Shulou(Shulou.com)06/02 Report--

DNS (Domain Name System, Domain name system), a distributed database on the Internet as a mapping between domain names and IP addresses, can make it more convenient for users to access the Internet without having to remember the IP strings that can be read directly by the machine.

Experimental requirements: realize the DNS architecture that simulates the Internet from the root and com,magedu.com.

First of all, we need to plan the experimental environment, including the steps of the experiment.

1) Experimental environment (preferably drawing and presentation, which can make the train of thought clear)

A) ip address

B) system version (I use Centos7 here)

C) Software version (using the version in the Centos7 CD, the default should be bind-9.9.4)

2) the idea of experimental steps

A) set up the root server and copy the information from the root server to all other servers

B) set up com server, magedu.com server, www.magedu.com host

C) build operator servers

D) configure the client DNS to point to the operator server

E) client parses the www.magedu.com host

Client-(dns pointing)-> operator-(/ var/named/named.ca)-> Root Server-(/ var/named/named.ca)-> com Server-(com.zone)-> magedu.com Server-(magedu.com.zone)-> www.magedu.com Host

Experimental environment:

Root server:

Name:rootdns

IP:192.168.99.60

Com server:

Name:comdns

IP:192.168.99.61

Magedu.com server:

Name:mageducom

IP:192.168.99.62

Www.magedu.com host:

Name:wwwmageducom

IP:192.168.99.63

Service provider DNS Server:

Name:dxdns

IP:192.168.99.64

Client:

IP:192.168.99.65

DNS:192.168.99.64

Server configuration:

Configuration of the root server

1. Modify the host name (due to the need for more machines, it is easy to identify)

[root@dns ~] # hostnamectl set-hostname rootdns

[root@rootdns ~] #

2. Configure the network interface

[root@rootdns ~] # vim / etc/sysconfig/network-scripts/ifcfg-eno16777736

DEVICE=eno16777736

ONBOOT=yes

BOOTPROTO=static

IPADDR=192.168.99.60

PREFIX=16

3. Clear the firewall

[root@rootdns] # iptables-F

4. Install bind

[root@rootdns ~] # yum install-y bind

5. Edit the DNS master file

[root@rootdns ~] # vim / etc/named.conf

/ / listen-on port 53 {127.0.0.1;}

/ / allow-query {localhost;}

If you do not modify it, you will only listen on 127.0.0.1 by default and can only query from this machine. It is recommended to comment out the above two lines.

Dnssec-enable no

Dnssec-validation no

The yes of the above two items is changed to no. These two yes use encryption and signature to ensure the communication security of the DNS server. Since we do not use them, it must be changed to no, otherwise the subordinate DNS cannot communicate with the superior DNS.

Zone "." IN {

Type master

File "named.ca"

}

Modify the type of root: hint-- > master

6. Rewrite the parsing file / var/named/named.ca of the root

[root@rootdns ~] # cd / var/named/

[root@rootdns named] # echo > named.ca## clear the original data

[root@rootdns named] # vim named.ca## can be entered manually or modified according to the template under / var/named/

$TTL 1D

. IN SOA dns.root. Admin.root. (1 1D 1H 1W 1D)

. IN NS dns.root.

Dns.root. IN A 192.168.99.60

Com IN NS dns.com.

Dns.com. IN A 192.168.99.61

[root@rootdns named] #

7. Check the syntax of the configuration file for errors

[root@rootdns named] # named-checkconf

[root@rootdns named] # named-checkzone. Named.ca # # check the root DNS configuration file

Zone. / IN: loaded serial 1

OK

[root@rootdns named] #

8. Start the root server

[root@rootdns named] # systemctl start named

[root@rootdns named] # ss-tnlp## to check whether the port is started. Default is port 53.

9 、. The server uses dig locally to detect the parsing effect.

[root@rootdns named] # dig dns.root.

; DiG 9.9.4-RedHat-9.9.4-29.el7 dns.root.

;; global options: + cmd

;; Got answer:

;;-> > HEADERHEADERHEADERHEADERHEADERHEADERHEADERHEADERHEADERHEADER

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.