The difference between host name and domain name:
The host name is the name of the internal network; the domain name is the name of the external network.
Host name and domain name are actually two completely different names, but many software (such as mail system postfix) will consider them the same by default.
In DNS, domain names include root domains, top-level domains, second-level domains, and host names.
There are 13
DNS root domain servers in the world.
Top-level domain: Managed by the Internet name authority, there are two common types. as follows:
Organization domain:
.com (commercial), .org (organization), .edu (education), .gov (government), .net (communication), .mil (military), .info (information)
Country or region top-level domain:
Cn (China), hk (Hong Kong, China), uk (UK), etc.
FQDN=host name.DNS suffix (FQDN, Fully Qualified Domain Name, fully qualified domain name/full name domain name)
3. Domain name resolution process
Sort by query method
Recursive query:
The client's result can only be success or failure
Iterative query:
The DNS server returns the correct address if the client requests data
DNS server returns a pointer if no data is requested
Sort from query content
Forward resolution: Find the corresponding IP address based on the host name (domain name)
Reverse resolution: Find the corresponding host domain name based on the IP address
Second, Centos7 builds DNS server
Next, take the famous DNS server software BIND (Berkeley Internet Name Domain) as an example to understand the basic construction process of a domain name server in Linux. BIND is a domain name service software package developed by the University of California, Berkeley. Linux uses this software package to provide domain name services. The software implements the DNS protocol. The server software of BIND is a daemon called named.
1. Get to know
In fact, each DNS server is only responsible for managing the correspondence between host domain names and IP addresses in a limited range (one or several domains). These specific DNS domains or IP address segments are called "zones" (zones) . The DNS system can be divided into different types according to the source of the managed area address data. The same DNS server has different identities relative to different regions. The common types are as follows:
Cache name server
Also known as cache-only server
Obtain the domain name -> IP address record by querying other domain name servers
Cache domain name query results locally to improve the speed of repeated queries
Primary domain name server
The official server of a specific DNS zone, unique
Responsible for maintaining all domain name -> IP address mapping records in the zone
From the domain name server
Also known as secondary name server
The domain name -> IP address record maintained by it comes from the primary domain name server
2. BIND installation and control
BIND is not the only DNS service program that can provide domain name services, but it is the most widely used. BIND can run on most Linux/UNIX hosts.
1) Install the bind software.
2) Related software packages
Check the package after installation: rpm -qa | grep “^bind”
bind-9.9.4-37.el7.x86_64.rpm: Provides the main program and related files of the domain name service
bind-chroot-9.9.4-37.el7.x86_64.rpm: Provide a fake root directory for the BIND service (use the /var/named/chroot/ folder as the root directory of BIND) to improve security.
bind-libs-9.9.4-37.el7.x86_64.rpm: Provides functions that bind and bind-utils need to use
bind-utils-9.9.4-37.el7.x86_64.rpm: Provides test tools for DNS server, such as nslookup, etc.
3) BIND service control
After the BIND software package is installed, a system service named named will be automatically added. The operation of DNS domain name service can be controlled through the script file /etc/init.d/named or systemctl and service (before centos6) tools. Such as: systemctl start named, start the named service.
other:
Main executive program: /usr/sbin/named
Service script: /etc/init.d/named
Default listening port: 53
3. Configuration file of BIND service
The use of BIND software to build a domain name service mainly involves two types of configuration files: the main configuration file and the regional data file. Among them, the main configuration file is used to set various operating parameters such as global options, registration zones, and access control of the named service, and the zone data file is used to save the data file (forward or reverse record) of DNS resolution records.
1) Main configuration file
/etc/name.conf (The bind-xxx software package is installed)
/var/named/chroot/etc/named.conf (The bind-chroot-xxx software package is installed)
The main configuration file mainly includes two parts: global configuration and regional configuration. The end of each configuration record ends with a semicolon ";", and the part starting with "#" or "//" represents the comment text (large Paragraph comments can use "/*......*/ format").
a. Global configuration section
Set the global parameters of the DNS server
Including listening address/port, default location of data files, etc.
Use options {…… }; configuration section
b. Regional configuration section
Set the specific DNS zone that this server provides for domain name resolution
Including domain name, server role, data file name, etc.
Use zone "zone name" IN {…… }; configuration section
2) Zone data configuration file (data file that saves DNS resolution records)
/var/named/ (The bind-xxx software package is installed)
/var/named/chroot/var/named/ (The bind-chroot-xxx software package is installed)
Each zone data file corresponds to a DNS resolution zone, and the file name and content are set by the administrator of the domain. (It must be the same as the file name specified in the global configuration, otherwise an error will occur)
In the zone data file, it mainly includes TTL configuration items, SOA (Start Of Authority) records, and address resolution records. The comment information in the file starts with a semicolon ";".
a. Global TTL configuration items and SOA records
"@" represents the current DNS zone name, which is equivalent to "benet.com."
$TTL (Time To Live, time to live) record
SOA (Start Of Authority, start of authorization information) record
The part starting with a semicolon ";" indicates comment information
b. Domain name resolution record
Forward analysis record:
NS domain name server (Name Server): Record the host address of the DNS server of the current zone
MX Mail Exchange: Record the host address of the mail server in the current zone. The number 10 indicates the priority.
A Address (Address): record forward resolution entries, only used in the forward resolution area
CNAME alias (Canonical Name): record the other name of a forward resolution entry
Note: Among them, the "@" symbol at the beginning of the NS and MX records can be omitted (by default, the @ information at the beginning of the SOA record is inherited), but a space or Tab must be reserved.
Reverse analysis record:
PTR pointer (Point) record, only used in the reverse analysis area
Specify the host address part of the IP address in the first column of the record. For example, "4 IN PTR mail.benet.com." in the above indicates that the domain name of the host with the IP address of 173.16.16.4 is maiil.benet.com.
Note: In the regional data configuration file, for any host address that does not end with a dot ".", the system will automatically use the current domain name as the suffix when searching for address records. For example, if the current DNS domain is "benet.com", the host address "www" in the file is equivalent to "www.benet.com." Therefore, when using a complete FQDN address, remember that the dot "." at the end of the address cannot be omitted.
3) Check the syntax of the configuration file
a.named-checkconf tool
b.named-checkzone tool
