Linux Network Administrator Manual (2) Chapter 2 TCPIP Network Questions IP Address Subnet (Subnetworks) Domain Name Server Reso

zhaozj2021-02-11  208

Linux Network Administrator Manual (2)

2000-07-28 13:32

Publisher: NetBull Readings: 4825 Translation: Zhao Wei GoHigh@shtdu.edu.cn Chapter 2 TCP / IP network problem We will turn to discuss some details you will encounter, when you put your Linux machine These details are used when connecting to the TCP / IP network, which involves the IP address, host name, and sometimes routing issues. This chapter gives you the background information you need to understand your setting needs, the next chapter will discuss some of these tools involving these. 2.1 Network Interface To hide the differences of devices that may be used for network environments, TCP / IP define an abstract interface, access hardware through this interface. This interface provides a set of operations, which is the same for all hardware types and basically involves sending and receiving packets. For each peripheral device you want to use in the network, there must be a corresponding interface in the kernel. For example, the interface of the Ethernet in Linux is called ETH0 and Eth1, and the interface of SLIP is SL0, SL1, and the like. These interface names are used for configuration purposes, then you want to name a specific physical device to the kernel. In addition to this else. In order to use TCP / IP networks, an interface must allocate an IP address, and this address plays to its identification identification when communicating elsewhere. This address is different from the interface name mentioned above; if you make an interface to a door, then this address is like a brand name on the door. Of course, there may be some other device parameters to be set; one of them is the size of the maximum datagram that can be processed by a particular hardware, also known as maximum transport unit (Maximum Transfer Unit), or MTU. Other properties will be introduced later. 2.2 IP address As mentioned above, the address that IP network protocol understands is a 32-bit number. Each machine must allocate a number of numbers for the network environment. If you run a local network that doesn't have TCP / IP communication with other networks, you can assign these numbers according to your personal hobbies. However, for the site on the Internet, these numbers are assigned by a central authority, a network information center (Network Information Center, or NIC). [1] For easy reading, the IP address is decomposed into four 8-bit numbers called an octaclet group (OCTETS). For example, QUARK.PHYSICS.GROUCHO.EDU has an IP address of 0x954c0c04, which can be written into 149.76.12.4. This format is often referred to as a dotted quad noteation. [There is also a named DITTED Decimal Notation-Translator Note] Another reason for this representation is that the IP address can be divided into a network number included in the eight-bit group in the beginning (left) (Network " Number) and a host number (Host Number) included in the 8-bit group of the remaining (right side). When IP address follows NIC rules, it is not assigned an address for each host you want to use, but gives you a network number, and allow you to follow your preferences, on your network to give each host. All valid arbitrary IP addresses allocated within the network number. The host portion of the IP address can be large depending on the size of the network scale. In order to adapt to different needs, several types of networks are defined, and different segments of IP addresses are given. Class A Class A is constructed from 1.0.0.0 to 127.0.0.0. The network number is included in the first eight bit group. This provides a 24-bit host part, and each network allows approximately 1.6 million hosts.

Class B class includes networks from 128.0.0.0 to 191.255.0.0; the network number is composed of the first two octacular groups. This can have 16320 networks, and each network can have 65024 mains. The Class C Class C network ranges from 192.0.0.0 to 223.255.255.0. The network number consists of the first three eight-bit groups. There can be nearly 2 million networks, and each network can accommodate 254 hosts. D, E, and Class F address range from 224.0.0.0 to 254.0.0.0, used for testing or reserved to future use without assigning any network. If we refer to the example of the previous chapter, we found the address of the QUARK 149.76.12.4 corresponding to the 12.4 of the Class 149.76.0.0. You may have noticed that the main part of the above is not available for all values ​​of each eight-bit group. This is because the eight-bit group is the host number of the whole 0 or 255 is to use it. All the bit of the host part is the total address referenced to a network, and all the bit of the host part is the address of the full 1 1 is called the broadcast address. It also refers to all hosts on a network. Therefore, 149.76.255.255 is not an effective address, but refers to all hosts on the network 149.76.0.0. There are also two network addresses 0.0.0.0 and 127.0.0.0 are also retained. This first is called the default route, and the latter is called a loopback address. The default route is related to the way of IP routing datagram, which will be discussed below. Network address 127.0.0.0 Keep your internal IP communication in your host. Typically, address 127.0.0.1 will be used to a special interface assigned to the host, called a loopback interface, its behavior like a closed circuit. Any IP packet sent from TCP or UDP will return to them, as if this packet is just transferred from a web. This allows you to develop and test network software without having to use a "real" network. Another very useful application is when you want to use the network software on a single machine. This is not like sounding so rare; for example, many UUCP sites do not have IP connectivity, but still want to run the Inn News system. In order to work properly, INN needs to return to the interface. 2.3 Address analysis Now, you already know how IP addresses are formed, you may feel weird, how they use how different hosts are used in Ethernet. After all, the Ethernet protocol identifies the host with a value of six eight-bit groups that is completely different from the IP address, isn't it? Correct. That's why there is a mechanism for mapping an IP address to an Ethernet address. This is the so-called address resolution protocol, or ARP. In fact, ARP is not limited to Ethernet, which can also be applied to other types of networks, such as amateur radio enthusiasts, etc. The basic concept of ARP is looking for people in a 150-person population. Mr. X. AMPLE is the same: they surround the crowd, called his name, and be sure that if he is there, you will definitely answer. When ARP wants to find an Ethernet address corresponding to a given IP address, it utilizes the "broadcast" feature of Ethernet, at which point a datagram is simultaneously addressing all sites. The broadcast datagram sent by the ARP contains queries for the corresponding IP address. Each host compares the received IP with its own IP address, if consistent, returns an ARP response to the host that issues a query. The host that issues a query can extract the sender's Ethernet address from the response datagram. Of course, you will feel surprised that how can a host know that the majority of unclear Ethernet it can find the desired host? And why must it be Ethernet? These problems involve the operation called routing, that is, the physical location of a host is found on the network.

This will be the subject of the next section. At this point, let us discuss more ARP. Once a host discovers an Ethernet address, the host stores it in the ARP buffer so that the host will query its Ethernet address again when the next time I want to send the data to the host. However, permanently saving this information is unwise; for example, the Ethernet card on the remote host may be replaced due to technical problems. At this time, the registration item of ARP becomes invalid. In order to force another IP address query, the registry in the ARP buffer is therefore dropped after a period of time. Sometimes, you need to find an IP address corresponding to a given Ethernet address. This will have this situation when a diskless machine wants to boot from a server on the Internet, which is common in the LAN. However, a diskless customer actually does not have information about itself - except for your own Ethernet! So it mainly wants to broadcast a request boot server tells its IP address of its IP address. For this, there is another protocol, named Reverse Address Resolution Protocol, or RARP. Together with the Bootp protocol, it is used to specify the process of booting diskless stations online. 2.4 IP Routing 2.4.1 IP Network When you write a letter to someone, you will usually write a complete recipient address on the envelope, listing national, state and postal coding, etc. When you put the letter into the mailbox, the postal service will send it to the destination: it will be sent to the designated country, the country's postal service will distribute it to the right state and region, and so on. The advantage of this grading program is obvious: no matter where you send this letter, the local postman will probably know the direction of the letter to be delivered, but don't care what this letter is in the country of delivery. Way to deliver. The structure of the IP network is similar. The entire internet is composed of many exclusive networks called autonomous systems. Each such system performs various routing between its internal member hosts, so the task of distributing a datagram is simplified to find a path to the host network to the destination. This means that once the datagram is transmitted to any (ANY) host on that particular network, the network itself will have a further process. 2.4.2 Subnets This structure is reflected by dividing the IP address into a host portion and a network portion described earlier. By default, the destination network is derived from the network part of the IP address. Therefore, there is a host that the same IP network number is on the same network, it is also. [2] Use similar solutions inside the network equally reasonable, because it itself may have many smaller network composition, the smallest unit can be a physical network like Ethernet. Therefore, IP allows you to split an IP network into some subnets (SUBNETs). On the IP network belonging to the subnet, the subnet takes over the duty of the distribution of data to an IP address range. For Class C, Class B, or C., is determined by the network part of the IP address. However, it is now extended to extends the network part and also includes several ratios of the host part. The number of bits that are interpreted as subnet numbers are specified by values ​​called subnet mask, or a network mask (Netmask). This is also a 32-bit value, which specifies the bit mask of the IP address network portion. Figure 2.1 Campus Network of Class B is divided into subnet Groucho Marx University is an example of such a network. Its B network number is 149.76.0.0, and its network mask is 255.255.0.0. Internally, the GMU's campus network consists of several smaller networks, such as the local area networks.

Therefore, the IP address is divided into 254 subnets, 149.76.1.0 to 149.76.254.0. For example, the distribution of the theoretical physical system is 149.76.12.0. The campus main network itself is a network and gives the subnet number 149.76.1.0. These subnets share the same IP network number, while the third eight bit group is used to distinguish them. Therefore, they will use a subnet mask 255.255.255.0. Figure 2.1 shows the address of Guark 149.76.12.4 as an ordinary Class B network and how different explanations are used when using subnet technology. Subnet (as the technology claimed by the generated subnet) is only the internal division of the network and is not used. The subnet is generated by the owner (or administrator) of the network. Often, the establishment of subnets is to reflect existing physical (such as two Ethernet), managed (in two systems), or geographically bounded lines, and permissions on these subnets Authorized to some contacts. However, this structure only reflects the internal behavior of the network, which is completely invisible for external world. 2.4.3 Gateway subnet technology not only organizes the benefits, it is often the result of a natural hardware boundary line. On a given physical (actual) network, such as Ethernet, the host's communication range is limited: the host that can communicate directly with it is the host on its network. All other hosts can only be accessed by devices called gateways. The gateway is a host that simultaneously connects two or more physical networks and is configured between these networks. Since IP can easily recognize whether a host is on a local physical network, different physical networks require different IP networks. For example, the network number 149.76.4.0 is to reserve hosts on the local area network. When sending a datagram for QUARK, the network software on ERDOS immediately asked from IP address 149.76.12.4, and the destination host is on another different physical network, so you can arrive from a gateway (default is Sophus). . Sophus itself is connected to two different subnet: mathematics and campus backbone. It accesses these two subnets via different interfaces, Eth0, and FDDI0, respectively. Now, we have to assign it to the IP address? Do we want to give it an IP on the subnet 149.76.1.0 or 149.76.4.0 IP? The answer is: two must. When communicating with the host on the local area network, Sophus uses IP address 149.76.4.1, when communicating with the host online host, it will use ID address 149.76.1.4. Therefore, each network connected to the gateway must assign an IP address to the gateway. These addresses --- and the corresponding network mask --- is constrained on the corresponding interface, accessible can be accessed by the interface subnet. Therefore, Sophus interface and address mapping look like this: IFACE Address Netmask Eth0 149.76.4.1 255.255.255.0 FDDI0 149.76.1.4 255.255.255.0 LO 127.0.0.1 255.0.0.0 The last entry describes the return interface LO, this is It has been described above. Figure 2.2 Displaying some of the network topology map of Groucho Marx University (GMU). At the same time, there are two addresses on both subnet. Figure 2. Some network topology map of Groucho Marx University (GMU). In general, you can ignore the difference between the address is attached to the host or its interface.

For hosts only on one online, such as ERDOS, you usually just talk to the host with this address, although strictly, it is an Ethernet interface with this IP address. However, this difference is only important when talking about the gateway. 2.4.4 Routing Selection Table We now focus on how IP is selected using a gateway when the IP is set to use a gateway when it is distributed to a remote network. As we have seen, when sending a datagram for QUARK, Erdos checks the destination address and finds that it is not on the local network. ERDOS is therefore sent to the default gateway, Sophus, which is now basically facing the same task. Sophus noticed that QUARK is not on any network it directly connects, so it must find another gateway and forward the datagram through the gateway. The correct choice is to the physical system gateway niels. At this point, Sophus requires some information to link the destination network with the appropriate gateway. To this end, the route selection information used by the IP is basically a table, which connects each network to the gateway to which the network is to be connected. You must also provide an entries that capture all packets (default routes); this is a gateway related to network 0.0.0.0. All packets sent to unknown networks are transmitted by the default router. In Sophus, this table looks like this: NetWork Gateway Interface 149.76.1.0 - FDDI0 149.76.2.0 149.76.1.2 FDDI0 149.76.3.0 149.76.4.7 FDDI0 149.76.4.0 - Eth0 149.76.5.0 149.76.1.5 FDDI0 ... 0.0. 0.0 149.76.1.2 FDDI0 Route Directly connected to Sophus is a router; therefore they display the gateway entry as "-". Routing selection tables can be created by various methods. For small LAN, the router command constructs the routing table by manually using the router command when booting the host, and the approach to IP is usually most effective (see Chapter 5). For large-scale networks, they are established and adjusted through the routing background service program; they are running on the central host between the network and swap routing information between the member network to determine the "best" route. Different route selection protocols will be used depending on the network size. For routing (such as Groucho Marx Campus) in the autonomous system, use internal routing protocols. The most famous one is RIP, ie routing information protocol (or selection circuit information protocol), which is implemented by the BSD's ROUTED background program. For routing between autonomous systems, external routing protocol is used as EGP (External Gateway Protocol), or BGP (Border Gateway Protocol); these (and RIP) ) Has been implemented in the Gated background program of Cornell University. [3] 2.4.5 Metric Values ​​Based on RIP-based dynamic elevation (or routing) to select the best path to certain destination hosts or networks based on the "hop number", that is, a data report is reaching The number of gateways passed before. The shorter the path, the better the RIP performance. A long path for more or equal to 16 is seen as useless and is abandoned. To use RIP to manage routing information within your local network, you must run your Gated on all hosts.

When booting boot, Gated detects all active (in the running status) network interface. If there is more than one active interface (the return interface is not counted), you can assume that the host exchanges the packet between several networks and will actively exchange and broadcast routing information. Otherwise, the host is just passively receives any RIP update information and updates the local routing table. When the information in the local routing table is broadcast, the Gated calculates the length of the path from the value of the metric value associated with the routing table entry. This metric is that the system administrator is set to configure the route and should reflect the actual price of this route. Therefore, the metric of the route to the subnet directly connected to the host must be zero, and the measure of the route of the two gateways should be 2. However, when you don't use RIP or GATED, you don't have to worry about metrics. 2.5 Interconnection Network Control Packet Protocol IP has a companion agreement we have not discussed yet, which is the Internet control message protocol (ICMP) (ICMP), and the network code in the kernel is incorrect with other hosts and Other communication. For example, suppose you on ErDos and want to log in remotely (Telnet) to 12345 port on QUARK, but there is no process to listen to that port. When the first TCP packet reaches this port of the QUARK, the network layer in the host recognizes it and immediately returns an ICMP message to Erdos, indicating that the port is not arrogant. There are quite packets that can be understood by ICMP, many of which involve an error. However, there is a very interesting message called Redirect Message. It is generated by the Routing (Selection) module to detect that other hosts are generated as a gateway, although there may be a shorter route. For example, after the host boot, the routing table of Sophus may not be complete, and the route to the mathematics network and the route to the FDDI backbone, and the default route is the gateway (GCC1) of the Groucho computing center. Therefore, any packet sent to the QUARK will be sent to GCC1 instead of the gateway niels sent to the physical system. When such a datagram is received, GCC1 will notice that this is a poor route and will forward this packet to Niels, and return to Sophus to a ICMP redirect message tells it that this better route. Now, in addition to the most basic routes, this seems to avoid the clever way to manually set other routes. However, here is to give a warning, if you want to rely on the dynamic routing scheme of the RIP or ICMP redirection packet, it is not always a good idea. ICMP redirection and Rip are rarely provided or almost no choice for verifying whether a selection information needs permission. This makes it possible to interrupt your entire network, or worse. For this reason, some network code versions will affect the redirection of the network routing as only the host routing. 2.6 Domain Name System 2.6.1 Host Name Resolution As mentioned above, the address in the TCP / IP network is a number of 32-bit numbers, however, it is difficult to remember to remember. Therefore, usually hosts with "normal" name, such as GAUSS or STRANGE. At this time, find out the IP address related to the name is the responsibility of the program. This process is called Host Name Resolution. An application that wants to find the IP address of a given host is not necessarily to provide your own routine to find the host and IP address.

Conversely, it depends on several library functions that are obviously this work, called gethostbyname (3) and gethostbyaddr (3). Traditionally, these and some related processes are combined into a separate library called a resolver library; in Linux, these are part of the standard libc. It is popular that the collection of this function is thus referred to as "the resolver". Today, on a small network like Ethernet, or even a national Ethernet, the table that maintains a mapping host name to the address is not very difficult. This information is usually stored in file / etc / hosts. When adding or removing the host, or when the address is reassigned, what you want to do is to update the HOSTS file on all hosts. It is clear that when the network is not only consisting of a few machines, this will become a heavy burden. One solution for this issue is NIS, that is, the network information system developed by Sun Microsystems, is popular, or YELLOW PAGES. NIS stores the HOSTS file (and other information) on a database on a database, and the customer can retrieve the required information. However, this method only adapts to medium-sized networks such as a local area network because it involves centrally maintaining the entire host database and distributes it on all servers. On the interconnection, address information is originally stored in a hosts.txt database. This file is originally maintained by the Network Information Center, which is NIC, and all participating sites need to be downloaded and installed. When the network grows, this approach brings several problems. In addition to the overhead of the additional management of Host.txt regularly, the server load that distributes this library becomes too high. A more serious problem is that all the names must be registered in NIC, which must be determined that there is no rename. This is why a new name resolution scheme is adopted in 1984, that is, domain name system. DNS is designed by Paul Mockapetris while solving these two problems. 2.6.2 Enter the hierarchy of DNS DNS domain to organize the host name. One domain is a collection of sites related to some aspects --- Because they form a unique network (eg, all machines in the campus, all hosts on the BitNet), because they belong to a certain organization (just Like the US government), or because they are just close in the geographic location. For example, university is packet in the EDU field, each university or college uses a Subdomain, which contains the host under the subdomain. Groucho Marx University can give a Groucho.edu domain, a mathematical LAN designation as Maths.Groucho.edu. The host on the department network will have this domain name to attach to their host name; so Erdos is considered to be Erdos.maths.Groucho.edu. This is called full quaalified domain name, or FQDN, which uniquely identifies the host around the world. Figure 2.3 Some domain namespace. Figure 2.3 shows a part of the namespace.

The entrance to the root of this tree is represented by a point (Dot), which is very appropriately referred to as root domain and contains all other domains. In order to point out that a host name is a wholly-owned domain name, not a name related to a (implicit) local domain, sometimes written to an additional point. This means that the final component of this name is root domain. Depending on its position in the hierarchical structure, one domain can be referred to as the top layer, the second layer, or the third layer. It is also possible to divide the layered, but it is very good. You will often see the following top fields: EDU (mostly in the US) education institutions such as universities. COM business agency, company. ORG non-commercial organization. Often, private UUCP networks are in this domain. Gateway on the NET network and other management hosts. MIL US military agency. GOV US government agency. UUCP has officially known that all site names used as a UUCP name without domain name have been moved to the domain. Technically, the above heads of the top four belonging to the US section of the Internet, but you may still see the site in these fields. The NET domain is especially true. However, MIL and GOV are proprietary in the United States. Places outside the United States, each country usually uses a top-level domain that is named after the two-character country code (defined in ISO-3166). For example, Finland uses the Fi field, FR is used by France, and DE is used by Germany, and AU is used by Australia, and CN is used by China (China). In this top area, NICs in each country can freely organize host names in their way. For example, Australia has a secondary domain similar to the international top-level domain, named com.au, edu.au, and so on. Other countries, such as Germany, do not use this extra outer layer, but use a slightly longer name that runs a specific domain. For example, the host name like ftp.informatik.uni-erlangen.de is not a few. This can be seen that the German efficiency is. Of course, the domains in these countries do not mean that hosts under this domain are actually in that country; this only shows that this host is registered in NIC registration in that country. A Swedish manufacturer may have a branch in Australia, but all of his hosts are still registered as the SE top-level domain. Now, with the hierarchy of domain names to organize the uniqueness of the names of the name well; use DNS, the name of a host only needs to be in its domain, you can have one in the world. All other hosts are different. In addition, the full-term name is very easy to remember. As far as it is itself, these have been split into a few subdomains in a few subdomains. However, DNS is even more than this: it allows you to authorize sub-domain privileges to derived by it (subdomain). For example, the maintainer at the Groucho Calculation Center can create a subdomain for each system; we have met Maths and Physics subdomains. When they find that the network is too big, and it is difficult to manage from the outside world (in short, physicist is a class of unconstrained people), they can simply control the control of Physics.Groucho.edu domain. An administrator who handed this network. In this way, they can freely use what they like, no matter what they like, and can allocate IP addresses in their networks in various ways without requiring external interference.

At the end of this section, we have to say that the namespace can be divided into zones, each zone root root from one domain. Please pay attention to the subtle differences of the area and the domain: domain Groucho.edu includes all hosts from the University of Groucho Marx, and the zone only includes hosts that are directly managed by the calculation center, such as those at the mathematics. The host in the physical system belongs to a different area, which is Physics.Groucho.edu. In Figure 2.3, the beginning of the region is marked with a small circle at the right side of the domain name. 2.6.3 Make the name with DNS look up the first eye, all of these domains and districts seem to make the name parsing becomes a very complicated thing. After all, if there is no central authority to control which host is assigned to which host, then it is a rough program? ! It is now discussed to discuss the true essence of DNS (natural, frank, straightforward). If you want to find out the IP address of Erdos, then DNS will say, ask people who manage it, they will tell you. In fact, DNS is a huge distributed database. It is relying on a so-called name server to be implemented, the name server provides information for a given domain or a set of fields. For each zone, there are two, up to several name servers, and master all the authority information on the host of that area. In order to get the IP address of Erdos, you have to do just contact the name server of the Groucho.edu area, and the name server will return the data you expect. You may think that it is easy to do. So how do I know how to achieve the name server of Groucho Marx University? If your computer is not equipped with an address resolution, DNS can provide this capability. When your application wants to find information on ERDOS, it will contact the local name server, which handles an iterative query. It first issues a query to the name server of the root domain, ask the address of Erdos.Maths.groucho.edu. The root name server noticed that this name is not within its administrative privilege, but is a one in the EDU domain. Therefore, it tells you that the name server of the EDU area is contacted to achieve more detailed information, and give all the EDU's name servers and its address list. At this point, your local name server will continue to perform and query one of those EDU's name servers, such as A.isi.edu. The same way as root name servers, A.isi.edu knows Groucho.edu runs in their own area and makes you point to their servers. Now, local name servers send their queries to one of these servers, which will eventually recognize the names of this area belonging to it and return the corresponding IP address. Now, it seems to find a small IP address to generate a lot of traffic, however, if we still use hosts.txt, the resulting data transfer is much larger than the above method. But this program also needs to improve. In order to improve the response time of future queries, the name server will store the obtained information in its local buffer. So when you have anyone in your local network want to find the address of the host on the Groucho.edu domain, your name server doesn't have to experience the entire process again, but will go directly to the Groucho.edu name server. [4] Of course, the name server will not reserve this information forever, but will give up after a certain period of time. This until time interval is called a Time to Live, or TTL. Each of the DNS databases has a TTL specified by the administrator of the corresponding responsible area.

2.6.4 Domain Name Server The name server with all host information in a zone is called Authoritative, and sometimes referred to as the primary name server (Master Name Servers). Any query for the host in this area will eventually go back to one of these primary name servers. In order to provide a consistent description with a zone, its primary server must be well synchronized. This is achieved by making one of them into the primary (original, original) server, which is installed from the data file, and makes other servers become secondary (second) (Secondary) (SECONDARY) ) Server and periodically incorporate region data from the main server. One reason for several name servers is to disperse workloads, and other reasons are to have a retaining backup. When a name server machine is unprepared, all queries will be returned to other servers if it is unprecedented. Of course, this program does not protect you from server failure to generate an error response to all DNS requests, for example, because the server program itself has a software error. Of course, you can also run a name server that is not authorized for any domain. [5] This type of server is also useful because it can also manage DNS queries for applications running on the local network, and buffer incoming information. Therefore, it is called a caching-only server. 2.6.5 DNS Database Through the above, we already know that DNs is more than just the IP address of the host, but also exchange information on the name server. In fact, the DNS database can have many different types of entries. One information on the DNS database is called a resource record, or is abbreviated into RR. Each record has a type associated with it describes the data it represents, and a class indicating the network type it applies. The latter is used to adapt (or adjust) the needs of different addressing schemes, like the IP address (IN class), or the address of the Hesiod network (in mit), and others. The prototype resource record type is a record, which combines a wholly-owned domain name with an IP address. Of course, a host can have more than one name. However, one of the names must be specified as formal, or the formal host name, while other names are just the alias of the former. The difference between them is that the formal host name is associated with a record, while the other name is only a record of the CNAME type of the formal host name. Here we will not discuss all record types, but to be discussed in the following chapters. Only a short example is given here. Figure 2.4 shows a part of the domain name database in the name server where the Physics.Groucho.edu area is loaded.

;; Authoritative Information on physics.groucho.edu @ IN SOA {niels.physics.groucho.edu hostmaster.niels.physics.groucho.edu 1034;.. Serial no 360000; refresh 3600; retry 3600000; expire 3600; default ttl} Name Servers in ns niels in ns gauss.maths.groucho.edu. Gauss.Maths.Groucho.edu. IN A 149.76.4.23;; Theoretical Physics (Subnet 12) Niels in A 149.76.12.1 in A 149.76.1.12 Nameserver IN CNAME NIELS OTTO IN A 149.76.12.2 QUARK IN A 149.76.12.4 Down in A 149.76.12.5 Strange IN A 149.76.12.6 ...; Collider Lab. (Subnet 14) Boson in A 149.76.14.1 Muon in A 149.76.14.7 Bogon In A 149.76.14.12 ... Figure 2. Excerpt of the physical system Named.hosts file. In addition to the A and CNAME records, a special record can also be seen at the top of the file, extending a few lines. This is the SOA resource record, which means the start of authority, which retains the common information of the server authorized area. For example, it includes all records default survival information. Note that all the names not ending in the example file will be interpreted as being relative to the groucho.edu domain. Special name "@" for SOA records is a domain name itself. From above we already know that the name server of the Groucho.edu domain must know the area of ​​the physical system so they can pass the query to their name servers. This is often done by a pair of records: gives the NS record of the server's FQDN, and an associated address and the A record of that name. Since these two records control the namespace, they are often referred to as glue records. They are only a record example, where the recording is saved in the subordinate area. The bonding record of the name server of Physics.Groucho.edu is shown in Figure 2.5. Zone Data for the groucho.medu zone. @ In SOA {vax12.gcc.groucho.edu. Hostmaster.vax12.gcc.groucho.idu. 233; Serial No 360000; Refresh 3600; Retry 3600000; Expire 3600; Default TTL } .... ;; glue records for the physics in ns niels.physics.groucho.medu. In ns gauss.maths.groucho.medu. Niels.physics in A 149.76.12.1 Gauss.maths in A 149.76.4.23 ... Figure 2.5 Extract of the Named.hosts file of GMU. 2.6.6 Reverse Lookups In addition to finding an IP address belonging to a host, sometimes you need to find a formal host name corresponding to the address. This is called reverse mapping, which is used by some network services to verify the identity of the customer.

When using a single HOSTS file, the reverse lookup simply includes searching in the file with a host with a specified IP address. With DNS, a thorough search for namespace is certainly impossible. Instead, a special domain, IN -ADDR.ARPA has been created, which includes the IP address of all hosts with the REVERTED DOTTED-quad representation. For example, the corresponding name corresponding to IP address 149.76.12.4 is 4.12.76.149.in-addr.arpa. The type of resource record type that connects these names to their formal host names is PTR. Building an authorized area usually means that the administrator assigned an address to the name of the address to the name. Since they often have one or more IP networks or subnets in hand, there is a one-to-many mapping between the DNS zone and the IP network. For example, the physical system is made of subnet 149.76.8.0, 149.76.12.0, 149.76.14.0. As a result, a new area must be established together with the physical area in the in -addr.arpa domain and delegated the network administrator: 8.76.149.in-addr.arpa, 12.76.149.in-addr.arpa , And 14.76.149.in-addr.arpa. Otherwise, if you install a new host in a Collider Lab, you need to contact them to add this new address to their in-ADDR.ARPA area file. The area database of subnet 12 is shown in Figure 2.6. The corresponding bonding records in their parent area database are shown in Figure 2.7. The 12.76.149.in-addr.arpa Domain. @ in SOA {niels.physics.groucho.du. Hostmaster.niels.physics.groucho.du. 233 360000 3600 3600000 3600} 2 in PtrOtto.physics.groucho . 4 in ptroucho.du. 5 in Ptrouch.physics.Groucho.physics.groucho.du. Figure 2.6 An excerpt of the Named.rev file of the subnet 12. The 76.149.in-addr.arpa Domain. @ in SOA {vax12.gcc.groucho.idu. Hostmaster.vax12.gcc.groucho.du. 233 360000 3600 3600000 3600} ...; Subnet 4: Mathematics DEPT. 1.4 in ptrobe. 17.4 in ptroucho.medu. 23.4 in Ptrouchu. ...; Subnet 12: Physics DEPT, SEPARATE ZONE 12 in ns niels. Physics.Groucho.du. in ns gauss.maths.gracho.physics.groucho.edu. in A 149.76.12.1 Gauss.maths.groucho.edu. in A 149.76.4.23 ... Figure 2.7 Network 149.76 Abstract of the Named.rev file. Such an important conclusion is that the area can only be established with an ultra-array of IP networks, and more seriously, the network mask of these networks must be bytes. The mask of all the subnets from the University of Groucho Marx is 255.255.255.0, according to this, you can establish an in-ADDR.ARPA area for each subnet.

However, if the network mask is 255.255.255.128, it is impossible to establish a region for subnet 149.76.12.128, because there is no way to inform DNS 12.76.149.in-addr.arpa domain has been divided into two authorized districts, The host name ranges in the two districts are 1 to 127, respectively, and from 128 to 255. Note [1] Typically, the IP address is assigned to you by the IP connection provider you have. However, by sending a message to HostMaster@internic.net, you can also apply directly to the NIC directly to the NIC directly. [2] However, the autonomous system is slightly more common, they can consist of more than one IP network. [3] Many people think that ROUTED has been discontinued. Because Geted also supports RIP, it is best to choose it. [4] If it is not like this, then DNS will be as bad as other methods, because each query will include root name servers. [5] Oh, almost like this. The name server should at least provide name service for the reverse lookup of LocalHost and 127.0.0.1. source:

Linux free pigeon

转载请注明原文地址:https://www.9cbs.com/read-3655.html

New Post(0)