Install the DNS server in Linux

Concept
Default dns lookup sequence for linux clients:

Local DNS Cache → local hosts file → preferred DNS server (recursive)

Linux DNS Server Query sequence:
The DNS cache of the preferred server → the domain in which the preferred server is responsible → query information from the external iteration.

DNS Cache:
Ttl: time to live

It is the time when the requested domain name, host name, and other corresponding IP entries are valid locally on the client.

This time is determined by the primary DNS server of the requested domain based on the change frequency of the entries, rather than the local one.

However, the client can be viewed and cleared locally. For example:

On windows: ipconfig/displaydns views the DNS cache, and ipconfig/flushdns clears the DNS cache.

Iterative query:
Generally, the cache DNS server initiates a request to another DNS server, starting from the root ".", and then the top-level domain ". com." Until the target domain is found.

Recursive query:
Generally, the client initiates a request to the cache DNS server (the preferred DNS server) and performs iterative queries outward. The final answer is returned to the client.

Authoritative response:
The answer returned by the DNS server of the requested domain.

Unauthoritative answer:
Answers provided by the cache server,

Cache DNS Server:

Directly respond to the client request, starting from the root until the answer is returned, or provide the client-side cached entries.

Primary DNS Server:

The Administrator manually adds, deletes, and modifies a new entry. Provide authoritative DNS answers.

Slave DNS Server:
Servers designed to achieve load balancing, redundancy, and other functions.

However, after the primary DNS server goes down for a certain period of time, the slave server will also stop responding to the service.
DNS resolution type:
Forward resolution: FQDN → IP, which is used to find IP addresses.

Forward root :"."

Reverse resolution: IP → FQDN, which is used to find the FQDN.

Reverse root: ". in-addr.arpa ."

DNS server software:
Bind: linux software
Powerdns: windows software.
The following uses bind as an example:

Name resolution Library:
The files located at the end of/var/named/, some of which end with ". zone" store the entries we need to query.

Resource record format:
A fixed format for storing entries in the/var/named/*. zone file:

[Domain] IN [[RR type] [RR data]

Seven important parameters for domain name. in soa to manage this domain

Domain name. in ns manage the Host Name of the server IN this domain

Host Name of the domain name. in mx priority email server

Host name. in a IPv4 IP Address

Host name. in aaaa IPv6 IP Address

Host alias. in cname actual Host Name

 

The actual host FQDN of the ip in ptr (this must be FQDN and cannot be omitted)

RR data:

(Note: The host name here does not refer to the content displayed by the hostname command, but the host name defined in the DNS query)
SOA:
The second line (such as $ TTL) is usually used to query the management information of the server managing the domain name.

1. Determine the primary DNS server of this domain.

2. Administrator's Email address.

When creating a resource record, "@" is used to replace "Domain Name.", that is, "baidu.com." After the zone in the configuration file .".

Therefore, because @ has other meanings, "." is used here. For example, "root.baidu.com .".

3. Serial number. The larger the number is, the newer the number is. It is the basis for determining whether to actively download new resource record entries from the DNS server.

4. The refresh frequency is the interval at which Slave (from the DNS server) Actively initiates an update to the Master (primary DNS server.

However, when the serial number does not increase, the download and update operations are not performed.

5. retry time. When the last Master refresh attempt fails, Slave retries the refresh every other time.

6. The expiration time. When the retry fails until the "expiration time" is reached, the Slave will not refresh again,

In addition, stop the DNS response server and wait for the Administrator to process it.

Refresh time> = retry time * 2

Refresh time + retry time <expiration time

Expiration time> = retry time * 10

Expiration time> = 7 days

7. If there is no required entry in the resource record content, the value will be used as the TTL value of the query end.
NS:
Name Server, which specifies the DNS servers of the current domain.

If this domain has a slave DNS server, you must also enter it. Otherwise, Mster will not proactively notify Slave that the data has changed.

You must specify the server A record in the NS record, that is, the IP address.

MX:
Query the Host Name of the email server in the current domain.

The number indicates the priority. The smaller the number, the higher the priority.

Later, we also need to keep up with its A record.
Note:
When the domain name is the same, all other domain names except the first one can be omitted,
Therefore, the format is used to continuously record SOA, NS, and MX records.

SOA can be further simplified using the "@" symbol.

A:
Used to specify the IPv4 address corresponding to the host name.

AAAA:
Used to specify the IPv6 address corresponding to the host name.

CNAME:
Used to append the old host name.

The following is a forward resolution resource record using the yy.com domain as an example:

$ TTL 600; use a macro to define the ttl value. There cannot be blank rows in front
@ In soa dns1.bkjia.com. root.bkjia.com .(
20140310; Serial
1 H; Refresh
5 M; Retry
7D; Expire
1 M); Minumum TTL
In ns dns1; call the 'bkjia. com. 'domain name after the configuration file zone
In ns dns2
In mx 99 mail; all three lines use the @ of the SOA line to indicate 'bkjia. com .'
Dns1 in a 192.168.25.11; dns1 indicates 'dns1 .bkjia.com .'
Dns2 in a 192.168.25.12
Www in a 192.168.25.13
Pop in a 192.168.25.13; one IP Address can correspond to multiple host names, but it is time consuming to change it. We recommend using CNAME
Ftp in a 192.168.25.15
Ftp in a 192.168.25.16; A host can correspond to multiple IP addresses and serves as the bind configuration file for load balancing.

 

Bind configuration file:
Rpm-ql bind-utils
/Usr/bin/dig is now a mainstream DNS testing tool.

/Usr/bin/host may have different answers than dig if it is not connected to the Internet.

/Usr/bin/nslookup is a windows tool.

The following describes how to use dig:
Dig-t resource record type name [@ dns_server_ip]
Reverse resolution of dig-x IP
Dig + trace shows the tracing process for all resolutions
Dig-t axfr bkjia.com performs full regional transfer on the bkjia.com domain
Dig-t NS bkjia.com query the NS records of bkjia.com

The following describes how to use nslookup on windows:

Nslookup
Server 192.168.25.11 use the specified dns_server_ip
Set q =
Www.bkjia.com: query the record of www.bkjia.com
Set q = NS
Bkjia.com: query the ns records of bkjia.com

Rpm-ql bind:

/Etc/named. conf main configuration file
/Etc/named. rfc1912.zones defines the local configuration file. Included in named. conf

In/etc/named. conf:

// Comment the content of a single line
/* Multi-line content */comments multi-line content
Options indicates global Configuration:
Directory "/var/named"; // indicates the directory where the named process is working. The files in the zone are stored in this directory. //
Allow-transfer {none ;}; // in the global configuration, it defines the hosts that are transferred in all regions.
// Define in the zone to indicate which hosts can be transferred to this zone

// None, indicating that all cannot. You can also set IP addresses

The format defined by the region is as follows:

Region configuration of the primary DNS Server:
Zone "bkjia.com" IN {
Type master;
File "bkjia.com. zone ";
};
Zone "25.168.192.in-addr. arpa" IN {
Type master;
File "192.168.25.zone ";
};
Configure the region of the slave DNS Server:
Zone "bkjia.com" IN {
Type slave;
File "slaves/bkjia.com. zone"; // pay attention to the owner, group, and permission of the slaves file
Masters {192.168.25.10; // pay attention to the plural number of the master, so you can write multiple
192.168.25.11; // no matter how many msters there are, there must be a semicolon.
};
};

 

RHEL6 server build DNS Server

Linux RHEL 6.x DNS Server

Ubuntu DNS Server Configuration

Configure DNS server in Solaris

Use MySQL and DNS view for intelligent DNS in CentOS 6.3 x64