Linux and cloud Computing--phase fourth: DNS Server Setup 1-install bind

Linux and Cloud computing--the second phase of Linux Server Setup Fourth: DNS Server Erection 1-dns Basic Principles and package installation

Generally speaking, the domain name is more meaningful than the IP address, but also easier to remember, so usually users are more accustomed to enter the domain name to access the network resources, but the computer host in the Internet can only be recognized by IP host, then the DNS domain name resolution service is required.

The DNS Domain name resolution service (domain name System) is a service that resolves the relationship between the domain name and the IP address, enabling forward parsing and reverse parsing: Forward parsing: Finding the corresponding IP address based on the hostname (domain name). Reverse resolution: Find the corresponding hostname (domain name) based on the IP address.

650) this.width=650; "Src=" Http://s1.51cto.com/wyfs02/M02/84/8C/wKioL1eUOj6AhYBKAADlueHGLkA452.png-wh_500x0-wm_3 -wmp_4-s_3338128593.png "title=" image 1.png "alt=" Wkiol1euoj6ahybkaadluehglka452.png-wh_50 "/>

And a few DNS servers must not meet the needs of so many users around the world, so from the working form of the master server, from the server and cache server.

Primary Server : Unique within a specific region, responsible for maintaining the domain name and IP address correspondence within the zone.

from the server : Obtain the domain name and IP address from the master server and maintain it in case the primary server goes down.

Cache Server : Improve the efficiency of duplicate queries by obtaining the corresponding relationship between the domain name and IP address by querying other DNS servers.

It is also necessary to understand that DNS queries are divided into recursive queries and iterative queries:

Recursive queries: used by clients to query DNS servers.

Iterative query: Used for DNS server queries to other DNS servers.

The Internet DNS access model--using distributed data structure to save large amount of regional information, the user from the Internet to query the process of the general process is:

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/84/8C/wKioL1eUOozC-oS2AALVIe_t9yc591.png "title=" Picture 2.png "alt=" Wkiol1euoozc-os2aalvie_t9yc591.png "/>

[1] install BIND.

Berkeley Internet domain Name Service bind (Berkeley Internet name Daemon) is the world's most widely used internet to provide a safe, reliable, fast and efficient domain name resolution service program. And the BIND service also supports the chroot (change root) prison security mechanism, the chroot mechanism restricts the BIND service program to operate only on its own configuration files, thus ensuring the security of the entire server, so that, Then we'll choose to install Bind-chroot.

[[email protected] ~]# yum-y install bind -chroot bind-utils

[2] Configure BIND.

Domain Name resolution service The program name for Bind is called named, and the configuration file for the service program is as follows:

Main program /usr/sbin/named

Master configuration file /etc/named.conf

zone configuration file /etc/named.rfc1912.zones

[Email protected] ~]# vim/etc/named.conf

11 Line modified to: listen-on Port : (any;};

17 Line modified to: allow-query { any;};

When a user accesses a domain name (regardless of factors such as the Hosts file), a recursive query request is sent to the specified DNS host, and if the DNS host does not have resolution information for that domain name, it will continually iterate over the DNS host, where the highest level (authoritative) root DNS host has 13 units. The following were:

Root DNS server IP address file:/var/named/named.ca,13 Root name server can find all relevant information on the IANA website (iana.org)

In order to avoid the DNS service error caused by frequent modification of the master profile named.conf, the zone information of the rule is saved in the "/etc/named.rfc1912.zones" file. This file is used to define the location of the file where the domain name and IP address resolution rules are saved, as well as the type of regional service, which must be carefully modified.

Forward parsing zone file format:

Zone " example.com "in {

type master; # Service Type

file " Example.com.zone "; #域名与IP地址解析规则保存的文件位置

allow-update {none;}; #允许哪些客户机动态更新解析信息

};

There are three types of services available: hint (root zone), Master (primary zone), slave (secondary zone) .

Reverse Parse zone file format:

Zone " the . 168 . 192 . In-addr.arpa "in { #表示为192.168.96.0/24 Reverse parsing Area

Type master;

file " 192.168.96.arpa ";

}；

detailed video Lesson please poke-→ http://edu.51cto.com/course/course_id-6574.html

Linux and cloud Computing--phase fourth: DNS Server Setup 1-install bind