Introduction of DNS System
1.) The role of the DNS system
is to maintain a host domain name and IP address of the corresponding relational database, when necessary for client network program to provide address resolution function
Forward resolution: resolves the host name (domain name) to the corresponding IP address.
Reverse resolution: The IP address of the host resolves to the corresponding domain name.
2. The management of DNS is layered, and each tier of hosts needs only to record the name of the next level of hosts. For example, ". CN" manages ". com.cn", ". net.cn", ". org.cn", ". edu.cn" and other hosts, and ". Edu.cn" manages hosts such as ". neu.edu.cn", ". pku.edu.cn", and so on.
3.) Type of DNS system
Cache domain Name server: called "only cache server" provides caching of domain name resolution records
Primary Domain Name server: The official server, unique presence of a specific DNS zone
From a domain name server: called a "secondary domain name server" primarily provides backup
Two, bind domain name server Introduction
1.) Bind Service Installation Introduction
The following functions are provided for installation packages:
Bind provides a primary assembly-related file for the Domain name service
Bind-utils provides a test utility for the DNS server
Bind-chroot provides a camouflaged root directory for bind and enhances security
Caching-nameserver provides the necessary default profile for configuring bind as a cached domain name server
Main execution:/usr/sbin/named
Service script:/etc/init.d/named
Default listening port: 53
2.) Bind configuration
Bind's master configuration file (/var/named/chroot/etc/named.conf) has global settings for bind;
Positive/Reverse Document manifest file (/var/named//chroot/etc/named.rfc1912.zones, in effect, specifies the location of the positive/reverse manifest file in the main configuration file named.conf. ) Lists the location/type/nature of the native resolution record file;
The positive/Reverse solution record file (/var/named/chroot/var/named directory) records the specific ip/domain name correspondence relation.
Global configuration Partial configuration items:
Options {//option section
Listen-on Port 53 {127.0.0.1;}; Represents 53-Port listening and listens for an IP of 127.0.0.1 that can add additional listening IP addresses, separated by semicolons,
Directory "/var/named"; Set the zone database file default storage location
allow-query {192.168.1.0/24; 173.16.16.0/24;}; Allow DNS to query client addresses
recursion Yes; Allow recursive queries
};
Zone configuration section Configuration items:
Zone "." In {//Set up with region
Type hint; Sets the zone type (hint is the area, master represents the primary area, the slave representation is from the zone)
File "named.ca"; Set up the corresponding address data file with the region
};
Zone "Qq.com" in {//Set forward DNS zone name
Type master;
File "Qq.com.zone"; Set up the corresponding forward zone address database file
Allow-transfer {173.16.16.2;};//set from domain Name server address to allow download of zone database information
allow-update {none;}; Set client addresses that allow dynamic updates to be disabled
};
Zone "16.16.173.in-addr.arpa" in {//Set reverse DNS zone name
Type master;
File "173.16.16.arpa"; Set up the corresponding reverse zone address database file
};
Check that the primary configuration file is correct:
Named-checkconf/var/named/chroot/etc/named.conf
3.) Zone Database configuration file
Typically includes configuration items: $TTL (Lifetime) records, SOA (authorization information) records, address resolution Records
Use a unit in a record item
M (minutes), H (Time), W (weeks), D (days)
Common records in Address resolution Records
NS Domain name server records
MX Mail exchange Records
A address record (in the zone database file only for forward resolution)
CNAME alias record
This article URL address: http://www.bianceng.cn/OS/Linux/201410/45504.htm
When you configure a reverse parsing record, you only need to set the host address portion of the IP address, and the Network address section does not need to be written
Such as:
1 in PTR www.sohu.com
4 in PTR study. Sohu.com
Load balancing based on DNS resolution the same domain name corresponds to a number of different IP, rotating load balancing
A generic domain name resolves a server with an IP address that has a large number of different domain names in the same domain
Subdomain authorization DNS Area more level, domain name number
Third, use bind to build a domain name server
1.) Building a cached domain name server
Create a Master profile named.conf
Confirm with domain address database file named.ca
Start the named service
Verifying a cached domain name server
2.) Building the primary domain name server
Determine the host name, IP address of this machine
Create a Master profile named.conf
Establish a zone database file
Start the named service
Verifying the primary Domain name server
3.) Building from a domain name server
Determine the host name, IP address of this machine
Create a Master profile named.conf
Start the named service
Verify from the Domain name server
4.) to build a separate resolved domain name server
Create a Master profile named.conf
Establish the external and internal resolution of regional database files separately
Start the named service
Verifying the separation of resolved domain name servers
Supplementary knowledge:
There are two modes of the nslookup command: interactive mode and non-interactive mode.
In interactive mode (direct input nslookup, without other parameters), users can enter some instructions to query multiple host or domain name;
Non-interactive mode is used to query the specified host or domain name for information. You can usually test your own DNS server settings in non-interactive mode.
Nslookup usage is as follows:
nslookup [domain name] [Server IP]