Under Linux DNS Server Elimination Foundation

xiaoxiao2021-03-06 107

This article Word Time: 2002.9.29os: Redhat Linux 7.3dns: BIND 9.2.0

First look at theory

If you haven't mastered the DNS theory, then read the section carefully. Otherwise, you can see the next section.

RFC documentation:

[1032] Domain administrators Operations Guide [1034] Domain name - Concepts and facilities [1035] Domain names - Implementation and Specification

DNS overview

The DNS has three main parts, namely domain name space, resource record and name server.

Domain Name Space and Resource Records: It is the namespace of the tree structure and the specifications of the data associated with the name. Usually each node and leaves of the domain name space tree are collective of some information, and the query operation tries to get specific information. A query names the domain name of interest and describes the type of resource information that is desired For example, the Internet uses some of its domain names to identify hosts; queries for address resources return Internet host addresses Name Service (NAME SERVERS)..: It is a server program for managing a tree structure and information of a domain name. A nameserver may cache structure or set information about any partof the domain tree, but in general a particular name serverhas complete information about a subset of the domain space, and pointers to other name servers that can be used to lead toinformation from any part of the . domain tree name serversknow the parts of the domain tree for which they have completeinformation; a name server is said to be an AUTHORITY forthese parts of the name space Authoritative information isorganized into units called ZONEs, and these zones can beautomatically distributed to the name. servers which provideredundant service for the data in a zone.- RESOLVERS are programs that extract information from nameservers in response to client requests. Resolvers must beable to access at least one name server and use that nameserver's information to answer a query directly, or pursue thequery Using referrars to other name servers. A Resolver WillTypically Be a system routine That IS Directly Accessible Touser Programs; Hence No Protocol Is Necessary Between Theresolver and The User Program. Domain Name Space and Resource Record

A domain name occupies a node. There is a collection of resource information on each node, which can be empty. The resource information collection is composed of resource records. The order in the collection in the collection is meaningless, and the AND NEED NOTBE PRESERVED by Name Servers or Resolvers Or Other Parts of The DNS. A resource record has the following elements:

Owner: The domain name of the resource record. TYPE: It is a 16-bit encoded value to illustrate the type of resource in this resource record. Resource types include: A, CNAME, HINFO, MX, NS, PTR, and SOA. Class: It is a 16-bit encoding value to indicate the protocol. The value is IN and CH, which represents Internet System and Chaos System. TTL: RR's survival period. It is a 32-bit integer of a vaccine unit. RDATA: It is a data depends on Type to describe the resources, and sometimes depends on Class. The value is A, CNAME, MX, NS, PTR, and SOA. Area-zone

Domain name server

Bind configuration operation

Bind configuration types are: primary server, auxiliary server, pure cache server, and secret servers. The Bind domain name server introduced here is based on the RedHat-7.3 environment.

Bind-9.2.0-8 files in the RPM package, not including documentation:

The /etc/logrotate.d/named ,logrotate program is a log file management tool that deletes the old log file and creates a new log file. Logrotate is generally performed through a cron program. The logrotate program can also be used to compress log files, as well as send logs to specified e-mail. See the Logrotate's man page for more detailed content. /etc/rc.d/init.d/named, start or stop the script of domain service. /etc/rndc.conf, the domain name service control tool RNDC configuration file. /etc/rndc.key, / etc / sbinfig / named, / usr / sbin / dns-keygen, / usr / sbin / dnssec-keygen, generates a key for security domain service, and see RFC 2535 for security domain name services. / usr / sbin / dnssec-makekeyset, / usr / sbin / dnssec-signkey, / usr / sbin / dnssec-signzone, / usr / sbin / lwresd, a lightweight parsed daemon. / usr / sbin / named, domain service daemon. / usr / sbin / named-bootconf, generate scripts for configuration files. / usr / sbin / named-checkconf, / usr / sbin / named-checkzone, / usr / sbin / rndc, domain name service control tool for replacing NDC. / usr / sbin / rndc-confgen, / var / named, / var / run / named,

Caching-Nameserver-7.2-1 files in the RPM package:

/etc/named.conf /var/named/localhost.zone /var/named/named.ca, named.ca file The role is to tell the server's root domain's address, this file rarely changes. This file can be downloaded from ftp.rs.internic.net by anonymous FTP, in the Domain directory, file name is named.root. /VAR/NAMED/NAMED.LOCAL

Pure Cache Server Configuration Instance

The pure cache server runs the domain name server daemon, but there is no domain name database. Each time it receives the query first to the cache, if you do not successfully go to the remote domain name server, save the found result in the cache.

Related documents:

/etc/named.conf /var/named/named.ca /var/named/named.local The following is an example of a /etc/named.conf configuration file:

Options {Directory "/ var / named"; forwarders {202.97.224.68; 202.97.230.4;};

Zone '.' {Type Hint; file "named.ca";}; zone '0.0.127.in-addr.arpa' {type master; file "named.local";

Forwarders tells the server, forward the query into the IP address it declares when the query is unsuccessful. Configuration file /VAR/NAMED/NAMED.LOCAL example:

$ TTL 86400 @ in SOA localhost. Root.localhost. (1997022700; Serial 28800; Refresh 14400; RETRY 3600000; Expire 86400); minimumin ns localhost.1 in Ptr Localhost;

Configuration file /VAR/NAMED/Named.ca example:

; This file holds the information on root name servers needed to; initialize cache of Internet domain name servers; (eg reference this file in the "cache ."; Configuration file of BIND domain name servers) ;; This file is. Made Available By INTERNIC Registration Services; Under Anonymous Ftp As; File /Domain/Named.Root; on Server Ftp.rs.internic.net; -OR- Under Gopher At Rs.NTernic.Net; Under Menu InterniTration Services (NSI) SubMenu InterNic Registration Archives; File Named.Root ;; Last Update: AUG 22, 1997; Related Version of Root Zone: 1997082200 ;;; formerly ns.internic.net; 3600000 in ns a.Root-Servers.Net.a . ROOT-Servers.Net. 3600000 A 198.41.0.4 ;; formerly ns1.isi.edu ;. 3600000 ns b.Root-servers.Net.b.Root-servers.net. 3600000 A 128.9.0.107 ;; Formerly C. PSI.NET ;. 3600000 ns c.Root-servers.Net.c.Root-servers.Net. 3600000 A 192.33.4.12 ;; formerly terminal.UMD.EDU ;. 3600000 ns d.Root-Servers.Net.d. Root-servers.net. 3600000 A 128.8.10.90 ;; formerly ns.nasa.gov; 3600000 Ns e.Root-servers.Net.e.Root-servers.Net. 3600000 ;; formerly ns.isc.org ;. 3600000 ns f.Root-servers.Net.F.Root-servers.net. 3600000 A 192.5.5.241 ;; formerly ns.nic.ddn.mil ;. 3600000 ns g.Root-servers.Net.g.Root-servers.Net.g.Root-servers.Net. 3600000 A 192.112.36.4; Formerly Aos.arl.army.mil ;. 3600000 ns H.Root-servers.Net.h.Root-servers.Net. 3600000 A 128.63.2.53 ;; formerly nic.nordu.net; 3600000 ns i.root-servers.Net.i.Root-Servers .NET. 3600000 A 192.36.148.17 ;; Temporarily Housed AT NSI (Intern); 3600000 ns j.Root-servers.Net.j.Root-servers.Net. 3600000 A 198.41.0.10 ;; Housed in linx, operated by Ripe ncc; 3600000 ns k.root-servers.Net.K.Root-servers.Net. 3600000 A 193.0.14.129; Temporarily Housed AT ISI (IANA);

. 3600000 ns l.Root-servers.Net.l.Root-servers.Net. 3600000 A 198.32.64.12; Housed in japan, operated by wide ;. 3600000 ns m.root-servers.net.m.root-Servers .NET. 3600000 A 202.12.27.33; End of File is a configuration method of a pure cache server, using RNDC or directly starting the NAMED daemon, and the pure cache server will start working.

Main Server Configuration Instance

The primary server is an authorized source for all information about the domain. It is loaded from the domain information created by the domain administrator and maintained locally. Use "Test.com" as an example.

Related documents:

/etc/named.conf /var/named/named.ca /var/named/named.local /var/named/named.cy9.dq.cnpc.com.cn /var/named/named.10.61.132

Create or modify /etc/named.conf:// generated by named-bootconf.plOptions {directory "/ var / named"; / ** if there is a firewall badween you and names, you might new to uncomment the query-source * directive below Previous versions of BIND always asked * questions using port 53, but BIND 8.1 uses an unprivileged * port by default * /// query-source address * port 53;..}; // / / a caching online {inet 127.0.0.1 allow {localhost;} keys {rNDCKEY;};}; zone "." in {type hint; file "named.ca";}; zone "localhost" in {TYPE MASTER; File "localhost.zone"; allow-update {none;};}; zone "0.0.127.in-addr.arpa" in {type master; file "named.local"; allow-update {none };}; zone "cy9.dq.cnpc.com.cn" {TYPE MASTER; file "named.cy9.dq.cnpc.com.cn";}; zone "132.61.10.in-addr.Arpa" {TYPE MASTER; File "Named.10.61.132";}; include "/etc/rndc.key";

The zone 'Test.com' section in the file is declared that this is the primary server for the Test.com domain, which is loaded from the / var/named/named.test.com file. The zone in the file. 0.16.172.in-addr.Arpa 'segment is a file that maps the IP address 172.16.0. * To the host name. Data for this domain is loaded from the /VAR/NAMED/NAMED.172.16.0 file.

Create or modify /var/named/named.local $ttl 86400 @ in SOA localhost. Root.localhost. (1997022700; Serial 28800; Refresh 14400; RETRY 3600000; Expire 86400; minimum); ns lhpns.cy9.dq.cnpc. COM.CN.1 in Ptr Localhost. Note: Pay attention to add the serial value when modifying the named. * files. If you use an absolute domain name, don't forget the '.'

The @ character transition in the resource record is current domain Test.com. In indicates that the resource record uses TCP / IP addresses, SOA expresses the start record .ns.test.com. Is the standard name of this domain's main DNS server, after It is the contacted Email address, where @ characters must be used in '.'

Create /var/named/named.cy9.dq.cnpc.com.cn@ in SOA LHPNS.CY9.DQ.CNPC.com.cn. Root.lhpns.cy9.dq.cnpc.com.cn. (2000051500; Serial 28800; Refresh 14400; RETRY 3600000; Expire 86400; Minimum); NS LHPNSNS A 10.61.132.6Cyk1 A 10.61.132.6

Create /var/named/named.10.61.132@ in SOA LHPNS.CY9.DQ.CNPC.com.cn. Root.lhpns.cy9.dq.cnpc.com.cn. (2000051500; Serial 28800; Refresh 14400; Retry 3600000; EXPIRE 86400; Minimum); NS LHPNS10 in Ptr ns.cy9.dq.cnpc.com.cn.6 in Ptr Cyk1.cy9.dq.cnpc.com.cn.6 in Ptr lhp.cy9.dq.cnpc. com.cn.

Secondary server

The secondary server obtains a complete copy of domain information from the primary server. You can also answer the query about the domain. We use 'Test.com' as an example.

9cbs

New Post(0)