Shulou(Shulou.com)06/01 Report--

This article is about how to understand DNS domain name resolution service and its configuration. The editor thinks it is very practical, so I share it with you. I hope you can get something after reading this article. Let's take a look at it.

I. background

By the late 1970s, ARPAnet was a small, friendly network with hundreds of hosts. All you need is a file called HOSTS.TXT to hold all the host information you need to know: it contains the name-to-address mapping (name-to-addressmapping) of all hosts connected to ARPAnet.

HOSTS.TXT files are maintained by SRI's Network Information Center (Network Information Center, referred to as NIC) and distributed to the entire network from a host SRI-NIC. The administrator of ARPAnet usually notifies NIC by email and periodically FTP to SRI-NIC to get the latest HOSTS.TXT file.

But with the growth of ARPAnet, this approach no longer works. Changes to each host result in changes in the HOSTS.TXT, causing all hosts to go to the SRI-NIC to get the update file. When ARPAnet adopted the TCP/IP protocol, the number of hosts on the network grew explosively, resulting in the following problems:

Traffic and load:

Name conflict:

Consistency

II. Introduction to DNS

DNS (Domain Name System, Domain name system), a distributed database on the World wide Web as a mapping between domain names and IP addresses, can make it more convenient for users to access the Internet without having to remember the IP strings that can be read directly by the machine. The process of getting the IP address corresponding to the domain name through the domain name is called domain name resolution (or hostname resolution). DNS protocol runs on top of UDP protocol, using port number 53. In RFC documents, RFC 2181 has specification for DNS, RFC 2136 for dynamic updates of DNS, and RFC 2308 for reverse caching of DNS queries.

3. DNS data structure

3.1 DNS record type

The correspondence between a domain name and IP is called "record". According to the purpose of use, it is divided into different types. Common DNS record types are as follows:

A: address record (Address), which returns the IP address pointed to by the domain name.

NS: domain name server record (Name Server), which returns the address of the server where the next level of domain name information is saved. The record can only be set to a domain name, not an IP address.

MX: message record (Mail eXchange) that returns the address of the server that received the e-mail.

CNAME: canonical name record (Canonical Name), which returns another domain name, that is, the domain name currently queried is a jump of another domain name.

PTR: reverse query record (Pointer Record), which is only used to query domain names from IP addresses.

3.2 how it works

The working process of DNS services

When the DNS client needs to query the name used in the program, it queries the local DNS server to resolve the name. Each query message sent by the client includes three pieces of information to specify which questions the server should answer.

The specified DNS domain name, represented as a fully qualified domain name (FQDN).

The specified query type, which can specify resource records based on the type, or as a specialized type of query operation.

Specified category of the DNS domain name.

For DNS servers, it should always be specified as an Internet category. For example, the specified name can be a fully qualified domain name of the computer, such as im.qq.com, and the specified query type is used to search for address resource records by that name.

DNS queries are parsed in a variety of ways. Clients can sometimes answer queries in place by using cached information obtained from previous queries. The DNS server can use its own resource record information cache to answer the query, or it can query or contact another DNS server on behalf of the requesting client to fully resolve the name and then return the reply to the client. This process is called recursion.

Alternatively, the client itself can try to contact another DNS server to resolve the name. If the client does this, it uses independent and additional queries based on server responses, a process called iteration, that is, interactive queries between DNS servers are iterative queries.

The process of DNS query

IV. DNS installation

YUM installation

Yum install bind* caching-nameserver

Source code installation

Tar zxvf bind-9.6.1.tar.gzcd bind-9.6.1./configure-prefix=/usr/local/bind9-sysconfdir=/etc/named/-enable-threads-disable-chroot-disable-ipv6make & & make install

Configure environment variables

Vim / etc/profile.d/bind.sh

Append the following lines

Export PATH=/usr/local/bind9/bin:/usr/local/bind9/sbin:$PATH

View of help documents

Man-M share/man/ namedvim / etc/man.config

Append the following lines

MANPATH / usr/local/bind9/share/man

DNS single point configuration

# modify / etc/named.conf listen-on port 53 {any;}; directory "/ var/named"; dump-file "/ var/named/data/cache_dump.db"; statistics-file "/ var/named/data/named_stats.txt"; memstatistics-file "/ var/named/data/named_mem_stats.txt"; allow-query {any;}; recursion yes # (here, what is done is dns forwarding, which is forwarded to 114.114.114.114 when the local server cannot resolve the domain name on the public network) forwarders {114.114.114.114;}; # configuration / etc/named.rfc1912.zones zone "test.com" IN {type master; file "test.com.zone";; zone "40.168.192.in-addr.arpa" IN {type master File "40.168.192.in-addr.arpa.zone";}; # test.com.zone configuration file $TTL 600 @ IN SOA ns.test.com. Root.test.com. (201810131834; serial 300; refresh (5 minutes) 60; retry (1 minute) 604800; expire (1 week) 3600 Minimum (1 hour) @ IN NS ns.test.com.ns IN A 192.168.40.105mail IN A 192.168.40.103 rhl IN A 192.168.40.102 # 40.168.192.in-addr.arpa.zone profile $TTL 600 @ IN SOA ns.test.com. Root.test.com. (201810151834; serial 300; refresh (5 minutes) 60; retry (1 minute) 604800; expire (1 week) 3600 Minimum (1 hour) @ IN NS ns.test.com. 103 IN PTR mail.test.com.

Master-slave synchronization of DNS

1) Master server configuration

# modify / etc/named.conf options {listen-on port 53 {any;}; directory "/ var/named"; dump-file "/ var/named/data/cache_dump.db"; statistics-file "/ var/named/data/named_stats.txt"; memstatistics-file "/ var/named/data/named_mem_stats.txt"; allow-query {any;}; recursion yes # (here, what is done is dns forwarding. When the local server cannot resolve the domain name on the public network, forward it to forwarders {114.114.114.114;}; # configure / etc/named.rfc1912.zones zone "test.com" IN {type master; file "test.com.zone"; allow-update {none;}; # from the server address allow-transfer {192.168.40.170 }; notify yes;}; # reverse parsing zone "40.168.192.in-addr.arpa" IN {type master; file "named.192.168.40"; allow-update {none;}; # allow-transfer {192.168.40.170;}; notify yes;} from the server address

2) configuration of slave server

# modify / etc/named.conf options {listen-on port 53 {any;}; directory "/ var/named"; dump-file "/ var/named/data/cache_dump.db"; statistics-file "/ var/named/data/named_stats.txt"; memstatistics-file "/ var/named/data/named_mem_stats.txt"; allow-query {any;}; recursion yes Forwarders {114.114.114.114;}; # configure / etc/named.rfc1912.zones zone "test.com" IN {type slave; file "slaves/test.com.zone"; # set the address of the primary dns server masters {192.168.40.105;}; allow-update {none;};}; zone "40.168.192.in-addr.arpa" IN {type slave File "slaves/40.168.192.in-addr.arpa.zone"; masters {192.168.40.105;}; allow-update {none;};}

DNS profile check

# check the main configuration file named-checkconf # check the domain name profile named-checkzone test.com / var/named/test.com.zone # Test forward resolution dig-t A rhl.test.com @ 192.168.40.105 # Test reverse resolution dig-x 192.168.40.103 @ 192.168.40.105 is how to understand the DNS domain name resolution service and its configuration The editor believes that there are some knowledge points that we may see or use in our daily work. I hope you can learn more from this article. For more details, please follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.