1. DNS domain name resolution server
1. Introduction
DNS is a service on the Internet. As a distributed database that maps domain names and IP addresses to each other, it can make people access the Internet more conveniently.
The DNS system uses network query, so it naturally needs a listening port. DNS uses port 53, which can be seen in the file /etc/services (search for domain). Usually DNS is queried using UDP, a faster data transmission protocol. However, if complete information is not queried, it will be queried again using TCP protocol. Therefore, when DNS is started, TCP and UDP port53 will be started at the same time.
2 Types of domain name servers
3.DNS domain name resolution process
1. Enter the www.qq.com domain name in the browser, and the browser will cache it. The operating system will first check whether its local hosts file has this URL mapping relationship. If so, it will first call the IP address mapping to complete the domain name resolution.
2. If there is no mapping of this domain name in hosts, search the local DNS resolver cache to see if there is a mapping relationship for this URL. If so, return directly to complete the domain name resolution.
3. If there is no corresponding URL mapping relationship between hosts and the local DNS resolver cache, it will first find the preferred DNS server set in the TCP/IP parameters. Here we call it the local DNS server. When this server receives the query, if If the queried domain name is included in the local configuration area resource, the parsing result will be returned to the client to complete the domain name parsing. This parsing is authoritative.
4. If the domain name to be queried is not resolved by the local DNS server zone, but the server has cached this URL mapping relationship, then this IP address mapping is called to complete the domain name resolution. This resolution is not authoritative.
5. If the local zone file and cache resolution of the local DNS server are invalid, the query will be performed according to the settings of the local DNS server (whether a forwarder is set). If the forwarding mode is not used, the local DNS will send the request to the 13 root DNS servers. After receiving the request, the DNS server determines who authorizes the management of this domain name (.com), and will return an IP responsible for the top-level domain name server. After the local DNS server receives the IP information, it will contact the server responsible for the .com domain. After the server responsible for the .com domain receives this address, if it cannot resolve it, it will find a DNS server that manages qq.com and give it to the local DNS server. When the local DNS server receives this address, it will find the qq.com domain server, repeat the above actions, and query until www.qq.com is found.
5. If the forwarding mode is used, the local DNS server will forward the request to the upper-level DNS server, and the upper-level server will resolve it. If the upper-level server cannot resolve it, it will either find the root DNS or transfer the request to the upper level. In this loop, the result is finally returned to the local DNS server, and the DNS server returns it to the client again.
The query from the client to the local DNS server is a recursive query, while the interactive query used between DNS servers is an iterative query.
2. Set up DNS server
The software that provides DNS services is called bind, and the service name is named.
[root@server ~]# yum install bind -y
[root@server ~]# systemctl restart named
1. Common correct answer file RR information
domain IN RRtype RRdata
主机名 IN A IPv4
主机名 IN A IPv6
域名. IN NS 管理该域名的服务器主机名
域名. IN SOA起始授权记录 管理这个域名的七个重要参数
域名. IN MX 顺序数字 接收邮件的服务器主机名
主机别名. IN CNAME 实际代表这个主机别名的主机名
...
CNAME:设置某主机名的别名,当一个IP是给很多主机名使用时,只要给一个主机名设置A,其他都用CNAME,则当IP更改时,只要修改A
MX:查询某域名的邮件服务器主机名,设定MX服务器时,必须有A标志
SOA is mainly related to the area, so the domain name must be written. SOA will be followed by seven parameters. The meanings of these seven parameters are as follows:
1) Master DNS server host name: This area mainly means which DNS server is the Master.
2) Email of the administrator. If any problem occurs, you can contact the administrator. Since @ has a special meaning in the database file, "." will be used instead of @
3) Serial number (serial), this serial number represents the newness of the database file. The larger the serial number, the newer it is. So when you change the contents of the database, you need to enlarge this value.
4) Update frequency (refresh) defines how often the slave requests data updates from the master. 1D
5) Failure retry time (Retry), if the slave cannot connect to the Master, how long will the slave try to reconnect to the Master? 1H
6) Expiration time (Expire), if attempts continue to fail and the continuous connection reaches this set value time limit, then the slave will no longer continue to try to connect, and Try to delete the downloaded zone file information
7) Cache time. If each record in this database zone file is not written to the TTL cache time, then the setting value of this SOA will be used. Mainly, ttl means how long this record will remain in the cache of the other DNS server after it is queried by another DNS server. If $TTL is written, this value will prevail.
1.DNS forward resolution
1. Install the bind software package and check the path of the configuration file that needs to be modified.
2. Modify the main configuration file
3. Modify the zone configuration file and add forward zone configuration
4. Configure the forward zone data file (copy the data configuration file first, and then modify the copied file)
5. Start the service and close the firewall
6. Modify the domain name address in /etc/resolv.conf
7. DNS domain name resolution test
2. DNS reverse resolution
1. Modify the /etc/named.rfc1912.zones configuration file and add reverse zone configuration
2. Copy and configure the reverse zone data file
3. Add the DNS server address to the client’s domain name resolution configuration file.
4. Perform parsing test after restarting the service
3. Configure the master and slave DNS servers
1. Modify the zone configuration file of the primary domain name server and modify the forward and reverse zone configurations.
2. Add the IP address of the slave server (the IP address of the slave server is also added)
3. Modify the main configuration file of the slave domain name server (start a new server)
4. Modify the zone configuration file of the slave domain name server
5. Add the IP address of the main server (also add the IP address of the main server)
6. Check whether the regional resource configuration file is automatically generated in the service (the premise is to turn off the firewall and enable the service)
7. Conduct domain name resolution test (forward and reverse resolution) in the slave service
8. Conduct a domain name resolution test in the main service (and simulate whether the slave service can run normally after the main service fails)
