Windows2000 DNS Technical Guide 6

zhaozj2021-02-08  213

Chapter 6 and Internet Services Suppliers Cooperatives This chapter includes: • Registered domain names on i N t e R n e t. • General considerations for ISP domain names, a discussion about whether I S is can provide your company's services. • How to connect to the setting server. How to organize them after getting all the requirements? • Change the domain name server. When some case changes, such as company migration or I S P changes, it usually means changes in the I P address. 6.1 The registration domain name on I N t e R N e t is first connected to I N t e R n e t, how can it be known or found by an outside world? A good domain name should be clear and easily found by the outside world. Many companies choose the abbreviations of their company names as domain names or choose phrases related to their career. With the rapid growth of I N t e R n e t in the past few years, it has become a headache problem that is a headache that has not been registered. In general, carefully confirm those names you think like before using the INTERNIC WHOIS record. For those who are not familiar with the W H O I S database, I N t e R N i c provides a set of mechanisms to check the availability of domain names before submitting registration requests. When querying the W H o I s database, one of two responses can be basically obtained. The first response is the details of the owner of the query domain name, which is not the answer to those who register a new domain. The second response will give a "No Match for Domain.org (D Omain. O RG no match), which means that the domain name you entered in the query is available. At this time, you should reserve or register this. domain name. Recently established a new general top domain name (G T L D), reducing the burden on finding a unique domain name. These new generic top-level domain names are:. C C ,. a R T s,. F i r m ,. n o m ,. I n f O ,. R e c, w e b, and. S h o p. These generic top-level domain names and already existing. G o v ,. e d u ,. O RG ,. C O m, and. N e t gives users more space, making more names available. In the past, when you registered the domain, even if you didn't pay, this domain will reserve 9 0 days. If the registered domain is what you want, you can pay permanently belong to yourself. Now there are several ways to register a domain name. You can of course use many people to use NetWork Solutions for so many years to register the domain. Or choose a domain name registrant. No matter which method, the registration process has not changed, but now you can use the subscription domain name, and you don't need to provide information on the domain name server. This basically gives you the name until you finalize whether it is used. The reservation domain usually takes a little more money than simple registration, because the registration office has actually registered this domain and retains its management privilege until you decide to use it, this requires a common expense. The author has heard that there is no additional fee when booking a domain in some places (such as the UK), but I have never encountered this situation. Another change is that most registration requirements pay first in a subscription or register a domain name. For more information on the registration process, see Appendix D. 6.2 General consideration of ISP services I N t e R N e t service provider (I S P) is an intermediary that many businesses are connected to I N t e R n e t. In the past, many companies, especially without M I s administrators, or not support M i s administrators, generally provided domain name server services (charges) by I S P. If it is managed by the I SP P server, the company can choose to set the secondary server locally.

The auxiliary service device can also provide authorization information and enable the company's confidence I S P released to correct information, and information get a timely update (because the secondary server can obtain a copy of the domain area information). You can also choose to set up only one simple cache domain name server to improve the performance of common domain queries through a local cache. Both settings can alleviate network management issues and workloads of this company, but they have to rely on I s P when changing information needs to be changed. Enterprises can also run their own primary domain servers, which does not require a lot of workload. In Windows 2000, this is basically a necessary condition that Wi N D O W S service can work correctly. In this case, I SP may provide a single auxiliary server to provide certain redundancy when it is faulty. This approach has a number of benefits, one of which is this company can arrange and achieve changes in setting, without the need to use I s P. Even when you disconnect the connection with I N t e R N e t, it also allows the outside world to parse the host name in your domain. This is especially important for services such as email, because if the server is unreachable, you can't send emails, but it will queue wait for a while to retransmit, if your mail server can't be parsed, the message will be returned to the sender, And returns a message that "don't know" user or (and) domain. In an ideal case I S P will allocate and authorize to a business continuous I P address, "Authorization" is here that partitioning a continuous address in the I n -A D R (I N T E R N e t address) domain to the enterprise. At this time, the company has the establishment of its own network, setting up a domain name server and the freedom to publish the domain name it wants to register. If this company is large enough, it may be required to obtain a network number assignment from A R I N (US I N T E R N E T Num Registration, and complete the registration of the I n -a D R domain without I S P domain. However, there are some problems with all the situations mentioned above. A simple fact is that if I s P manages your D n S server, what kind of security measures provide to protect your domain area data? What kind of domain data needs to be released? Even when you manage D n s servers, how to limit the number of access to your information? In Wi N D O W S2 0 0 0, the result is such that many sensitive information must be released by D N S. Active directory and domain controller's name and address are just given, are these really what you want all people can access? If it is my network, you can't do this! Chapters 9 and 1 0 will answer many questions. Of course, all of this relies on the structure of the company and the strategy established in I S P. It is recommended that if you have managed resources, the services in the network should take as much control as possible. If you control your own network, there will be no difficulties when configuring changes, and you can strengthen your own strategy by considering security issues and allowing the published content. But you may also be opposed by I s p. Some I s p relive to authorize a piece of I P to you and allow you to run your own server. If this is the case, it is to consider replacing the I s P. 6.3 Get an online and setup server now, you have already registered your own domain, get the connection to I N T E R N e t, and some basic decisions for your network architecture, it is already when it is time to start building a server. I hope that you are arranged through I s P to provide your own domain name service, which means your primary server has been established. You also need to decide whether you need to create a local or remote auxiliary server. The first step in deciding these needs is to review the construction of the company and the network architecture used to provide data communication. How many domain name servers and how they are placed may also complicate network security policies.

Domain name server needs to work through a firewall? How many routers or multi-wide bandwidth connections need to be used? What is the connection speed of the wide area network to be used? Are all WAN's connection to dialing? Also, how much is the company, how many subfields needed? The following list can help you do these work: 1) Establish a service agreement with I S P. Chapter 6 and I N t e R N e t service provider cooperation 65

• Gossip I N t e R n e t online connection. • Get allocated I P addresses. 2) Establish your network and conduct basic connection tests (routing and protocols) • Ensure that the PING IP address command can be used to reach I N t e R n e t. • Ensure that you can reach the remote site with T E L n e t / f tp and by detecting data throughput. 3) Establish your domain service with a primary D N S server and at least one secondary server (or forward server, multiple primary servers). 4) Register the host you want to register on the new domain name server. 5) Complete the domain registration of your business, including the latest registered host. 6) The database (domain area) of your D N S server with the required data. 7) Fully detection to ensure that it works normally, it is best to perform through a remote site (using L O O K u P, selecting a remote domain name server to query your domain). 8) Consider your security problem, because you are already "online". For a small business that has just started, a single domain is sufficient and it is easy to manage. If it is a larger company and is scattered in geographic location, whether it is divided by department or by region, it is a good idea. Site with firewall must consider design problems. Do you need to "smash" on the firewall to open a hole to pass the message of the domain name server directly? Establish and maintain two separate domain name servers (one outside the firewall, within a firewall), or the external domain name server as a secondary server for this domain? If D N S using "Split (S P L i T - B R A I N)" is used (this is because the main domain server exists inside and outside the firewall), the external domain name server only publishes the host of the company that wants to see the enterprise to see. The internal primary server maps all hosts in the domain, but is set to get the host to the external D n S to get the host of this domain (domain zone). The internal master server is also set to the slave server of the external primary server, thereby ensuring the concealedness of the internal host to I N t e R n e t. If you decide to manage a part of your D N S by I s P, the primary server that is set to the domain in the field may be a good suggestion, but only the host you want to open, which mitigates the burden of maintaining multiple separate primary servers. Geographically scattered companies often have multiple routing connections between different office. If the entire enterprise uses the Windows 2000 operating system, it is likely to provide domain names by the remote controller. The use of the Active Directory makes the usage of the remote domain server becomes simple because all domain name servers issues the same shared information provided by the active directory. If not the entire enterprise uses Windows 2000. Then the company's message mode is to be detected to determine how much percentage packets is to the internal host and how much is external. If most of the packets are for internal hosts, the remote branch is a wise choice to use the server. After each remote division is used for the secondary server, most domain name queries can be distributed to the local server. Chapter 9 and Chapter 1 0 discusses detailed descriptions and implementation of these issues. 6.4 Making a domain name server Change a domain name server should not change its I P address, but sometimes it is necessary. For example, I SP of your public D N S may change. The change in the host I P address is actually very simple, but it must be reasonably planned to prevent the system from crash before changing. If you have to change the I P address of a domain name server, you must follow a range of simple but very important steps. If the domain name server is registered on i n t e R N i C, the new I P address information must be submitted to I N TE R n i c via "Host Modify Template". If it is a primary server, modify the template is especially important. If your company migrates to a new 66 first part of understanding domain name system

转载请注明原文地址:https://www.9cbs.com/read-3320.html

New Post(0)