DNS and Bind Learn Notes 2

zhaozj2021-02-16  52

Take the DNS and Bind Learning Notes 1 in the evening.

6. Classification and distinction between name servers in Bind:

Authoritative - formal representative of a zone

Main Server: A primary name server in each zone saves a formal copy of this area data. SA changes zone data by editing this above data file. From the server: Each zone can have multiple slave servers (at least one), which acquires its data from the primary server via "zone transfer" operation. Store: Similar to from the server, it is not necessary, it is only loaded with NS records on the main server. Non-authoritative - read records from the cache to answer the query, maybe data has expired

Cache Name Server: Load some of the addresses of some root servers from a file, and then accumulate its rest by cache the answer from each query it analyzes. It doesn't have data itself. Recursive - the name server either recursive or not. The meaning of recursive is if it can't answer your query, it will query yourself to the upper level, know the result (real results or wrong messages). Non-recursive - if it can answer for your query, it will provide the correct response, otherwise it will return the authoritative server that it is recommended to know the correct answer. The client must be prepared to accept and operate these recommended servers.

7. What is the way DNS work?

Named query uses UDP protocols and port 53. The response returns via UDP, unless they are more than 512K, this situation uses TCP. The "zone transfer" between the servers use TCP.

Entrust: All name servers know the root server. And the root server knows GTLD, follow this chain into this chain, EDU knows Fuan.edu, COM knows China.com ... Example: Suppose I want to query the machine's marco.comp.fudan.edu machine cs.military.china.com, where the query is prior to, in addition to the name of the root server and IP addresses, there is no cache that requires any information. The order is like this (host Marco asked its local name server ns.comp.fudan.edu, and ns.comp.fudan.edu is a recursive name server, so it will replace host Marco to query. Because it doesn't know This address is not known about military.china.com or china.com or even know any information. However, it knows some of the server, the root domain knows about .com, so send reference to nscomp .fudan.edu, the local name server then sends the query to .com, return to China.com's recommendation, and repeatedly send queries to China.com, return to the recommended Military.china.com server, so military.china.com For this query information is authoritative and returns the address of the CS. This completes the entire process, oh, no, there is a little, ns.comp.fudan.edu will tell the cache's address in this process, at the same time Cacked the server list of .com, china.com, military.china.com. Cache and efficiency: Cache mechanism can only be used with affirmation in the past, if the host name cannot be found, this actual situation The RFC 1034 and RFC2308 will define and upgrade the solution for negation telling the cache. It is an optional function in bind8.2, and it has become a must-select feature. It will save the negative type. Answer (where the first two negative data type cache time is 1-3 hours, other types of cache 5 minutes): Do not match the host or domain that matches the name of the query, the host does not exist if the server to query the server unresponsive server During the network problem, the server is unreachable to extended DNS protocol: At the end of the 1990s, EdNS0 (Extended DNS, Version 0) solved some of the shortcomings of the DNS protocol in today's Internet. It allows spots to announce their assembly buffers, support Options and Communication Protocol Versions. If the recipient's name server is a response with an error message, the sender returns to the use of the original DNS protocol. Bind9 implements Edns0 in the server and parser. ^ _ ^.

Ok, I will finish here today, sleep first ~~~ The happiest thing in life is coming. Ha ~~~

转载请注明原文地址:https://www.9cbs.com/read-18981.html

New Post(0)