DNS principle and forward and backward parsing

Dnsprinciple

Most of the existing network communication is based on TCP/IP, and TCP/IP is based on IPs, so when the computer communicates on the network, it can only recognize IP addresses such as "202.96.134.133" and not know the domain name. It is difficult to remember more than 10 IP addresses of the site, so when we visit the site, more is to enter the domain name in the browser address bar, you can see the required page, this is because there is a "DNS server" computer automatically put our domain name "translated" into the corresponding IP address, Then bring up the page that corresponds to the IP address.

DNS and BIND

What isDns?

DNS (Domain Name System) is the abbreviation of "Domain Name System", it is a computer and network service naming system of organization domain hierarchy, it is used for TCP/IP network, DNS is based on C/s (client/server, client/server) mode, so it is divided into Client and server two roles. Use 53/UDP (now in use), dns:53/tcp; The client plays the questioning role, which is to ask the server for a domain name, and the server must answer the true IP address for this domain name.

BIND : Bekerleyinternat Name Domain; ISC (www.isc.org)

Dns

TCP: connection-oriented protocol;

udp:user Datagram Protocol , no connection protocol

Local name resolution configuration file: Hosts

/etc/hosts

%windows%/system32/drivers/etc/hosts

The format is as follows:

1.1.1.1www.magedu.com

1.2.2.2www.apple.com

Dnsname Space

Internet DNS domain name on the hierarchy, like a tree upside down.

The root domain is that an organization named InterNIC is responsible for dividing the IP address range of the world and assigning the domain name structure on the Internet. The root domain DNS server is only responsible for resolving requests for some top-level domain DNS servers.

Top-level domains, common three class top-level domains: 1, organizational domain (com,edu, mil, gov, net, org, int), 2, country domain (. cn,. IQ,. HK,. TW), 3, reverse domain

second-level domain; are classified under top-level domains (for use by companies or individuals)

Subdomains, sub-domains can continue to partition sub-domains, or host.

650) this.width=650; "title=" 2015-04-24 47.jpg "alt=" wkiol1u9a-pyo17taaej3qmo7jq394.jpg "src="/http S3.51cto.com/wyfs02/m00/6b/fd/wkiol1u9a-pyo17taaej3qmo7jq394.jpg "/>

DnsQuery Process

such as Access www.123.com

650) this.width=650; "title=" 2015-04-24 50.jpg "alt=" wkiom1u9ao6szdzbaaglkstuxqi698.jpg "src="/http S3.51cto.com/wyfs02/m00/6c/01/wkiom1u9ao6szdzbaaglkstuxqi698.jpg "/>

DnsQuery Type

Recursive query: Between the general client and the server is a recursive query, that is, when the client sends a request to the DNS server, if the DNS server itself can not be resolved, the other DNS server will be issued a query request, the results are forwarded to the client; The client only needs to issue a query request to get the final answer socialize)

iterative query: The general DNS server is an iterative query, such as: if DNS2 can not respond to DNS1 's request, it will DNS3 IP to DNS2, so that it can again send a request to DNS3, (the server when issuing a query request, it is possible to get a final answer ; It is also possible to get a reference answer that usually results in a query that needs to be initiated multiple times)

Name server: A host within the domain responsible for resolving names within the domain;

Dnsresolution Type:

Forward parsing: Name-to-IP, and host name resolution to IP address

Reverse resolution: IP-to-name: IP address resolves to host name

Note: The forward and backward parsing is a two different namespaces, which are two different parse trees;

DNS type of server:

Primary DNS server

Secondary DNS server

caching DNS servers

Transponder

Primary DNS server: Maintain the Resolved library server in the domain that is responsible for parsing, is the authoritative server of the domain, the analytic library is maintained by the management Y ;

from a DNS server: "Copy" (zone transfer) a parse library from the primary DNS server or other from the DNS server;

BINDthe installation configuration:

DNS Service, package name bind, program name named

1. Bind Related packages:

bind: provide the main program and related files for Domain name Service

Bind-libs: Common shared libraries required for bind and Bind-utils

bind-utils: A test tool that provides DNS, such as: Dig,host,nslookup

Bind-chroot: enables bind to run in a chroot mode. That is, the Bind runtime/(root) directory, not the system real/

Example: bind-chroot:/var/named/chroot/

2. Bind Related configuration files:

Service script:/etc/rc.d/init.d/named

Master configuration file:/etc/named.conf,/etc/named.rfc1912.zones,/etc/rndc.key

Parse library file:/var/named/zone_name. ZONE

Attention:

(1) a physical server can provide resolution for multiple regions at the same time;

(2) must have a root zone file; named.ca

(3) there should be two (if included IPv6, should be more) implementation of the localhost and the local loopback address of the parsing library;

rndc:remote Name Domain controller , the default is installed on the same host as BIND, and only through 127.0.0.1来 connection named process; Provide auxiliary management function;

Use 953/tcp by default;/etc/rndc.key

Pre-shared key for connecting to the host

3. Install bind

[email protected] ~]# Yum installbind–y

4. Querying the bind package version

[[email protected] ~]# rpm-q bind

Bind-9.8.2-0.30.rc1.el6.x86_64

5.. master configuration file/etc/named.conf

Global configuration: options{}

Log subsystem configuration: logging{}

Region definition: Which zones can be resolved by this machine, which zone should be defined;

Example: Zone "Zone_name" in {}

Note: If any service program expects that it can be accessed through the network by other hosts, it should at least listen on an IP address that can communicate with the external host;

The default boot named only listens on port 53 for TCP and UDP 127.0.0.1

6. start named

[[email protected] ~]#/etc/init.d/named start

7. Check the socket for bind listening (by default named Will listen on the 127.0.0.1 tcpupd 53 port)

[Email protected] ~]# Ss-ltunp|grep 53

UDP unconn 0 0 127.0.0.1:53 *:*

Users: (("named", 3444,512))

UDP unconn 0 0:: 1:53:::*

Users: (("named", 3444,513))

TCP LISTEN 0 3:: 1:53:::*

Users: (("named", 3444,21))

TCP LISTEN 0 3 127.0.0.1:53 *:*

Users: (("named", 3444,20))

TCP LISTEN 0:: 1:953:::*

Users: (("named", 3444,23))

TCP LISTEN 0 127.0.0.1:953 *:*

Users: (("named", 3444,22))

This article is from the "Stupid Kid" blog, please make sure to keep this source http://1066875821.blog.51cto.com/2375046/1638911

DNS principle and forward and backward parsing