Shulou(Shulou.com)06/03 Report--

Forward parsing:

1 download the software package bind (based on Epel source)

Start the service (the service name is named). The dns service has two ports, port 53 of udp and port 53 of tcp, in which the tcp53 port is used to synchronize the slave server, and the udp53 port not only has the responsibility of synchronizing the slave server, but also provides external dns resolution service.

To allow other machines to access our configured dns server, modify dns's main configuration file / etc/named.conf

Through the previous step, other hosts can point the address of dns to the local machine, and the local machine can provide dns services.

2 generate domain name resolution library file

There are many domain name resolution library files included in the bind package in the / var/named directory, among which the named.ca file provides 13 roots (.) Address of the domain name server.

Create a file, but modify the file properties the same as the named.ca file, edit the content

The first line defines a global variable TTL. Represents the cache time of the DNS record. This value is the time that other domain names obtained from this domain name server store the data in the cache. 1D represents one day.

The second behavior SOA record (must be present and at the beginning). Domain authority record, indicating that the local server is the management server for the domain. @ represents the domain name of the domain. The definition of this domain name is stored in another file / etc/named.rfc1912.zones file. The second record value TTL can be omitted because the global variable is defined at the beginning. The third value is required in IN format, but it can also be omitted. The fourth value is the name of the host server in the current domain, and the system will automatically complete it without adding the domain name. The next one is the administrator's mailbox.

The first value in parentheses represents the version number of the database, which is used to synchronize the master and slave servers.

The second number represents the interval at which synchronization is actively requested from the server.

The third number represents the interval between which to synchronize again if the synchronization fails.

The fourth number indicates how long it will take to invalidate the data on the slave server if the synchronization continues to fail.

The fifth number indicates that if the user has been requesting the cache validity period of some records that cannot be found on the local server

The third behavior domain name server record. There must be a local machine here, or you can add from a domain name server or a sub-domain name server

The fourth line of the domain name server must perform forward resolution.

The common A record of the fifth behavior

The sixth behavior alias. For example, web.tang.com. The alias is www.tang.com. When a user accesses the latter, it is equivalent to visiting the former.

There are also some common record types as shown below

3 modify domain file / etc/named.rfc1912.zones

Add Domain

Where tang.com is the domain name of the domain, master type is the authoritative domain name server, and the file is the library file just written.

Use named-checkconfig to check the syntax and restart the service.

Reverse resolution: (convert ip hostname + domain name)

Library file

Configuration file (/ etc/named.conf)

Domain file (/ etc/named.rfc1912.zones)

Add

test

Dig-x 192.168.38.1 @ 192.168.238.129

Result

Subdomain

On the parent dns machine

On a child dns server

Intelligent dns

Using view to realize Intelligent DNS

The function of intelligent dns is that when different hosts access the same address, the dns service will return the address closest to him according to the address of that host. Save bandwidth.

1 generate multiple library files in / var/named/

View the contents of the file

* bj

* sh

* other

2 restrict the host

Vim / etc/named.conf

If you use this method, you need to zone the contents of the last file in the file "." Delete. The format of the three domain files is referenced

Dns forwarding

One of the dns servers acts as the middleman, and if the client needs to obtain the dns itself, it returns the value to the client. If it does not have it, it forwards the request to another dns server, and the other dns service server returns the value to the middleman, and then the middleman returns the value to the client.

In the main configuration, when the value of forward is only, if the forwarded dns cannot be parsed, the man-in-the-middle dns server will no longer look from the root layer by layer, when the value is frist, on the contrary.

From the server

Lab: from the server

1 yum install bind

2 vim / etc/named.conf

/ / listen-on port 53 {127.0.0.1;}

/ / allow-query {localhost;}

Allowe-transfer {none;}

3 modify the configuration file and reference the above database file

Vim / etc/named.rfc1912.zones:

Zone "magedu.net" {

Type slave

Masters {masterip;}

File "slaves/magedu.net.zone"

}

4 configure on the primary server

Vim / var/named/magedu.net.zone

NS ns1

NS ns2

Ns1 A masterip

Ns2 A slaveip

5 configure on the primary server

Vim / etc/named.conf

Allowe-transfer {slaveip;}

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.