Linux dns configuration and basic introduction!

Linux dns configuration and basic introduction! (GO) -- Linux Enterprise Application-Linux server application information. For details, refer to the following section. I. Basic DNS knowledge
As we all know, in network communication, data links Use MAC addresses. The network layer uses IP addresses, and the transport layer uses port numbers, each of which has its own identification method. IP addresses are the most closely related to users. Each incoming computer (whether Internet or Intranet) must have its own IP address to ensure correct information transmission. However, IP addresses are composed of numbers, which are difficult to remember and express their actual use. Therefore, people use domain names in images instead of IP addresses to facilitate communication and memory. However, note that, packet transmission in network communication relies on IP addresses. That is to say, when www.syd.com sends a message to www1.syd.com, it must first convert its own domain name and the other's domain name to the actual IP address, and fill it in the header of the data packet for data transmission. The software that completes the translation (resolution) from the domain name to the IP address or from the IP address to the domain name is the DNS service system. The DNS service system must be installed on a computer, which is called a DNS server.
So far, there are three main methods to implement such domain name resolution:
1) hosts file, but all servers that parse each other must be configured
1) NIS (SUN technology) centrally manages domain names and is only applicable to lan.
3) DNS implements hierarchical and Distributed Management of domain names. Most of them are currently in this way.
It is difficult to configure DNS services and may require ISP support. DNS is also the basis of various network application services, such as websites and emails... All Require Domain Name support, and with DNS, it is much easier to port IP addresses.
Ii. Conditions for configuring the DNS server in Linux
Currently, various Linux systems provide software for implementing DNS services, and most of them are directly installed by default (this is inseparable from Linux's main service-oriented purposes ). In Linux, the DNS server software is called bind. Currently it is version 9. Its management program is named (here d indicates the daemon process, that is, the service in Windows)
1) Check whether DNS service software is installed
# Rpm-ql bind
If no installation is available, you can add:
# Rpm-ivh * bind *. rpm (first copy of RH9)
# Rpm-ivh * nameservere *. rpm (second copy of RH9 ))

Iii. DNS server composition and Configuration Methods
The DNS service system adopts the C/S structure. The common user's machine is C, and the DNS resolution service is S. The client configuration is quite simple, just in/etc/resolv. add the IP address of the DNS server to the conf file (up to three). The format is as follows:
Nameserver 172.16.0.3
Nameserver 10.8.10.244)
(Note: it is best to put your DNS server IP address in front of the experiment. Otherwise, the test may fail, but the Internet access speed may be slower. It is worthwhile for the experiment !)
The configuration on the DNS server mainly includes the master configuration file and regional file.
Main configuration file:/etc/named. conf completes the region name and global configuration (such as sub-domain name, access control, etc)
Region file (under/var/named by default). The file name is the same as that in the main configuration file. It records DNS resources (including SOA, MX, A, NS, CNAME, etc.), detailed descriptions in the following configuration file.


========================================================== ======================================
The following describes the implementation process.
========================================================== ==================================
IV. Implementation of text Configuration
1. Configuration Planning
To make it easy for everyone to understand, I will first write out my ideas:
I have installed two rh as 3 systems on my own machine (512 MB, 80 GB, 1.7 GHz, 64 MB Vcard) so that I have a total of three machines for testing. My goal is to experiment in two Linux systems to implement domain name resolution and subdomain names.
The domain I want to implement is syd168.com. The machines in the domain include www, bbs, ftp, mai, and ssl.
They are used to complete websites, BBS, FTP, email, and e-commerce sites, and are all on one machine (172.16.0.3), which is often used on different machines.
In addition, I plan to implement syd168.com and sub.syd168.com. The subdomain has its own host resolution records (www, mail, ftp, ssl...) and cross-network segments.
Note: If the virtual host technology is required for various services to correspond to different domain names on one machine, I will release their implementation methods in the future. In fact, there are a lot of related information here.
RH AS1:
IP: 172.16.0.3/16
Gateway: 172.16.0.2
DNS customer configuration 172.16.0.3
RH AS2:
IP: 172.16.0.4/16
Gateway: 172.16.0.2
DNS customer configuration 172.16.0.4

1. Configure the master configuration file
After Bind is installed, the main configuration file/etc/named. conf is generated by default.
# Add the following content to vi/etc/named. conf:

* *********************/Etc/named. conf **************************
Options {

Directory "/var/named"; // location of the region File
Forwarders {10.8.10.244 ;};
// Allow-query {172.16.0.0/16 };
// Allow-transfer {172.16.0.0/16 ;};
// Forward only;
};
Controls {
Inet 122.0.0.1 allow {localhost;
172.16.0.3; 172.16.0.4;} keys {rndckey ;};
};

Zone "." IN {
Type hint;
File "named. ca ";
};
Zone "localhost" IN {
Type master;
File "localhost. zone ";
Allow-update {none ;};
};
Zone "0.0.127.in-addr. arpa" IN {
Type master;
File "localhost. arpa ";
Allow-update {none ;};
};

// ================================== Newly added content ====================== ==========
Zone "syd168.com" IN {// implement the syd168.com domain
Type master; // The main domain to be implemented
File "syd168.com. zone"; // The record file of the primary domain (a memorable name) is stored under/var/named.
};
Zone "0.16.172.in-addr. arpa" IN {// reverse resolution region of syd168.com
Type master; // The type is the main region
File "syd168.com. arpa"; // The file stored in the reverse region record (the name of the note ).
};
// ================================== End of the newly added content ================== ==========

Include "/etc/rndc. key ";



2. Create two regional files/var/named
1) # vi/var/named/syd168.com. zone



// ================= Forward region file/var/named/syd168.com. zone ================

$ TTL 2 h
Syd168.com. in soa www.syd168.com. master.syd168.com. (// The leftmost syd168.com can be simplified to @, followed by the in soa primary DNS server domain name DNS server administrator email
20040730; serial number // region serial number. This parameter must be added when it is modified. Otherwise, the slave domain may be inconsistent!
2 h; refresh timeout // refresh the timeout value from the domain
40 m; retry refresh timeout // refresh time from the domain
1 w; expire timeout // time when the refresh from the domain fails and the primary domain is deemed invalid
2 h; TTL time
)
// Keep each of the following lines to the left, that is, do not leave blank on the left.
Syd168.com. in ns www.syd168.com. // indicates that the domain name of syd168.com is translated by www.syd168.com (or IP ).

Www in a 172.16.0.3 // the IP address corresponding to www.syd168.com is 172.16.0.3
Www in a 172.16.0.4 // the IP address corresponding to www.syd168.com is 172.16.0.4. Load Balancing can be achieved with multiple IP addresses for A Single Domain Name

Ftp in a 172.16.0.4 // The left side can also be written as ftp.syd168.com. Note! At this time, there must be multiple vertices at the end; otherwise, an error occurs.
Mail in a 172.16.0.5 // The full domain name must end with A dot!
Bbs in a 172.16.0.6 // IN indicates Internet, and A indicates Address
Test in a 172.16.0.7 // note that these IP addresses must be available together, otherwise they will be useless!
Ssl in a 172.16.0.3

Syd168.com. in mx 10 mail.syd168.com. // indicates that emails sent to the syd168.com domain are forwarded by the mail.syd168.com host, and MX indicates mail exchange
In

// The following two rows are used to implement the subdomain. The subdomain to be implemented is sub.syd168.com of syd168.com. The parent domain provides the server address pointing to the subdomain.
Sub in ns www.sub.syd168.com. // indicates that domain names suffixed with sub.syd168.com are translated by www.sub.syd168.com, and NS indicates Name Server
Www. sub in a 172.16.1.3 // indicates that the host of the www. sub host IN this domain is resolved to 172.16.1.3

// The following is the host alias, Which I generally do not set, because the above is already a standard name, what to do with the alias, you can also directly set the host name if needed
Www1 in cname www
Ftp1 in cname ftp
Bbs1 in cname bbs
Mail1 in cname mail
Test1 in cname test
Ssl1 in cname ssl1

// ==================== End of the forward region file ==================



// ================= Reverse region file/var/named/syd168.com. arpa ==============

$ TTL 2 h
@ In soa www.syd168.com. master.syd168.com .(
20040730; serial number
2 h; refresh timeout
40 m; retry refresh timeout
1 w; expire timeout
2 h; TTL time
)
In ns www.syd168.com. // note that a space is required on the left of the row, or enter "region name.", that is, 0.16.172.in-addr. arpa.

3 in ptr www.syd168.com. indicates that the Host IP address of www.syd168.com is 172.16.0.3 (reverse resolution)
4 in ptr ftp.syd168.com.
5 in ptr mail.syd168.com.
6 in ptr bbs.syd168.com.
7 in ptr test.syd168.com.

// ================= End of the reverse region file ====================

3. Test and debug configurations
After modification, save and launch
1) # service named start // start the named service (the process that provides the DNS service). Common Errors are the lack of. Or; or redundant spaces on the left to exclude the direct path command without errors.
2) # named // my virtual machine must be resolved in this way. Normal machines do not need it, and I am at/etc/rc. d/rc. add the row for running named in local
3) # Check whether the named-g is correct. It is generally clear that many people say that the service runs normally but cannot be parsed, except for/etc/resolv. the conf file does not contain the IP address of the DNS server. Most errors can be ruled out using this command.
4) # host www.syd168.com // is the test successful? If it succeeds, other host records are generally okay. Host can be replaced by ping.
5) host 172.16.0.3 // test reverse resolution
6) host-t MX syd168.com // test the email Exchanger
7) host-t NS syd168.com // test the Domain Name Server

Note: # named-g is very useful! All my DNS errors are ruled out using it. It is intuitive and can give error rows. It is essentially a more detailed log display.
If the local test is normal, it is strongly recommended that you perform the Remote Test and generally fail at the beginning. Why? Because you didn't add nameserver 172.16.0.3 to its/etc/resolv. conf. Try it? Haha, it was so simple!