Quickly learn DNS configurations using Experiments

Article Title: use an experiment to quickly learn about DNS configurations. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
[PURPOSE]
1. configure a DNS that can only forward requests.
2. configure a masterDNS.
3. Configure an slaveDNS.
　　
[Lab environment]
1. Two interconnected computers.
2. System Redhat 8.0.
　　
[Experiment steps]
1. Prepare the experiment.
1. Disable iptables for both hosts
# Service iptables stop
# Chkconfig iptables off
2. Check and install necessary software for the two machines
# Rpm-q bind
# Rpm-q bind-utils
# Rpm-q caching-nameserver
Based on the result, find the uninstalled package from the installation disk and perform the following steps:
# Rpm-Uvh bind-9 *
# Rpm-Uvh bind-utils *
# Rpm-Uvh caching-nameserver *
3. interconnect two machines.
① Edit the corresponding files of the two machines. (It is best to use vi for editing. The following is also true)
Machine 1:
/Etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE = eth0
BOOTPROTO = none
ONBOOT = yes
IPADDR = 192.168.0.254
NETMASK = 255.255.255.0
/Etc/hosts
127.0.0.1 localhost. localdomain
/Etc/resolv. conf
Nameserver 192.168.0.254
/Etc/sysconfig/network
NETWORKING = yes
HOSTNAME = server1
　　
Machine 2:
/Etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE = eth0
BOOTPROTO = none
ONBOOT = yes
IPADDR = 192.168.0.1
NETMASK = 255.255.255.0
/Etc/hosts
127.0.0.1 localhost. localdomain
/Etc/resolv. conf
Nameserver 192.168.0.1
/Etc/sysconfig/network
NETWORKING = yes
HOSTNAME = station1
② Run on two machines respectively:
Machine 1:
# Ifdown eth0
# Ifup eth0
# Ping 192.168.0.1
Machine 2:
# Ifdown eth0
# Ifup eth0
# Ping 192.168.0.254
Idea: the two machines can ping each other and continue the following experiment.
2. configure a masterDNS on machine 1.
Machine 1:
1. Edit the/etc/named. conf file:
/Etc/named. conf
Options {
Directory "/var/named /";
};
　　
Zone "." IN {
Type hint;
File "named. ca ";
};
　　
Zone "localhost" IN {
Type master;
File "localhost. zone ";
};
　　
Zone "0.0.127.in-addr. arpa" IN {
Type master;
File "named. local ";
};
　　
Zone "example1.com" IN {
Type master;
File "db. example1 ";
};
　　
Zone "0.168.192.in-addr. arpa" IN {
Type master;
File "db.192.168.0 ";
};
----------------------------------------------------------------------
If you are familiar with the above files, you can skip this section.
The preceding file has six parts: option and five zones.
Here, option, ".", "localhost", "0.0.127.in-addr. arpa" was originally available.
"Example1.com" and "0.168.192.in-addr. arpa" are in the forward and reverse search areas of the current subnet.
Definition: The names of "db. example1" and "db.192.168.0" must be under/var/named /.
Exist.
The leading and trailing spaces and semicolons.
-----------------------------------------------------------------------
2. Create two files with vi:/var/named/db. example1,/var/named/db.192.168.0
/Var/named/db. example1
$ TTL 86400
　　
@ In soa server1.example1.com. Root.server1.example1.com .(
2003070401 1 H 1 M 1 W 1D)
In ns server1.example1.com.
In a 192.168.0.254
Server1 in a 192.168.0.254
Station1 in a 192.168.0.1
Www in a 192.168.0.254
Ftp in a 192.168.0.254
Pop in a 192.168.0.254
Www1 in cname server1.example1.com.
Ftp1 in cname server1.example1.com.
　　
@ In mx 10 server1.example1.com.
Server1.example1.com in mx 10 server1.example1.com.
----------------------------------------------------------------------
If you are familiar with the above files, you can skip this section.
The above file is a forward search database:
$ TTL 86400 is the beginning of a file. A number indicates the default storage period. It is calculated in seconds. Do not worry about it,
Just remember to add it.
　　
The following format is: [domain] [class]
　　
[Domain] For example: server1.example1.com, www.
Www is short for short. The zone "example1.com" that defines this file will be added by default.
Example1.com, that is, www = www.example1.com. This segment can be skipped. By default
[Domain] Same. @ ¡"example1.com ".
　　
[Class] is generally an internet class, that is, IN, which can be omitted without writing.
　　
　　 SOA, NS, A, MX, CNAME, and PTR in the reverse database.
SOA = start of authority required
NS = nameserver required
A = ing between domain names and IP addresses. Required
MX = mail exchange. Optional
CNAME = an optional alias for a domain name
PTR = used in reverse: IP address and domain name shadow. Required
　　
Kana cannot be stored in NS MX Field.
　　
Five numbers in the SOA arc:
Corresponding to (serial refresh retry expire Minimum)
Serial can be any number, which is generally changed by year, month, or day.
Refresh is the time when SOA information is refreshed.
Retry is the frequency of contact with the authorization server.
The Expire slave server saves information about the region without updating its interval.
The survival time recorded in the Minimum region.
　　
H = hour D = day M = minute W = week
　　
Server1.example1.com. After SOA indicates the server authorized to this region.
Root.server1.example1.com. indicates the Administrator. Use? @
　　
After the complete domain name, you must add a. Number. Otherwise, "example1.com" will be automatically added for you ".
　　
If you don't understand the above, you don't have to worry about it.
-----------------------------------------------------------------------
　　
/Var/named/db.192.168.0
$ TTL 86400
　　
　　
@ In soa server1.example1.com. root.server1.example1.com .(
2003070401 1 H 1 M 1 W 1D)
In ns server1.example1.com.
254.0.168.192.in-addr. arpa in ptr server1.example1.com.
1.0.168.192.in-addr. arpa in ptr station1.example1.com.
----------------------------------------------------------------------
If you are familiar with the above files, you can skip this section.
This file is a reverse search database.
The idea IP address is written in reverse form.
You do not need to explain anything else.
-----------------------------------------------------------------------
3. inspection:
# Cat>/var/log/messages
******
******
[Ctrl] + d
# Service named restart
# Host server1.example1.com
# Host station1.example1.com
# Host www.example1.com
# Host www1.example1.com
# Host 192.168.0.254
　　
Check whether it can be parsed. For example, the IP address of server1.example1.com is 192.168.0.254,
The corresponding domain name of 192.168.0.254 is server1.example1.com. If the domain name cannot be resolved, it indicates that the configuration is incorrect,
You can view it in the log/var/log/messages. After the two lines at the end of the file are *******, and debug
The program is the same, and even he will tell you which file and which line is wrong. After modification, re-Execute:
# Cat>/var/log/messages
******
******
[Ctrl] + d
# Service named restart
# Host server1.example1.com
# Host station1.example1.com
# Host www.example1.com
# Host www1.example1.com
# Host 192.168.0.254
Until there is no error, and can be correctly parsed.
　　
3. configure a DNS for forwarding request domain name resolution only on Machine 2
Machine 2:
1. edit/etc/named. conf.
/Etc/named. conf
Options {
Directory "/var/named /";
Forwarders {192.168.0.254 ;};
};
........
------------------------------------------------------------
If you are familiar with the above files, you can skip this section.
Forwarders {192.168.0.254;} indicates that if the DNS cannot resolve the IP address
In fact, when configuring masterDNS, you can also add a forwarders in option
The specific IP address is the DNS you use on the Internet at ordinary times. If there are two or more IP addresses, you can write as follows:
{210.35.92.77.45; 210.35.77.46;} or {210.35.92.77/24; 192.168.0.254 ;}
... Indicates other things. Do not change.
---------------------------------------------------------------------
2. inspection:
# Cat>/var/log/messages
******
******
[Ctrl] + d
# Service named restart
# Host server1.example1.com
# Host station1.example1.com
# Host www.example1.com
# Host www1.example1.com
# Host 192.168.0.254
　　
Check whether it can be parsed. For example, the IP address of server1.example1.com is 192.168.0.254,
The corresponding domain name of 192.168.0.254 is server1.example1.com.
This configuration is relatively simple, generally