Shulou(Shulou.com)06/01 Report--

I believe many inexperienced people don't know what to do with the tutorial of building DNS multi-domain name resolution server by centos5.3. Therefore, this article summarizes the causes and solutions of the problem. Through this article, I hope you can solve this problem.

Domain name and domain name resolution

In order to distinguish each host in the network, each host must be assigned a unique address, which is called the "IP address". But these numbers are difficult to remember, so they are replaced by "domain names". In the end, however, the domain name must be converted to the corresponding IP address in order to access the host.

DNS service, also known as domain name resolution service, provides the translation between domain name and IP address. The forward resolution of the domain name is the process of translating the host name into the IP address, and the reverse resolution of the domain name is the process of converting the IP address into the host name. In general, we rarely need to translate IP addresses into hostnames, that is, reverse resolution. Reverse parsing is often used by some daemons and cannot be seen by users.

II. DNS architecture

The hierarchical structure of the domain is like an inverted tree, and the hierarchical structure is very clear, as shown in the figure. The root domain is located at the top, followed by several top-level domains immediately below the root domain, each top-level domain can be further divided into different secondary domains, and the secondary domain can be subdivided into subdomains, and below the subdomain can be the host or the subdomain. until the last host. The domain in Internet is managed by InterNIC, and the service of domain name is implemented by DNS.

III. DNS parsing process

1. The client requests to resolve the IP address of the www.exmaple.com.cn. If there is no relevant resolution in the local hosts file, a resolution request is issued to the local DNS server.

2. If the local DNS server has the resolution information of the domain name, it is returned directly to the client; if the local DNS server does not have the resolution information of the domain name, the local DNS server asks the root DNS server for the IP address of the www.exmaple.com.cn

3. If the root DNS server has the resolution information for the domain name, it returns the information directly to the local DNS server, and the local DNS server returns the resolution information to the client. If the root DNS server does not have the resolution information for the domain name, it returns the IP address of the DNS server that governs the .cn resolution business.

4. The local DNS server asks the DNS server in charge of .cn for the IP address of www.exmaple.com.cn.

5. If the .cn server has the resolution information for the domain name, the information is returned directly to the local DNS server, and the local DNS server returns the resolution information to the client. If the .cn DNS server does not have the resolution information for the domain name, the DNS server in charge of the .cn resolution business informs the DNS server of the IP address of the .com.cn server.

6. The local DNS server asks the DNS server in charge of .com.cn for the IP address of www.exmaple.com.cn.

7. If the .com.cn server has the resolution information of the domain name, the information will be returned directly to the local DNS server, locally.

The DNS server then returns the resolution information to the client; if the .com.cn DNS server does not have the resolution information for the domain name, the DNS server in charge of the .com.cn resolution business informs the IP address of the DNS server of .example.com.cn

8. The local DNS server asks the DNS server under the jurisdiction of .example.com.cn for www. Example.com.cn IP address

9. The DNS server in charge of .example.com.cn informs www.exmaple.com.cn of the IP address of the DNS server

10. The local DNS server parses the IP address of www.exmaple.com.cn and passes it back to the client.

4. Build DNS multi-domain resolution server under centos5.3.

System platform: centos5.3 kernel version: 2.6.18-128.2.1.el5

DNS server IP: 192.168.2.210

Web Server A:www.chinaunix.net 192.168.2.181

Mail Server B:mail.chinaunix.net 192.168.2.182

Web server C:www.chinaunix.org 192.168.2.183

Mail Server D:mail.chinaunix.org 192.168.2.185

1. Install bind-related software package [root@server ~] # yum-y install bind* caching-nameserver

2. Modify the main configuration file

[root@server ~] # cd / var/named/chroot/etc/

[root@server etc] # cp-p named.caching-nameserver.conf named.conf

[root@server etc] # cp-p named.rfc1912.zones named.rfc1912.zones.bak

Note: the cp parameter-p will not only copy the contents of the source file, but also copy its modification time and access rights to the new file.

The owner of most of the configuration files here is root, and the group is named. If it is only cp, it will be reported when starting the named service.

Wrong.

[root@server etc] # vi named.conf

/ /

/ / named.caching-nameserver.conf

/ /

/ / Provided by Red Hat caching-nameserver package to configure the

/ / ISC BIND named (8) DNS server as a caching only nameserver

/ (as a localhost DNS resolver only)

/ /

/ / See / usr/share/doc/bind*/sample/ for example named configuration

Files.

/ /

/ / DO NOT EDIT THIS FILE-use system-config-bind or an editor

/ / to create named.conf-edits to this file will be lost on

/ / caching-nameserver package upgrade.

/ /

Options {

Listen-on port 53 {any;}

Listen-on-v6 port 53 {:: 1;}

Directory "/ var/named"

Dump-file "/ var/named/data/cache_dump.db"

Statistics-file "/ var/named/data/named_stats.txt"

Memstatistics-file "/ var/named/data/named_mem_stats.txt"

/ / Those options should be used carefully because they disable port

/ / randomization

/ / query-source port 53

/ / query-source-v6 port 53

Allow-query {any;}

}

Logging {

Channel default_debug {

File "data/named.run"

Severity dynamic

}

}

View localhost_resolver {

Match-clients {any;}

Match-destinations {any;}

Recursion yes

Include "/ etc/named.rfc1912.zones"

}

[root@server etc] # vi named.rfc1912.zones

/ / named.rfc1912.zones:

/ /

/ / Provided by Red Hat caching-nameserver package

/ /

/ / ISC BIND named zone configuration for zones recommended by

/ / RFC 1912 section 4.1: localhost TLDs and address zones

/ /

/ / See / usr/share/doc/bind*/sample/ for example named configuration

Files.

/ /

Zone "." IN {

Type hint

File "named.ca"

}; # root DNS server profile

Zone "localdomain" IN {

Type master

File "localdomain.zone"

Allow-update {none;}

}; # template 1

Zone "0.0.127.in-addr.arpa" IN {

Type master

File "named.local"

Allow-update {none;}

}; # template 2

Zone "chinaunix.net" IN {

Type master

File "chinaunix.net.zone"

Allow-update {none;}

}; # template 1 copied and modified

Zone "chinaunix.org" IN {

Type master

File "chinaunix.org.zone"

Allow-update {none;}

}; # template 1 copied and modified

Zone "2.168.192.in-addr.arpa" IN {

Type master

File "2.168.192.in-addr.local"

Allow-update {none;}

}; # template 2 copied and modified

Remarks: blue fonts are added and modified.

3. Zone configuration file

[root@server etc] # cd.. / var/named/

[root@server named] # cp-p localdomain.zone chinaunix.net.zone

[root@server named] # cp-p localdomain.zone chinaunix.org.zone

[root@server named] # cp-p named.local 2.168.192.in-addr.local

[root@server named] # vi chinaunix.net.zone

$TTL 86400

@ IN SOA localhost root (

42; serial (d. Adams)

3H; refresh

15m; retry

1W; expiry

1D); minimum

IN NS chinaunix.net.

IN MX 10 mail.chinaunix.net.

Www IN A 192.168.2.181

Mail IN A 192.168.2.182

[root@server named] # vi chinaunix.org.zone

$TTL 86400

@ IN SOA localhost root (

42; serial (d. Adams)

3H; refresh

15m; retry

1W; expiry

1D); minimum

IN NS chinaunix.org.

IN MX 10 mail.chinaunix.org.

Www IN A 192.168.2.183

Mail IN A 192.168.2.185

[root@server named] # vi 2.168.192.in-addr.local

$TTL 86400

@ IN SOA localhost. Root.localhost. (

1997022700; Serial

28800; Refresh

14400; Retry

3600000; Expire

86400); Minimum

IN NS chinaunix.net.

IN NS chinaunix.org.

181 IN PTR www.chinaunix.net.

182 IN PTR mail.chinaunix.net.

183 IN PTR www.chinaunix.org.

185 IN PTR mail.chinaunix.org.

4. Test

[root@server ~] # nslookup

Dead www.chinaunix.net

Server: 192.168.2.210

Address: 192.168.2.210#53

Name: www.chinaunix.net

Address: 192.168.2.181

Dead www.chinaunix.org

Server: 192.168.2.210

Address: 192.168.2.210#53

Name: www.chinaunix.org

Address: 192.168.2.182

Dead mail.chinaunix.net

Server: 192.168.2.210

Address: 192.168.2.210#53

Name: mail.chinaunix.net

Address: 192.168.2.183

Dead mail.chinaunix.org

Server: 192.168.2.210

Address: 192.168.2.210#53

Name: mail.chinaunix.net

Address: 192.168.2.185

@ 192.168.2.181

Server: 192.168.2.210

Address: 192.168.2.210#53

181.2.168.192.in-addr.arpa name = www.chinaunix.net.

@ 192.168.2.182

Server: 192.168.2.210

Address: 192.168.2.210#53

182.2.168.192.in-addr.arpa name = mail.chinaunix.net.

@ 192.168.2.183

Server: 192.168.2.210

Address: 192.168.2.210#53

183.2.168.192.in-addr.arpa name = www.chinaunix.org.

@ 192.168.2.185

Server: 192.168.2.210

Address: 192.168.2.210#53

185.2.168.192.in-addr.arpa name = mail.chinaunix.org.

After reading the above, have you mastered the method of centos5.3 's tutorial on building DNS multi-domain name resolution server? If you want to learn more skills or want to know more about it, you are welcome to follow the industry information channel, thank you for reading!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.