Shulou(Shulou.com)06/03 Report--

DNS query mode:

Recursive query:

When the DNS server receives the query request, it either makes a successful response or a failed response. The recursive query usually occurs between the DNS client and the DNS server.

Iterative query:

The DNS server responds with the best results based on its own cache or zone data, and if the DNS server cannot parse, it may return a pointer to the DNS server with the next level of domain name, and then continue the process. Iterative queries typically occur between DNS servers.

The configuration file specifies:

Let's analyze the format and meaning of the magedu.com forward area data file we have set:

As you can see, the content of the area data file is very simple.

The first line is a TTL setting that defines the macros for each record in the area data file. The absence of this line does not affect usage, but a warning message appears.

The second line is the setting of a SOA record, and the "@" represents the corresponding domain name, that is, in / etc/named.rfc1912.zones, as shown here, magedu.com,IN indicates that the subsequent data uses the Internet standard. SOA indicates that the current regional authorization begins. Each zone data file can have only one SOA, cannot be repeated, and must be the first "record" in the responsible zone. After the SOA, specify the authorized host name of the zone and the mailbox of the manager, respectively.

Note: there must be a "." after the authorized hostname and the administrator mailbox. Because "@" has other meanings in the zone data file, "." is used in the administrator's mailbox address. " Instead of the @ symbol.

The next five sets of numbers in parentheses are set as server synchronization information, which means as follows:

The first paragraph represents the modified version of the configuration file in the format of the year, month, day, plus the number of changes, and this value should be modified each time the configuration file is modified, because this value is compared when DNS synchronizes the information. If this value is larger than its own, update it, otherwise ignore the update. (this setting is important. If the value is not updated after modifying the zone data, the changes will not be synchronized to other DNS servers.)

The second paragraph indicates the interval time used to set the synchronization of the DNS server, also known as the refresh time. Notify only all hosts that define NS records in the parse library file in this area

The third paragraph indicates the interval between retries after a failed synchronous update.

The fourth paragraph indicates how long it will take to clear the corresponding record, also known as expiration time, after the synchronous update fails.

The negative TTL value in the fifth paragraph

Next is the specific settings for domain name resolution. The first column represents a different host domain name, but omits the following domain information (if blank means the same as the above domain name). For example, "www" actually means www.magedu.com, etc. The meaning of the instruction after "IN" is as follows:

NS: used to define that the host is a domain name server and a zone name

MX: define the mail server. You need to define the priority here! The exchange level defined here is 10

A: defines an A record, that is, the record from the domain name to IP

CNAME: defines an alias for the domain name

The relationship between DNS profiles:

The main DNS server is built:

Environment description: two virtual machines (one server and one client) in the same network segment, and shut down iptables and Selinux.

Server-side configuration:

Install the software (bind)

Modify the main configuration file: (/ etc/named.conf)

Modify the zone file: (/ etc/named.rfc1912.zones)

Modify and edit the data file:

Edit the cwy.localhost file:

Edit the cwy.empty file:

Start the service:

Client-side authentication (to add the client's DNS as the IP of the DNS server):

two。 Build from the DNS server:

Install the bind software:

Modify the main configuration file:

Modify the area file:

Client authentication (set NDS to the IP address of the slave DNS server):

Build 3.DNS cache server: (since the main DNS server has been set up, you only need to open another virtual machine to configure the cache server)

Client authentication: (set the client's DNS to the IP of the DNS cache server)

4. Separate and resolve the DNS server to build:

Environment preparation: three virtual machines (one intranet client (VMnet11), one gateway server (eth0 (VMnet11), eth2 (VMnet12), one extranet DNS server (VMnet12))

Topology:

①, configure gateway server:

Native IP for three virtual machines:

Private network client IP:

Gateway Service IP:

Public network DNS server IP:

Add a gateway to the private network client and the public network DNS server so that each other can communicate with each other:

The two network segments can communicate with each other:

②, configure public network DNS server:

Modify the data file:

③, private network client verification: (specify DNS as the public network DNS server IP)

Public network client verification (specify DNS as the public network DNS server IP)

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.