Article Directory
Preface
Domain name resolution is a service that points the domain name to the website space IP so that people can easily access the website through the registered domain name. An IP address is a digital address that identifies a site on the network. In order to facilitate memory, a domain name is used to replace the IP address to identify the site address. Domain name resolution is the process of converting domain names to IP addresses. The resolution of the domain name is done by the DNS server.
Domain name resolution is also called domain name pointing, server settings, domain name configuration, reverse IP registration and so on. To put it simply, the easy-to-remember domain name is resolved into an IP. The service is completed by the DNS server, which resolves the domain name to an IP address, and then binds a subdirectory to the domain name on the host of this IP address.
The addresses in the Internet are digital IP addresses, and the main purpose of domain name resolution is to facilitate memory.
1. BIND domain name service foundation
1. The role and foundation of the DNS system
(1) The role of DNS system
The role of the DNS system in the network is to maintain an address database, which records the correspondence between various host domain names and IP addresses, so as to provide client programs with forward or reverse address query services, as well as forward resolution and reverse Resolve.
Forward resolution: check the corresponding IP address according to the domain name
Reverse resolution: check
the distributed data structure of the corresponding domain name DNS system according to the IP address
(2) Type of DNS system
In fact, each DNS server is only responsible for managing the correspondence between host domain names and IP addresses within a limited range (one or several domains). These specific DNS domains or IP address segments are called "zones" (zones) . According to the different directions of address resolution, the DNS zone is divided into forward zone (containing the resolution record from domain name to IP address) and reverse zone (containing the resolution record from IP address to domain name).
The DNS system can be divided into different types according to the source of the regional data under management. The same DNS server has different identities relative to different regions. The following common types:
2. Installation and configuration files of BIND
BIND installation and control
BIND is not the only DNS service program that can provide domain name services, but it is the most widely used. BIND can run on most Linux/UNIX hosts. Its official website is https://www/isc/org/.
(1) Install BIND software
The system CD comes with the installation software of the BIND service, which can be installed with yum. It mainly includes the following software packages:
The main functions of each software package are as follows.
bind: Provides the main programs and related files of domain name service
bind-utils: Provides test tools for DNS servers, such as nslookup, etc.
bind-libs: Provides bind, the library functions that bind-utils need to use
bind-chroot: The BIND service provides a disguised root directory (use the /var/named/chroot folder as the root directory of BIND) to improve security
(2) BIND service
Configuration file of
BIND service When using BIND software to construct domain name service, two types of configuration files are mainly involved: main configuration file and regional data file. Among them, the main configuration file is used to set various operating parameters such as global options, registration zones, and access to the named service; the zone data file is used to store the address resolution records (forward or reverse records) of a DNS zone.
(1) Main configuration file
①Global configuration part
②Regional configuration part
(2) Regional data configuration file
①TL configuration and SOA record part ②Address
resolution record part
(3) Special application of regional data configuration file
(4) Check the syntax of the configuration file
Second, build a cache domain name server
The cache domain name server is usually set up in the company's local area network, and the main purpose is to increase the speed of domain name resolution and reduce the export volume of Internet access.
1. The establishment of the main configuration file named.conf
requires an additional line of parameters
forwarders {
20.0.0.13; }
2. Confirm the zone data file named.ca of the
root zone. The zone data file of the root zone is located in /var/named/named.ca by default. This file records the domain name and IP address of the root zone server in the Internet.
3. Start the named service
Execute the "systemctl stat named" command to start the named service.
4. Verify the cache domain name server
nslookup www.bdqn.com
Complete the analysis is successful
Third, build a master-slave domain name server
1. Build the main domain name server (20.0.0.11)
(1) Set the main configuration file
(2) Set the regional configuration file
vi /etc/named.rfc1912.zones
zone "bdqn.com" IN {
type master;
file "bdqn.com.zone";
allow-transfer {
20.0.0.12; };
also-notify {
20.0.0.12; };
};
zone "0.0.20.in-addr.arpa" IN {
type master;
file "20.0.0.arpa";
allow-transfer {
20.0.0.12; };
also-notify {
20.0.0.12; };
};
(3) Establish forward and reverse zone data files
[root@r1 ~]# cd /var/named/
[root@r1 named]# cp named.localhost bdqn.com.zone
[root@r1 named]# vi bdqn.com.zone
$TTL 1D
@ IN SOA bdqn.com. admin.bdqn.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS @
A 192.168.11.119
www IN A 192.168.11.119
ftp IN A 192.168.11.118
mail IN CNAME www
[root@r1 named]# chown named:named /var/named/bdqn.com.zone
[root@r1 named]# cp named.loopback 20.0.0.arpa
[root@r1 named]# vi 20.0.0.arpa
$TTL 1D
@ IN SOA bdqn.com.admin.bdqn.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS bdqn1.com.
A 20.0.0.100
119 IN PTR www.bdqn1.com.
120 IN PTR ftp.bdqn1.com.
121 IN PTR bbs.bdqn1.com.
Remember to turn on the named service
2. Build a secondary domain name server (20.0.0.12)
(1) Set the main configuration file
[root@r2 ~]# vi /etc/named.conf
options {
listen-on port 53 {
20.0.0.12; };
listen-on-v6 port 53 {
::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query {
any; };
zone "bdqn.com" IN {
type slave;
masters {
20.0.0.11; };
allow-notify {
20.0.0.11; };
file "slaves/bdqn.com.zone";
};
zone "0.0.20.in-addr.arpa" IN {
type slave;
masters {
20.0.0.11; };
allow-notify {
20.0.0.11; };
file "slaves/20.0.0.arpa";
};
[root@r2 ~]# cd /var/named/slaves/
[root@r2 slaves]# ll
total 0
[root@r2 slaves]# systemctl start named
[root@r2 slaves]# ll
total 8
-rw-r--r-- 1 named named 400 Jul 30 01:29 20.0.0.arpa
-rw-r--r-- 1 named named 311 Jul 30 01:29 bdqn.com.zone
(3) Verify the main domain name server (20.0.0.13)
[root@localhost ~]# vi /etc/resolv.conf
nameserver 20.0.0.11
nameserver 20.0.0.12
[root@localhost ~]# nslookup www.bdqn.com
Server: 20.0.0.11
Address: 20.0.0.11#53
Name: www.bdqn.com
Address: 192.168.11.119
[root@localhost ~]# nslookup 20.0.0.119
Server: 20.0.0.11
Address: 20.0.0.11#53
119.0.0.20.in-addr.arpa name = www.bdqn1.com.
[root@localhost ~]# nslookup 20.0.0.120
Server: 20.0.0.11
Address: 20.0.0.11#53
120.0.0.20.in-addr.arpa name = ftp.bdqn1.com.
[root@localhost ~]# nslookup 20.0.0.121
Server: 20.0.0.11
Address: 20.0.0.11#53
121.0.0.20.in-addr.arpa name = bbs.bdqn1.com.
[root@localhost ~]# vi /etc/resolv.conf
#nameserver 20.0.0.11
nameserver 20.0.0.12
:wq
[root@localhost ~]# nslookup www.bdqn.com
Server: 20.0.0.12
Address: 20.0.0.12#53
Name: www.bdqn.com
Address: 192.168.11.119
[root@localhost ~]# nslookup 20.0.0.119
Server: 20.0.0.12
Address: 20.0.0.12#53
119.0.0.20.in-addr.arpa name = www.bdqn1.com.
[root@localhost ~]# nslookup 20.0.0.120
Server: 20.0.0.12
Address: 20.0.0.12#53
120.0.0.20.in-addr.arpa name = ftp.bdqn1.com.
[root@localhost ~]# nslookup 20.0.0.121
Server: 20.0.0.12
Address: 20.0.0.12#53
121.0.0.20.in-addr.arpa name = bbs.bdqn1.com.