Article Title: setting up a DNS server in Linux (1 ). Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
1. Introduction to Domain Name System
1. Domain Name System
The domain name system is a distributed database that enables local control of part of the entire Distributed Database segment. The data in each segment can be accessed through the customer, and the server mode can be accessed throughout the network, by using the replication and cache technologies, the entire database is reliable and has good performance.
The Domain Name Server contains part of the database segment information and can be accessed by customers called the parser.
The DNS database structure forms an inverted tree structure. The root name is represented by an empty string "", ". "to write. each node in the tree represents a partition (domain) in the entire distributed database. Each domain can be further divided into subpartitions (domains). Each domain has a LABEL ), it indicates its relationship with the parent domain. the domain name also has a domain name to indicate its location in the distributed database. in DNS, the domain name is a sequence of tags from the domain to the root, ". "Separate these tags. the tag can contain a maximum of 63 characters. the complete domain name of each node in the tree is the tag sequence from the node to the root path.
If the root domain appears in the domain name of the node, the name looks like ending with a vertex (actually ending with a vertex and an empty tag ). these Domain names ending with vertices are called absolute Domain Names (Absoulte Domain names ). A domain name that does not end with a vertex is called a relative domain name.
Domains is a subtree in the tree Domain Name Space. The domain name is the same as the domain name of the child root node. that is to say, the domain name is the name of the top node in the domain. for example, the top of the zhuhai.gd.cn domain is a node named zhuhai.gd.cn.
In DNS, each domain is managed by a different organization. each organization can divide its domains into a certain number of subdomains and delegate these subdomains to other organizations for management. the domain can include both the host and other domains (its subdomains ). the domain name is used as an index in the DNS database. any domain name in the subdomain is considered as part of the domain.
In fact, the host is a domain, and the domain name is only an index in the DNS database. "host" can be indexed by the Domain Name Pointing to the relevant host information. The domain contains all hosts whose domain names are located in the domain.
In the domain name tree, the domains of leaf nodes usually represent hosts. Their domain names can point to network addresses, hardware information, and mail routing information. for a node in the tree, its domain name can either name a host or point to the structure information about the child or subdomain of the domain. The internal domain name in the domain name tree is not restricted by uniqueness, they can represent both the domain they correspond to and a specific host on the network. for example, sun.com is not only the sun domain, but also the Domain Name of the email server that forwards emails between sun and the internet.
Each host on the network has a domain name. The domain name provides information about the host, including IP addresses and MAIL route information. The host can also have one or more domain name aliases, an alias is only an alias pointing to a formal domain name.
1.1 domain name.
A simple way to determine whether a domain is a subdomain of another domain is to compare their domain names. The subdomain names end with their parent domain names.
One of the main purposes of designing a Domain Name System is to decentralize management, which is achieved through proxy. the organization that manages the domain divides the domain into subdomains. each subdomain can be represented by another organization. This means that the proxy organizations are responsible for maintaining all data in this subdomain. they can change data freely, and even divide the subdomains they manage into more subdomains and reallocate them. the parent domain only contains pointers pointing to these subdomains, so it references queries there.
1.2 Domain Name Server
The program that stores Domain name Space Information is called the Domain name server ). generally, a Domain Name Server has complete information about some domain name spaces (called zone zones. the domain name server can have multiple zones for authorization.
Relationship between zones and domains:
The zone contains all domain names and data contained in the domain except for the subdomains that are proxies to other places. If the subdomains of the domain are not proxies, the zone contains the subdomain name and data in the subdomain.
DNS defines two types of domain name servers: primary Master and secondary Master. PM Domain Name Server
Obtain the data of the zone it is responsible for from the files on the host it runs, And the SM Domain Name Server obtains the data of the zone from other domain name servers with the authorization of the zone. the SM Domain Name Server regularly queries the PM Domain Name Server to ensure that the zone data is the latest version.
Generally, it is better to set up a PM Domain Name Server and several SM domain name servers to share the load and ensure that all hosts in the zone have relatively close domain name servers for convenient access.
1.3 parser
The parser runs on the host and requires Domain Name Space Information re-requires a Resolver. in bind, the parser is just a set of Library Routines and compiled into programs such as telnet and ftp, they are not independent processes. the parser collects queries, sends queries, and waits for responses. If no response is received, resend the query.
1.4 ing between addresses and domain names
The data in the domain name space is indexed by name, and it is relatively easy to find the address of a given domain name. however, to find the domain name mapped to a certain address, you need to search for the domain name space in the tree. in this case, the efficiency will be quite low. To solve this problem, create an address-Based Domain Name Space. this part of namespace is called the in-addr.arpa domain.
Nodes in the in-addr.arpa domain are represented by Doted-octet (representing the 32bitIP address ". "separated by four 8-bit decimal form) represents the IP address. the IP address is represented in the opposite direction in the namespace, because the name is read from the leaf root, for example, the IP address of www.zhuhai.gd.cn is 202.105.177.100, then the corresponding in-addr.arpa subdomain is 177.105.202.in-addr. arpa enables the first byte in the IP address to appear at the top of the tree to enable the Administrator to proxy the in-addr.arpa domain along the network connection, such as 177.105.202.in-addr. arpa can be delegated to the administrator of 177.105.202.
1.5 cache and lifetime
When processing recursive queries, the name server may need to perform multiple queries to obtain information. In this process, the name server can obtain a lot of information about the Domain Name Space, the Name Server caches the information to accelerate future queries. in addition to accelerated query, the cache does not require you to query the root name server again. This removes the need to rely too much on the Root name server to significantly reduce the load on the Root name server.
TTL is the length of time allowed by the name server to cache data. Once TTL reaches, the name server must discard the cached data and obtain new data from the authorized name server. this ensures domain data consistency across the network.
1.6 BIND: LINUX Name Service
Like other unix systems, linux uses BIND to implement the name service. The BIND server software is called the named daemon. The bind home page is the http://www.isc.org.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.