One, DNS
(1) Definition of DNS
- DNS refers to the "Domain Name System" as a distributed database that maps domain names and IP addresses to each other, enabling people to access the Internet more conveniently.
- The NDS service uses TCP and UDP port 53, TCP port 53 is used to connect to the DNS server, and UDP port 53 is used to resolve DNS.
(2) Domain name structure
-
Host name The host is located at the lowest level of the domain name space, that is, a specific computer
www and mail are specific computer names that can be represented by www.sina.com.cn., mail.sina.com.cn. This way of expression is called It is a fully qualified domain name and the full name of this host in the domain name -
All levels of domains created under the subdomain second-level domain are collectively referred to as subdomains, and each organization or user can freely apply for registration of their own domain names
-
The second-level domain is used to indicate a specific organization in the top-level domain. The second-level domain names under the national
top-level domain are managed by the national network department . The second-level domain names set under the top-level domain name:
.com.cn, .net.cn, .edu. cn -
The top-level domain generally represents a type of organization or
country.net (network provider)
.com (business enterprise)
.org (group organization)
.edu (educational institution)
.gov (government department)
.cn (Chinese national domain name) ) -
The root domain is at the top of the domain name space and is generally represented by a "."
Domain name resolution structure:
(3) DNS server type:
(1) Primary domain name server: responsible for maintaining all domain name information of an area, it is the authoritative information source of all specific information, and the data can be modified. When constructing the main domain name server, you need to create the address data file of the area in charge by yourself.
(2) Secondary domain name server: When the primary domain name server fails, shuts down, or is overloaded, the secondary domain name server serves as a backup service to provide domain name resolution services. The resolution result provided from the domain name server is not determined by yourself, but comes from the main domain name server. When constructing the secondary domain name server, you need to specify the location of the master domain name server so that the server can automatically synchronize the address database of the area.
(3) Cache domain name server: It only provides the cache function of domain name resolution results to improve query speed and efficiency, but there is no domain name database. It obtains the result of each domain name server query from a remote server, puts it in the cache, and uses it to respond when querying the same information later. The cache domain name server is not an authoritative server, because all the information provided is indirect information. When constructing a cache domain name server, you must set the root domain or designate another DNS server as the source of resolution.
(4) Forwarding domain name server: responsible for local queries of all non-local domain names. After the forwarding domain name server receives the query request, it searches in its cache. If it cannot find it, it forwards the request to the specified domain name server in turn until the result is found, otherwise it returns the result that cannot be mapped.
2. Forward analysis experiment
(1) Step one
yum install -y bind //安装bind包
rpm -qc bing //查看bind包下配置文件位置
(2) Step two
vim /etc/named.conf //进入主配置文件
vim /etc/named.rfc1912.zones //进入区域配置文件
cd /var/named/ //进入named目录
cp -p named.localhost paopao.com.zone //复制文件进行覆盖
systemctl start named //打开named服务
Configuration file:
vim /etc/named.conf //进入主配置文件
vim /etc/named.rfc1912.zones //进入区域配置文件
(3) Step three
systemctl stop firewalld //关闭防火墙
setenforce 0 //关闭内置防火墙
host www.paopao.com //验证DNS解析
