
@ In SOA localhost root (
42; Serial (D. Adams)
3 h; refresh
15 m; retry
1 W; expiry
1D); Minimum
In NS chinaunix.net.
In MX 10 mail.chinaunix.net.
WWW in a 192.168.2.181
Mail in a 192.168.2.182
[Root @ server named] # vi chinaunix.org. Zone
$ TTL 86400
@ In SOA localhost root (
42; Serial (D. Adams)
3 h; refresh
15 m; retry
1 W; expiry
1D); Minimum
In NS chinaunix.org.
In MX 10 mail.chinaunix.org.
WWW in a 192.168.2.183
Mail in a 192.168.2.185
[Root @ server named] # vi login 192.in-ADDR. Local
$ TTL 86400
@ In SOA localhost. Root. localhost .(
1997022700; Serial
28800; refresh
14400; retry
3600000; expire
86400); Minimum
In NS chinaunix.net.
In NS chinaunix.org.
181 in PTR
Www.chinaunix.net
.
182 in PTR mail.chinaunix.net.
183 in PTR
Www.chinaunix.org
.
185 in PTR mail.chinaunix.org.
4. Test
[Root @ server ~] # NSLookup
Ø www.chinaunix.net
Server: 192.168.2.210
Address: 192.168.2.210 #53
Name: www.chinaunix.net
Address: 192.168.2.181
Ø www.chinaunix.org
Server: 192.168.2.210
Address: 192.168.2.210 #53
Name: www.chinaunix.org
Address: 192.168.2.182
Ø mail.chinaunix.net
Server: 192.168.2.210
Address: 192.168.2.210 #53
Name: mail.chinaunix.net
Address: 192.168.2.183
Ø mail.chinaunix.org
Server: 192.168.2.210
Address: 192.168.2.210 #53
Name: mail.chinaunix.net
Address: 192.168.2.185
Ø 192.168.2.181
Server: 192.168.2.210
Address: 192.168.2.210 #53
181.20.192.in-ADDR. Arpa name = www.chinaunix.net.
Ø 192.168.2.182
Server: 192.168.2.210
Address: 192.168.2.210 #53
182.20.192.in-ADDR. Arpa name = mail.chinaunix.net.
Ø 192.168.2.183
Server: 192.168.2.210
Address: 192.168.2.210 #53
183.20.192.in-ADDR. Arpa name = www.chinaunix.org.
Ø 192.168.2.185
Server: 192.168.2.210
Address: 192.168.2.210 #53
185.20.192.in-ADDR. Arpa name = mail.chinaunix.org.
Note: Enter the keyboard in blue.
5. Conclusion
Data is transferred from the Internet for learning and communication only.