The role and type of 1.DNS system
The role of DNS system in the network is to maintain an address database, which records the various host domain names also IP address correspondence, in order to provide the client program forward or reverse the Address query service, that is, forward parsing and reverse parsing.
Forward resolution: According to the domain name check IP address, the domain name will be specified to resolve the corresponding IP address, the domain name forward parsing is the most basic function of DNS server, is also the most commonly used functions.
Reverse resolution: According to the IP address lookup domain name, the IP address will be specified to resolve the corresponding domain name, the reverse resolution of the domain name is not very common, only in some special occasions will be used, such as can be used for anti-spam verification.
Depending on the source of the regional address data being managed, the DNS system can be divided into different types, and in the same DNS server, there are different identities relative to different regions, and several common types are as follows.
Cache Name server: only provide the cache function of domain name resolution results, in order to improve the query speed and efficiency, but do not have their own control of the zone address data, when building a cache name server, you must set the root domain or specify a different DNS server as the source of resolution.
Primary Domain Name server: Maintain a specific DNS zone address database, the resolution of the record has autonomous control, is the only authoritative server in the designated region, the official server, the building of the primary domain name server, you need to establish the address data file of the responsible zone.
From the domain name server: To provide the same DNS resolution service with the primary domain name server, usually for the DNS server hot backup, for the client, regardless of the use of the primary domain name server or from the domain name server, the results of the query is the same, the key difference is that from the domain name server provided by the resolution is not determined by itself , but from the primary domain name server, when building from the domain name server, you need to specify the location of the primary name server so that the server can automatically synchronize the region's address database.
2.BIND the main role of each package
Bind: Provides the main program and related files for the domain name service.
Bind-utils: Provides test utilities for DNS servers, such as Nslookup.
Bind-libs: Provides a library function that Bind,bind-utils needs to use.
Bind-chroot: Provides a spoofed root directory for the Bind service (/var/named/chroot/folder as the root of bind) for increased security.
★rpm-qa | grep "^bind"//query whether BIND-related packages have been installed
★service named status//query named the state of the service running
Configuration files for 3.BIND services
3.1 Main configuration file
When building a domain Name service using bind software, there are two types of configuration files: Master and zone data files. Where the master profile is used to set the global options for the named service, the registration area and access control, and other operational parameters, the zone data file is used to hold the address resolution record for a DNS zone (forward or reverse).
◇ Main profile named.conf is usually located in the/etc/directory, in the named.conf file, mainly includes the global configuration, the zone configuration two parts, each configuration record line end a semicolon ";" Indicates the end, with the "#" or "//" section beginning to represent the comment text (the large segment note can be formatted with "/* ... * *").
▲ Global configuration parameters are included in the form "options {};" In the curly braces.
▲ Area Configuration parameters use "zone ..." {}; "in the configuration format.
-named default UDP 53 Port monitoring service on all interfaces
After you modify the master configuration file, you can perform a named-checkconf command to check the named.conf file for syntax.
3.2 Zone Data configuration file
Zone data profiles are typically located in the/var/named/directory.
Root domain "." Regional data files are special.
In the zone data file, mainly includes TTL configuration item, SOA (start of authority, authorization information start) record, address resolution record, file comment information with semicolon ";" Begin.
TTL Configuration and SOA records section
$TTL 86400; Effectively parse the life cycle of records
@ in SOA benet.com. Admin.benet.com. ( ; SOA tagging, domain names, managing mailboxes
2015073001. Update the serial number, which can be an integer within 10 bits
3H; Refresh time, interval of re-data
15M retry delay, retry interval after download failure
1W, failure time, more than that time still cannot download then discard
1D; The lifetime of an invalid parse record
☆ Address resolution Record section
Address resolution records are used to set domain names in DNS zones, IP address mapping relationships, including forward parsing records and reverse parsing records, and reverse parsing records can only be used in reverse zone data files.
NS Domain Name server (name server): records the host address of the DNS server for the current zone.
MX Mail exchange (mail exchange): Records the host address of the mail server for the current zone, and the number 10 indicates that (when there are multiple MX records) The priority of the mail server is selected, and the higher the number, the lower the priority level.
A address: Records the forward parsing entry.
CNAME alias (Canonical name): Record a different name for a forward parsing entry.
In the reverse zone data file, the A address record is not used, but the PTR pointer is used to record it.
After you modify the zone data file, you can perform a syntax check on the file by executing the named-checkzone command.
Zone type has master primary area, slave secondary area, hint root zone
★service named start named service
★service named Reload heavy duty named service
★nslookup command to verify DNS query results
Host mapping File/etc/hosts
DNS parsing file/etc/resolv.conf
This article is from the "Live to learn old" blog, please be sure to keep this source http://nihaozqy.blog.51cto.com/10511002/1680279
DNS domain name resolution service for Linux systems