How to build a domain name server in Linux system

Introduction of DNS System

1.) The role of the DNS system

is to maintain a host domain name and IP address of the corresponding relational database, when necessary for client network program to provide address resolution function

Forward resolution: resolves the host name (domain name) to the corresponding IP address.

Reverse resolution: The IP address of the host resolves to the corresponding domain name.

2. The management of DNS is layered, and each tier of hosts needs only to record the name of the next level of hosts. For example, ". CN" manages ". com.cn", ". net.cn", ". org.cn", ". edu.cn" and other hosts, and ". Edu.cn" manages hosts such as ". neu.edu.cn", ". pku.edu.cn", and so on.

3.) Type of DNS system

Cache domain Name server: called "only cache server" provides caching of domain name resolution records

Primary Domain Name server: The official server, unique presence of a specific DNS zone

From a domain name server: called a "secondary domain name server" primarily provides backup

Two, bind domain name server Introduction

1.) Bind Service Installation Introduction

The following functions are provided for installation packages:

Bind provides a primary assembly-related file for the Domain name service

Bind-utils provides a test utility for the DNS server

Bind-chroot provides a camouflaged root directory for bind and enhances security

Caching-nameserver provides the necessary default profile for configuring bind as a cached domain name server

Main execution:/usr/sbin/named

Service script:/etc/init.d/named

Default listening port: 53

2.) Bind configuration

Bind's master configuration file (/var/named/chroot/etc/named.conf) has global settings for bind;

Positive/Reverse Document manifest file (/var/named//chroot/etc/named.rfc1912.zones, in effect, specifies the location of the positive/reverse manifest file in the main configuration file named.conf. ) Lists the location/type/nature of the native resolution record file;

The positive/Reverse solution record file (/var/named/chroot/var/named directory) records the specific ip/domain name correspondence relation.

Global configuration Partial configuration items:

Options {//option section

Listen-on Port 53 {127.0.0.1;}; Represents 53-Port listening and listens for an IP of 127.0.0.1 that can add additional listening IP addresses, separated by semicolons,

Directory "/var/named"; Set the zone database file default storage location

allow-query {192.168.1.0/24; 173.16.16.0/24;}; Allow DNS to query client addresses

recursion Yes; Allow recursive queries

}；

Zone configuration section Configuration items:

Zone "." In {//Set up with region

Type hint; Sets the zone type (hint is the area, master represents the primary area, the slave representation is from the zone)

File "named.ca"; Set up the corresponding address data file with the region

}；

Zone "Qq.com" in {//Set forward DNS zone name

Type master;

File "Qq.com.zone"; Set up the corresponding forward zone address database file

Allow-transfer {173.16.16.2;};//set from domain Name server address to allow download of zone database information

allow-update {none;}; Set client addresses that allow dynamic updates to be disabled

}；

Zone "16.16.173.in-addr.arpa" in {//Set reverse DNS zone name

Type master;

File "173.16.16.arpa"; Set up the corresponding reverse zone address database file

}；

Check that the primary configuration file is correct:

Named-checkconf/var/named/chroot/etc/named.conf

3.) Zone Database configuration file

Typically includes configuration items: $TTL (Lifetime) records, SOA (authorization information) records, address resolution Records

Use a unit in a record item

M (minutes), H (Time), W (weeks), D (days)

Common records in Address resolution Records

NS Domain name server records

MX Mail exchange Records

A address record (in the zone database file only for forward resolution)

CNAME alias record

This article URL address: http://www.bianceng.cn/OS/Linux/201410/45504.htm

When you configure a reverse parsing record, you only need to set the host address portion of the IP address, and the Network address section does not need to be written

Such as:

1 in PTR www.sohu.com

4 in PTR study. Sohu.com

Load balancing based on DNS resolution the same domain name corresponds to a number of different IP, rotating load balancing

A generic domain name resolves a server with an IP address that has a large number of different domain names in the same domain

Subdomain authorization DNS Area more level, domain name number

Third, use bind to build a domain name server

1.) Building a cached domain name server

Create a Master profile named.conf

Confirm with domain address database file named.ca

Start the named service

Verifying a cached domain name server

2.) Building the primary domain name server

Determine the host name, IP address of this machine

Create a Master profile named.conf

Establish a zone database file

Start the named service

Verifying the primary Domain name server

3.) Building from a domain name server

Determine the host name, IP address of this machine

Create a Master profile named.conf

Start the named service

Verify from the Domain name server

4.) to build a separate resolved domain name server

Create a Master profile named.conf

Establish the external and internal resolution of regional database files separately

Start the named service

Verifying the separation of resolved domain name servers

Supplementary knowledge:

There are two modes of the nslookup command: interactive mode and non-interactive mode.

In interactive mode (direct input nslookup, without other parameters), users can enter some instructions to query multiple host or domain name;

Non-interactive mode is used to query the specified host or domain name for information. You can usually test your own DNS server settings in non-interactive mode.

Nslookup usage is as follows:

nslookup [domain name] [Server IP]