Introduction and configuration of DNS

First, the basic concept of DNS
DNS (domain Name System), the DNS protocol uses the UDP Protocol and TCP protocol, the port number for the 53,UDP53 port is used to query and accept the answer, TCP 53 port for the primary server and the transfer from the server.
Domain Division: root domain: 13 root servers worldwide, suffix such as. com,.net, root domain down is the top-level domain or a first-class domain, the first domain is a level two domain, three-level domain, such as baidu.com is a top-level domain, domain name server is a server that can provide domain name resolution, the above record type has a (address) record, NS (nameserver), MX (mail), CNAME, etc.;
Second, the way of domain name resolution
Recursive parsing: The DNS client simply sends out the original Domain name query Request message, and then waits until the local domain name server sends the final query record.
Iterative resolution: With the local DNS server as the center, the local domain name server plays the role of the DNS client to make a request for domain name resolution to other DNS servers, each time it returns the address of the queried IP that can be resolved until the domain name's authorization server is found.
Third, the analytic process
650) this.width=650; "src=" http://s5.sinaimg.cn/mw690/003F41cCty6Unhbysni54&690 "alt=" 003f41ccty6unhbysni54 &690 "width=" 409 "height=" 380 "/>

1, when the user enters the domain name in the browser www.qq.com, the browser will first check the local cache for this domain name corresponding to the resolution of the IP (cache time has a TTL attribute to set), if there is, the resolution is complete, if not, the browser will query the operating system cache (Hosts file) whether there is DNS resolution of the domain name, There is no mapping of this domain name in the STS file, the specified local DNS server will be viewed in the resolve.conf file;
2, if the local DNS server receives the request, if the resolution of the IP is found in the local resource record, then the parsing result is returned to the client, parsing ends;
3, if the domain name to be queried is no longer in local DNS resolution and there is no forwarding mode, the local DNS server sends a. com domain name resolution request to the root domain server;
4, the root domain server receives a request to return a top-level domain name server IP to the local server;
5, after the local DNS server receives the IP information, sends the Www.qq.com resolution request to this server responsible for the. com domain;
6, if unable to resolve, return to the local domain name server A level two domain name (qq.com) resolution server address;
7, the local DNS server received the address, the address is sent to resolve the www.qq.com request, if the name server in its own resource configuration to find the resolution, then return the IP of the www.qq.com host;
8, the local domain name server returns the IP address of the www.qq.com host to the client;
Iv. DNS Detailed configuration process
Lab Environment: Redhat 6.5
Experimental host: 172.25.16.250 for forwarding
172.25.16.1 Server1 DNS Server
172.25.16.2 Server2 Client
DNS master configuration file:/etc/named.conf
Specify DNS server resolution address:/etc/reslov.conf
[[email protected] ~]# Yum install bind-y//Installing BIND Package
[[email protected] ~]# RPM-QC bind//Find bind profile
[Email protected] ~]# Rpm-qa | Grepbind//view installed software
Bind-libs-9.8.2-0.17.rc1.el6_4.6.x86_64
BIND-UTILS-9.8.2-0.17.RC1.EL6_4.6.X86_64//Client Tools for searching domain name directives, such as Dig
Bind-9.8.2-0.17.rc1.el6_4.6.x86_64 main package for//dns service
[[email protected] ~]# vim/etc/named.conf//Modify master configuration file
Options {
Listen-on Port: (any;}; Listen to any to allow any host to connect to this DNS server via the TCP53 port
Listen-on-v6 Port 53 {:: 1;};
Directory "/var/named"; Specify DNS working directory to hold data resource files
Dump-file "/var/named/data/cache_dump.db";
Statistics-file "/var/named/data/named_stats.txt";
Memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query {any;}; Allow any host to access a record file
Forwarders {172.25.16.250;}; The IP server behind this parameter is the alternate DNS server, which is the set forwarding function, which can be forwarded to this IP server for querying when the machine cannot query the domain name.
recursion Yes;

Dnssec-enable Yes;
Dnssec-validationno; Turn off DNS security authentication
Dnssec-lookaside Auto;


Bindkeys-file "/etc/named.iscdlv.key";

Managed-keys-directory "/var/named/dynamic";
};
Logging {
Channel Default_debug {
File "Data/named.run";
Severity dynamic;
};
};

Zone "." in{//The Zone definition statement defines the root and root record files for the DNS server
Type hint;
File "named.ca";
};

Include "/etc/named.rfc1912.zones"; Define a child configuration file
Include "/etc/named.root.key";
[Email protected] ~]# vim/etc/named.rfc1912.zones//Specify the domain to be maintained qq.com
Zone "Qq.com" in {
Type master;
File "Test"; The test file corresponds to the host and IP in the domain name to be maintained
allow-update {none;};
};
[Email protected] ~]# cd/var/named
[[email protected] named]# ls
Data named.ca Named.localhost Slaves
Dynamic Named.empty Named.loopback Test
[[email protected] named]# cp-p named.localhosttest//Use template to generate test
[[email protected] named] #vim Test//Add host to IP correspondence
$TTL 1D
@ in SOA lijiajing.qq.com. Root.qq.com. (//soa represents the authorized host name
0; Serial
1D; Refresh
1H; Retry
1W; Expire
3H); minimum
NS lijiajing.qq.com.
Lijiajing A 172.25.16.1
Haha A 172.25.16.111
AA A 172.25.16.222
[Email protected] named]#/etc/init.d/named restart
Specify the address IP of the DNS server on the client
[Email protected] ~]# vim/etc/resolv.conf
NameServer 172.25.16.1
Test
[Email protected] ~]# dighaha.qq.com//or with nslookuphaha.qq.com
; <<>> DiG 9.8.2rc1-redhat-9.8.2-0.17.rc1.el6_4.6<<>> haha.qq.com
;; Global options: +cmd
;; Got Answer:
;; ->>header<<-opcode:query, Status:noerror, id:21743
;; FLAGS:QR AA Rd RA; Query:1, Answer:1, authority:1,additional:1

;; QUESTION section:
; haha.qq.com. In A

;; ANSWER section:
haha.qq.com. 86400 in A 172.25.16.111

;; Authority section:
qq.com. 86400 in NS lijiajing.qq.com.

;; ADDITIONAL section:
lijiajing.qq.com. 86400 in A 172.25.16.1

;; Query time:58 msec
;; server:172.25.16.1#53 (172.25.16.1)
;; When:tue 4 00:10:45 2015
;; MSG SIZE rcvd:85

This article is from the "8397752" blog, please be sure to keep this source http://8407752.blog.51cto.com/8397752/1684355

Introduction and configuration of DNS