Creation of DNS Server under Unix (on)
[Content Navigation] Page 1: Overview Page 2: Unix DNS Server Create Page 3: Mustable Profile Named.conf Page 4: Mustable Profiles Study.js.cn Page 5: Manded Profiles Study.js.cn.rev Page 6: Mustprofile Named.ca Page 7: Mustprofile Named.local Page 8: Files related to DNS configuration
This article mainly discusses everyone in a UNIX environment, creates a DNS primary domain server using the BIND server software. We know that the Bind software is basically installed with the system after installing a UNIX system, and the work to do is to modify and configure the relevant file parameters.
Usually we can determine the version of Bind now by checking / var / log directory or system on its equivalent directory. BIND Server Daemon Named Record the version number to the system log at startup (the facility "daemon"). Use grep to find rows like this:
The first line takes place from HP-UX 11.00, and the second line is from a SunOS machine that we locally maintained. After a row, a little lie is, because the patch 4 of BIND 8.2.2 does not increase the patch level. It is actually 8.2.2-p4.
If you need to upgrade the version of the BIND software, you can download the new version of Bind on www. Isc.com website, such as bind-9.0.0.tar package source file, extract and use Tar to get the content of the file, next to compile Bind You need to run the configure command to produce the following output:
Next, use the opportune command to construct a binary code:
Finally, test binary code by constructing test procedures:
If all tests pass, you can perform "make install" installation new code.
Domain name analysis of UNIX systems
There are two ways to analyze the common domain name on the Internet:
Analysis of the name to the address (forward parsing) such as: www.study.js.cn è 61.155.107.131
Analysis of the address to the name (reverse / reverse analysis) such as: 61.155.107.131è www.study.js.cn
Therefore, when we configure the UNIX domain name server, we must implement positive / reverse resolution on the Internet. Only the two parsing methods can be said to be truly domain name servers. Many Internet's domain name servers, especially the domain name resolution of the Windows system implement forward parsing.
Unix's DNS server creation
Below Solaris as an example, the UNIX primary domain server creation process, for BIND 8 supplied with Solaris7, 8, the main profile is /etc/named.conf, Bind4 and the earlier version named /etc/named.boot Profile. The /etc/named.conf file is responsible for controlling the behavior of the DNS server, which provides the following keywords to define an operational declaration: ACL ---- Defines an access control list, which customers can use the server.
INCLUDE ---- Read an external file containing declarations, which uses the same format as /etc/named.conf. This is useful when the configuration file is very large, and different parts can be divided into several files logically. Logging - - Determine which server activities are recorded in the log file specified by the declaration. Options ---- Defines the operational characteristics of the local server. Server ---- Defines the operational features of other servers. ZONE ---- Creating a local DNS area.
In Solaris, in .named is a process domain name server. Through the network initialization script S72INTSVC starts on Level 2, after startup, it reads /etc/named.conf to get the area and zone database files it managed. In addition to the mapping of the host name to the IP address, the area file is included. The configuration process of the domain name server includes the following steps: 1) Register a domain name 2) Creating a hostname and IP address list 3) Creating a /etc/named.conf file 4) Creating a zone data file In the zone data file, the information is specific Format stored. This information is defined as the Resource Record Type (RR). Commonly used standard resource records are as follows: SOA (Management Start) Resource Record ---- In Master File, it is used in the zone file in bind4. NS (Name Server) Resource Record ---- Lists Name Server A (Address) Resource Records in the domain or area ---- Address Resource Record to illustrate the IP address of the host in the DNS database. It may be used to use the absolute hostname (FQHN), or it is also possible to use a relatively hostname (short host name). MX (Mail Exchange Server) Resource Record ---- MX resource record responsible for mail exchange services between hosts in the domain. PTR (Indicator) Resource Record ---- is usually used for resolution of the reverse hostname. CNAME ---- The alias used to define the host. Several necessary configuration files
Named.conf named.ca named.local master file (the zone file in Bind4) ---- Two files with Study.js.cn and Study.js.cn.js.cn.js this article.
In these configuration files, the most important thing is named.conf, under / etc, which is the default startup file at Named startup. A typical named.conf file includes at least Options and Zone, such as:
1 named.conf file
Options {directory "/ var / name"; // Database file location, you want to create a named, multiple-cnames yes; pid-file "/etc/named.pid";}; // type domin source host / file "IN {type hint; // Here Hint is represented as a cache server file" named.ca ";
ZONE "0.0.127.in-addr.arpa" in {type master; // Here Master is represented as the main DNS Server, File "named.local";
ZONE "study.js.cn" in {type master; file "study.js.cn"; // The study.js.cn here is the domain you want to create, forward parsing,};
Zone "107.155.61.in-addr.arpa" in {type master; file "study.js.cn.rev"; // reverse resolution, domain is 107.155.61,}; here, Options Define Master File The path stored, corresponding to a domain, named will find a data file here, if there is a request request for www.study.js.cn, named will go to / var / name to find Study.js.cn this file Isors the IP of www.study.js.cn. ZONE defines a domain, such as Study.js.cn, Type defines the type of domain name server, Master Description This is a primary domain server, the first Zone defines the primary server for its own backward domain, will address 127.0 .0.1 Map is Localhost, which can be seen in almost all types of domain names. The second zone is used to define a cache initialization file, at least the name and address of the root server in Named.ca (these root servers will also change). General Named.ca does not need to be modified, only Named.local only needs Modify the SOA record and contacts. File Defines the master file of the Study.js.cn.
Create the following databases in the / var / named directory to correspond to the /etc/named.conf file. Named.ca, named.local, study.js.cn and study.js.cn.rev.
2 study.js.cn file
@ In SOA DNS.Study.js.cn. Root.dns.Study.js.cn. (2000120101; Serial Number 10800; Refresh After 3 Hours 3600; RetryAfter 1 Hour 3600000; ExpireAfter 6 weeks 86400); Minimum TTL of 1 day in ns DNS @ in MX 10 Mail Localhost in A 127.0.0.1 WWW in A 61.155.107.131dns in A 61.155.107.132FTP in CNAME DNS
This @ defines the current domain, which is study.js.cn., In definition This is an inter-net type record, SOA (management start) logo starts the beginning of a licenso domain, dns.study.js.cn. Create the server, you can use the primary domain server, root.dns.study.js.js. Define the contact, root. It is the @, several digital definitions in the parentheses in parentheses. Several Parameters, units are seconds.
The first four parameters are used for the auxiliary domain server update master file, where the description is description, serial number is used to determine whether the master name server of the primary domain server is updated, and the fifth parameter defines the cache in other domain servers. In the validity period, the other domain name of this time will come here to re-query the relevant information.
DNS indicates that the domain name server is DNS.Study.js.cn. NS records can have multiple; @ in mx 10 mail Represents: All messages sent to the current domain are all forwarded to the server mail. Localhost, WWW, DNS and MAIL's meaning is to resolve localhost to 127.0.0.1; www.study.js.cn and dns.study.js.cn resolve to 61.155.107.131; will mail mail.study.js. CN analysis to 61.155.107.132, define the aliasing of FTP as DNS. 3 study.js.cn.rev file
This file stores mapping information from the IP address to the domain name, the file content:
@ In SOA DNS.Study.js.cn. Root.dns.Study.js.cn. (2000120101; Serial 10800; Refresh 1800; RETRY 3600000; Expire 86400); minimum in ns dns.study.js.cn.131 in PTR DNS.Study.js.cn.132 in ptr mail.study.js.cn.
Syntax Description: 131 in Ptr DNS.Study.js.cn. Representation: The domain name of the server in the current domain (i.e., 61.155.107) is DNS.Study.js.cn. 132 meaning, the domain name of the server represented For mail.study.js.cn. Note that the domain name of this server uses an absolute domain name. 4 named.ca file
; This file holds the information on root name servers needed to; initialize cache of Internet domain name servers; (eg reference this file in the "cache."; Configuration file of BIND domain name servers);.; This file is made available by Internet Registration Services; Under Anonymous FTP As; File /Domain/named.Root; on Server ftp.rs.internic.net; -OR- Under Gopher At Rs.internic.Net; Under Menu Internative Registration Services (NSI); Submenu Intern REGISTRATION Archives; Last Update: AUG 22, 2000; Related Version of Root Zone: 2000082200;; Formerly ns.internic.net;. 3600000 in ns a.root-servers.net. A.Root-Servers .NET. 3600000 A 198.41.0.4;; formerly ns1.isi.edu;. 3600000 ns b.Root-servers.net. Formerly ns1.isi.edu. 3600000 ns b.Root-servers.Net.b.Root-servers.Net. 3600000 A 128.9.0.107 ;; formerly c.psi.net. 3600000 ns c.Root-servers.net. C. ROOT-SERVERS.NET. 3600000 A 192.33.4.12 ;; formerly Terp.umd.edu. 3600000 ns d.Root-servers.Net.d.Root-Servers.Net. 3600000 A 128.8.10.90 ;; Formerly NS. Nasa.gov ;. 3600000 ns e.root-servers.net.e.root-servers.Net. 3600000 A 192.203.230.10 ;; formerly ns.isc.org. 3600000 ns f.Root-Servers.Net.Root -Servers.net. 3600000 A 192.5.5.241 ;; formerly ns.nic.ddn.mil. 3600000 ns g.Root-servers.Net.g.Root-servers.Net. 3600000 A 192.112.36.4; Formerly Aos.arl . Harmy.mil. 3600000 ns H.Root-servers.Net.h.Root-servers.Net. 3600000 A 128.63.2.53
Description: Named.ca files generally do not need to be modified. 5 named.local file
(SOA REC @ in SOA DNS.Study.js.cn. Root.study.js.cn. (2000120101; Serial Number 10800; Refresh Every 3 Hours 10800; Retry Every 3 Hours 604800; ExpireAfter A WEEK 86400; TTL of 1 Day); Name Serversin NS DNS.Study.js.cn.; IP mapings1 in ptr localhost.study.js.cn.
Note: This file has no significance, only the domain name corresponding to the server of 127.0.0.1 is: localhost.
Document related to DNS configuration
Mainly include /etc/defaultdomain//etc/nsswitch.conf/eetc/resolv.conf three file privileges only Root readable.
1) / etc / defaultdom "/ etc / defaultDomain" / etc / defaultDomain "file to the provincial name, the file content is the domain name name, for example: study.js.cn means that the default domain is" study.js.cn ", only one When a host name, the system assumes that the host in the default domain. For example, "Ping WWW" will be understood as "ping www.study.js.cn".
2) /etc/nsswitch.conf If DNS is used, "DNS" must be given in "Host" of the file. The default is the file, ie "files", which can be retained.
# /etc/nsswitch.files :## An Example File That Could Be copied over to /etc/nsswitch.conf; it # does not use any any nameless service. ## "HOSTS:" AND "Services:" in this file area Used Only if The # / etc / netconfig file has a "for nametoaddr_libs of" inet "transports.
passwd: filesgroup: fileshosts: files dnsnetworks: filesprotocols: filesrpc: filesethers: filesnetmasks: files bootparams: filespublickey: files # At present there is not a 'files' backend for netgroup; the system will # figure it out pretty quickly, and won 'T Use NetGroups At All.NetGroup: FilesAutomount: Filesses: Filessendmailvars: Files
Hosts: Files DNS Represents: The host will be resolved using the / etc / inet / hosts file, if you are unable to resolve the hostname will use DNS.
3) /etc/resolv.conf This file gives the domain name and domain name server address. ; /etc/resolv.conf file domain study.js.cn; domain name Nameserver 61.155.107.131; Domain name server address; Domain name server address can be given multiple
To this basic UNIX primary domain server is established. However, it is necessary to specifically, in Master file, DNS.Study.js.cn. Later., This. Said this is a complete record, otherwise the server will automatically add the current domain, for example: www Www.study.js.cn, and www.study.js.cn turns www.study.js.cn.study.js.cn, the correct representation can be WWW or www.study.js.cn. If you don't give this. It is easy to pay more attention to it.
Creation of DNS Servers under UNIX (below)
[Content Navigation] Page 1: NAMED Control Files Created by Main Downtown Page 2: Main domain server creation domain name area files Page 3: IP area files created by the primary domain server and Cache files Page 4: Auxiliary domain name server Created NAMED Control File Page 5: Accessibility Domain Server Create Local IP Area Files and Cache File Page 6: DNS Client Creation We know that the most common software for UNIX DNS servers is bind, it derived from UC Berkeley but now The internet software consortium is responsible. Bind provides a parser and name server software, and the parser is actually querying and the name server provides a response. Bind divides the name server into three parts: The primary domain server contains all data about a domain; the auxiliary domain server is effectively copied from the main domain server; (only) The high-speed buffer server creates an exception DNS database by buffering query . Only the primary domain server and auxiliary domain server are used as authorization servers involving a specific domain.
The following is an example of the creation of the primary domain name server, auxiliary domain name server, and UNIX DNS client in the AIX UNIX system to implement the domain name structure of "planning and design".
First, the creation of the primary domain server
Steps to create a primary domain server: Create a named control file; create a domain name file; create an IP area file and a local IP area file; create a buffer file;
1. The NAMED Control File NAMED's control file is /etc/named.boot (Bind4 version), read at NAMED startup. It illustrates the storage location of all data used by Named, named these data to create an initial domain server database. The contents of the named.boot file are as follows:
The Directory item tells Named to store the files listed in the /etc/named.boot file.
Domain item illustrates the domain where the local host is located, the domain name server is used as the default domain.
The primay item indicates which domain of the local host NAMED as the primary domain server, and which file obtains the data describing the domain.
The domain name of the reverse map will always end with "in-addr.arpa", forming a domain name IP address must be counter-write, because the most important 8-bit group group of the IP address should be in the first, and the domain name expression In contrast to IP, the lowest effective 8-bit group is in front, each physical network applies a resource file and corresponding.
The dot in the Domain domain in the Cache record "indicates any field of the last column, and the cache file allows a host in the default domain to communicate with other hosts outside the domain.
The /etc/named.conf(bind8 version) The file content is as follows: options {directory "/ etc";
"in {type hint; file" named.ca ";
ZONE "localhost" in {type master; file "localhost.zone"; allow-update {none;};
Zone "0.0.127.in-addr.Arpa" in {type master; file "named.local"; allow-update {none;};
ZONE "ghq.js.com" in {type master; file "resolv.conf"; allow-update {none;};
Zone "1.32.10.in-addr.Arpa" in {type master; file "named.revip1"; allow-update {none;};
Zone "2.32.10.in-addr.arpa" in {Type master; file "named.revip2"; allow-update {none;};
The author believes that there is no explanation here, everyone will know the specific meaning of the above configuration. 2. The domain name area file AIX system provides an AWK file for creating zone files. The AWK file will read the system's / etc / hosts file and then create the corresponding area file. But the AWK file does not mean establish a perfect zone file for each environment, it only provides a gateway means for creating regional files. After the file is established, you can modify or add a record as needed to use the file editor. As an example, the method of generating zone files with the AWK file is as follows: # CD / usr / samples / tcpip # ./hosts.awk / etc / hosts> /etc/named.dc # ./addrs.awk / etc / hosts> /etc/named.revip1 # ./addrs.awk / etc / hosts> /etc/named.revip2 The content of a domain area file /etc/named.dc is given below. The /etc/named.dc file content is shown in the following figure:
The resource record format is:
Name TTL Class Type RDATA
among them:
Name: Describe a domain, area, a host name or host alias, etc. It must be in the first column of the file. If the domain is empty, its value is the NAME domain value recorded by the previous resource.
TTL: Information survival time, in seconds. 99999999 indicates that the information will never be timeout. If there is no TTL value, set the TTL default value to the MINIMUM item recorded by SOA;
Class: The type of address recorded, there are two values for IN and ANY. Where IN represents the Intemet address, Any represents any other address class;
TYPE: Resource Record Type. The legal type is:
SOA ---- Start of Authority; Central Authority);
NS ---- Name Server;
A ---- Address;
Hinfo ---- standard all words;
MX ---- Mail exchange.
RDATA: Describes the details of the special resource record type, it has several special characters :: ---- indicates the comment;
. ---- When using the name domain, if there is no specific content after the dot, the dot indicates the current domain;
@ ---- When using the name domain, a single "@" represents the current domain;
() - Cray brackets for data items that are not only a row.
SOA indicates the location of the management organization. SOA records indicate:
The host name where the data file is located, and the E-mini address responsible for maintaining the data file;
Serial - Indicates the version of the data file number. This version number should be increased when data is modified in the data file;
Refresh - Check if the data needs to be refreshed, in seconds. For assistive domain servers;
Retry - Auxiliary Domain Name Server Unable to connect to the primary domain server when doing refresh, auxiliary domain name server waits for time intervals, in seconds;
Expire - Limit time; for assisting domain servers. When the auxiliary domain server cannot communicate with the primary domain server, the secondary limit of the domain name server refreshes the data;
Minimum - The default minimum survival time. This value is replaced when the TTL value of other items is more than this value.
3, IP area files and local IP area file IP Zone files as shown below.
/ etc / named .revip1 file content Chapter 3 shows:
The local IP zone file is shown below.
The /etc/named.local file content is as follows:
@ In ns sys1.ghq.js.com 1 in ptr localhost.ghq.js.com
In DNS, the domain name forms a hierarchy. In order to solve an address, the system queries the domain name server from the root to each domain in the name, translates the host name as the host IP address. The legal resource record type of IP area file is SOA, NS and PTR - Domain Name Pointer. Since other systems are located in the 10.32.2 network, IP area files must have two, one for each network. Both files are generated by / etc / hosts, and the / etc / hosts file contains two registers of two networks. Therefore, you must use text editing to delete another network's registration item, only retaining the host address of the local network (deleted an eight-bit group of the local network host's network address portion).
In addition to this IP area file, there must be a local IP area file that contains a return address of network 127.0.0.1. The legal resource record type is SOA, NS, and PTR. For the local IP area file, the SOA record is not necessary, but it is necessary to dominate the domain name file and IP area file.
4. Cache file When a name cannot interact with the other domain servers listed in the cache file when a name is parsed until it analyzes this name, or until it queries all listed domain name servers . The /etc/named.ca file content is as follows:
999999 in ns999.js.com sys99.js.com 999999 in A 10.32.7.99
The cache file contains the address of the domain name server, which is a higher level of the authoritative domain server.
Second, the creation of auxiliary domain server
The steps to create an auxiliary domain server are as follows: Create a named control file; create a local IP area file and cache file.
1, NAMED control file
The NAMED control file of the auxiliary domain server is slightly different from the primary domain server, which is more than one SECONDARY item than the NAMED control file of the primary domain server. The Secondary item indicates that the local NAMED process is the auxiliary domain server of the domain, which receives domain information from the specified IP address and stores it in the specified file, which is the backup file of the primary domain server. /etc/named.boot(bind4 version) The file content is as shown below:
If a new copy of the domain information is received from one of the primary domains, the NAMED process will update the backup file of that domain server. When the NAMED process starts the first time, the auxiliary domain server downloads the information of the primary domain server; the secondary domain name server sends relevant information according to the refresh time interval specified by the SOA record.
/etc/named.conf(bind8 version) The contents of the file are as follows:
Options {Directory "/ etc";
"in {type hint; file" named.ca ";
ZONE "localhost" in {type master; file "localhost.zone"; allow-update {none;};
Zone "0.0.127.in-addr.Arpa" in {type master; file "named.local"; allow-update {none;};
ZONE "ghq.js.com" in {// type master; type slave; // Type The value has become Slave; file "named.dc.bak"; // File can also be other file names The setting of the main domain DNS server is masters {10.32.1.1;}; //10.32.1.1 is the IP address of the main DNS server,};
Zone "1.10.32.in-addr.arpa" in {// type master; Type Slave; // TYPE The value behind it has become slave; file "named. revip1.bak"; // File can also be another The file name does not have to be as MASTERS {10.32.1.1;}; //10.32.1.1 as the IP address of the main DNS server as the settings of the main domain DNS server.
Zone "2.10.32.in-addr.arpa" in {// type master; Type Slave; // Type The value has become Slave; file "named. revip2.bak"; // File can also be another The file name does not have to be the same MASTERS {10.32.1.1;}; //10.32.1.1 as the IP address of the primary domain DNS server,}; no need to establish named.dc.bak, named on the secondary domain DNS server REVIP1.BAK and NAMED. REVIP2.BAK Three files, because we will automatically start from the main domain after we start the process of our secondary DNS server (just the first restart) of the Named.conf, DNS Server (10.32.1.1) Copy Data File Contents On the Auxiliary Domain DNS server, automatically innovate these three main files. 2, local IP area files and cache files
The local IP area file is the same as the local IP area file of the primary domain server, except that NS refers to the system itself, the cache file is also identical to the cache file of the primary domain server, and below is the local IP area file and cache file content. The /etc/named.local file content is as follows: @ in ns sys6.ghq.js.com1 in ptr localhost.ghq.js.com
The /etc/named.ca file content is as follows:
999999 in ns sys99.js.coms99.js.com 999999 in A 10.32.7.99
Description: In the main domain and auxiliary domain server configuration, create the /resolv.conf file, which can be used to set the name resolution of the DNS client, and the configuration content is in the UNIX client.
Third, the creation of the DNS client
1, UNIX client
Create /etc/resolv.conf content as follows: Domain ghq.js.com Nameserver 10.32.1.1 Nameserver 10.32.2.6
"Domain" Specifies the local domain name. If the name of the query does not contain a decimal point, the domain name here will be automatically added to the DNS server. "Nameserver" specifies the NAMESERVER IP address of the client request to resolve, you can specify a multi-DNS server, and the client will propose query requirements in order.
2, Windows client
Click "Start" - "" - "" - "" "Network", "Network", modify the "TCP / IP Properties" DNS settings in the "TCP / IP Properties", finally confirmed; as shown below, Win98 system needs to restart, Win2000 / XP / 2003 The system does not need to be restarted.
