In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-03-29 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/02 Report--
1. Describe the DNS query process and the DNS server category.
DNS query process:
The process that a complete query request goes through:
Client-- > hosts file-- > DNS Local Cache-- > DNS Server (recursion)-- >
The domain you are responsible for parsing: query the database directly and return the answer
Not responsible for the resolution domain: ServerCache-- > iteration (iteration)
DNS server category:
Primary-secondary DNS server:
Master DNS server: the server that maintains the domain database parsed by the server; both read and write operations can be performed
Slave DNS server: "copy" a parse library from the master DNS server or other DNS server; but only read
How to implement the copy operation:
Serial number: serial, that is, the version number of the database; when the content of the main server database changes, the version number increases
Refresh interval: refresh, how often does the server go to the main server to check the serial number update status
Retry interval: retry, the time between which a request from the slave server to synchronize the parse library fails to initiate the request again
Expiration time: expire: when the slave server cannot reach the master server, how long will it take to give up synchronizing data from the master server; stop providing services
The cache duration of the negative answer:
2. Set up a DNS server, which is responsible for resolving magedu.com domain names (set host name and IP by yourself)
(1) some hostnames can be parsed forward and reverse.
(2) perform subdomain authorization to the subdomain cdn.magedu.com, and the subdomain is responsible for resolving the hostname in the corresponding subdomain.
(3) in order to ensure the high availability of DNS service system, please design a set of scheme and write out the detailed implementation process.
First install and configure bind:
Yuminstall bind-y
Servicenamed start
Systemctlstart named.service (centos7)
Ss-tunl | grep 53
Bind:
Main configuration file: / etc/named.conf
Or include other files
/ etc/named.iscdlv.key
/ etc/named.rfc1912.zones
/ etc/named.root.key
Parse the library file:
/ var/named/ directory
The general name is: ZONE_NAME.zone
Note: (1) one DNS server can provide resolution for multiple regions at the same time.
(2) there must be a root zone resolution library file: named.ca
(3) there should also be two regional parsing libraries: localhost and 127.0.0.1 forward and backward parsing libraries.
Forward: named.localhost
Reverse: named.loopback
a. Analyze a positive region
1. Configuration of the cache name server:
[root@localhost~] # vim / etc/named.conf
/ /
/ / named.conf
/ /
/ / Provided by Red Hat bind package to configure the ISC BIND named (8) DNS
/ / server as a caching only nameserver (as a localhost DNS resolver only).
/ /
/ / See / usr/share/doc/bind*/sample/ for example named configuration files.
/ /
/ / See the BIND Administrator's Reference Manual (ARM) for details about the
/ / configuration located in / usr/share/doc/bind- {version} / Bv9ARM.html
Options {
/ / listen-on port 53 {127.0.0.1;}; # logging off this line means listening to all addresses
/ / listen-on-v6 port 53 {:: 1;}; # Log off this line
Directory "/ var/named"
Dump-file "/ var/named/data/cache_dump.db"
Statistics-file "/ var/named/data/named_stats.txt"
Memstatistics-file "/ var/named/data/named_mem_stats.txt"
/ / allow-query {localhost;}; # disable local queries only
Recursion yes
/ / dnssec-enable yes; # # when learning, it is recommended to turn off dnssec,DNS security certification
/ / dnssec-validation yes; # # when learning, it is recommended to turn off dnssec
Check the syntax errors of the configuration file after the modification is completed
Named-checkconf [/ etc/named.conf]
[root@localhost~] # named-checkconf
two。 Define area
Implemented in the main configuration file or in the main configuration file secondary configuration file
[root@localhost~] # vim / etc/named.rfc1912.zones # Edit the configuration file and add the following
Add zone "magedu.com" IN {# #
Type master
File "magedu.com.zone"
}
3. Establish a regional data file (mainly An or AAAA records)
Create a zone data file in the / var/named directory
[root@localhostnamed] # vim / var/named/magedu.com.zone
$TTL86400 # cache validity period 86400 seconds = 1 day
$ORIGINmagedu.com.
@ IN SOA ns1.magedu.com.dnsadmin.magedu.com. (
2017060601 # Serial number
1H # refresh time
10m # # retry time
3D # # expiration time
1D) # negative answer time
IN NS ns1
IN NS ns2
IN MX 10 mx1
IN MX 20 mx2
Ns1 IN A 192.168.0.104
Ns2 IN A 192.168.0.105
Mx1 IN A 192.168.0.106
Mx2 IN A 192.168.0.107
Www IN A 192.168.0.104
Web IN CNAME www
~ Syntax check:
[root@localhostnamed] # named-checkconf
[root@localhostnamed] # named-checkzone magedu.com / var/named/magedu.com.zone
Zonemagedu.com/IN: loaded serial 2017060601
OK
Permission modification:
[root@localhostnamed] # chown: named/ var/named/magedu.com.zone # modify the subordinate group to named
Chmodo= / var/named/magedu.com.zone # modify others without permission
4. Have the server reload configuration files and zone data files
# rndc reload or
# systemctl reload named.service
Test:
Dig-t A www.magedu.com @ 192.168.0.104
Similarly, the configuration parses a reverse area
1. Define area
Implemented in the main configuration file or in the main configuration file secondary configuration file
[root@localhost/] # vim / etc/named.rfc1912.zones
Zone "0.168.192.in-addr.arpa" IN {
Typemaster
File "192.168.0.zone"
}
two。 Define the zone resolution library file (mainly recorded as PTR)
[root@localhostnamed] # vim / var/named/192.168.0.zone
$TTL86400
$ORIGIN0.168.192.in-addr.arpa.
@ IN SOA ns1.magedu.com.nsadmin.magedu.com (
2017060601
1H
10M
3D
1D)
IN NS ns1.magedu.com.
104 IN PTR ns1.magedu.com.
105 IN PTR ns2.magedu.com.
106 IN PTR mx1.magedu.com.
107 IN PTR mx2.magedu.com.
104 IN PTR www.magedu.com.
Permission modification:
[root@localhostnamed] # chgrp named/ var/named/192.168.0.zone
[root@localhostnamed] # chmod o = / var/named/192.168.0.zone
Syntax check:
[root@localhostnamed] # named-checkconf
[root@localhostnamed] # named-checkzone 0.168.192.in-addr.arpa / var/named/192.168.0.zone
Zone0.168.192.in-addr.arpa/IN: loaded serial 2017060601
OK
# rndc reload or
# systemctl reload named.service
3. Have the server reload configuration files and zone data files
# rndc reload or
# systemctl reload named.service
Test
Dig-x 192.168.0.104 @ 192.168.0.104
b. Subdomain authorization
1. Add subdomains to the magedu.com parsing library.
[root@localhost~] # vim / var/named/magedu.com.zone
$TTL86400
$ORIGINmagedu.com.
@ IN SOA ns1.magedu.com.dnsadmin.magedu.com. (
2017060612
1H
10M
3D
1D)
IN NS ns1
IN NS ns2
IN MX 10 mx1
IN MX 20 mx2
Ns1 IN A 192.168.0.104
Ns2 IN A 192.168.0.150
Mx1 IN A 192.168.0.106
Mx2 IN A 192.168.0.107
Www IN A 192.168.0.104
Web IN CNAME www
Pop3 IN A 192.168.0.108
Cdn IN NS ns1.cdn # add subdomains
Cdn IN NS ns2.cdn # add subdomains
Ns1.cdnIN A 192.168.0.103 # add A record
Ns2.cdnIN A 192.168.0.155 # add A record
two。 Install bind on the sub-domain server and change the configuration file and add the parsing library.
[root@localhost~] # yum install bind-y # Sub-domain server installation
[root@localhost~] # vim / etc/named.conf
/ / Provided by Red Hat bind package to configure the ISC BIND named (8) DNS
/ / server as a caching only nameserver (as a localhost DNS resolver only).
/ /
/ / See / usr/share/doc/bind*/sample/ for example named configuration files.
/ /
Options {
Listen-onport 53 {127.0.0.1; 192.168.0.103;}; # add the address of the host communicating with the outside
Listen-on-v6port 53 {:: 1;}
Directory "/ var/named"
Dump-file "/ var/named/data/cache_dump.db"
Statistics-file "/ var/named/data/named_stats.txt"
Memstatistics-file "/ var/named/data/named_mem_stats.txt"
/ / allow-query {localhost;}; # disable local queries only
Recursionyes
Dnssec-enableno; # changed to no
Dnssec-validationno; # changed to no
.
[root@localhost~] # service named start
Generating/etc/rndc.key: [OK]
Start named:
[root@localhost~] # vim / etc/named.rfc1912.zones # Edit configuration file and add parsing library
Zone "cdn.magedu.com" IN {
Type master
File "cdn.magedu.com.zone"
}
[root@localhost ~] # vim / var/named/cdn.magedu.com.zone # Edit parse library data
$TTL3600
$ORIGINcdn.magedu.com.
@ IN SOA ns1.cdn.magedu.com. Nsadmin.cdn.magedu.com. (
2017060601
1H
10M
1D
2H)
IN NS ns1
Ns1 IN A 192.168.0.103
Www IN A 192.168.0.10
[root@localhost~] # chgrp named/ var/named/cdn.magedu.com.zone # modify the subordinate group to named
[root@localhost~] # chmod o = / var/named/cdn.magedu.com.zone # modify others without permission
[root@localhost~] # rndc reload
Serverreload successful
Testing using dig
[root@localhost~] # dig-t A www.cdn.magedu.com @ 192.168.0.103
Define forwarding
[root@localhost~] # vim / etc/named.rfc1912.zones # Edit configuration file to add zone forwarding
Zone "magedu.com" IN {
Type forward; # define forwarding
Forward only; # forward only
Forwarders {192.168.0.104; 192.168.0.150;}
}
[root@localhost~] # named-checkconf # check
[root@localhost~] # rndc reload # overload
[root@localhost~] # dig-t A www,magedu.com @ 192.168.0.103 # Test child domain resolution parent domain
; DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6_9.2-tA www.magedu.com @ 192.168.0.103
;; global options: + cmd
;; Got answer:
;;-> > HEADER
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.