DNS Description:
The Internet address is the numeric IP address, and we usually used to access the site's main domain name is to facilitate memory. DNS domain name of the role is to point to the IP address of the site, so that people can easily access to a service site through the domain name registration. DNS is the domain name to the IP address of the conversion process. The domain name analytic work is done by the DNS server.
The role of the DNS system:
Forward Analysis: Find the corresponding IP address based on the host name (domain name).
Reverse lookup: lookup domain name corresponding to the host based on IP address.
DNS system type:
Caching name server: Also known as a cache server, access to domain name, IP address records by querying other domain name server, then the domain name query results to a local cache to improve the speed of repetitive queries.
Primary DNS Server: official server-specific DNS zone, unique. Mapping is responsible for maintaining a record of all domain names, IP addresses in the region.
From the Domain Name Server: also known as the secondary domain name server, which is maintained by domain name, IP address records from the primary domain name server.
Domain explanation:
We usually enter the domain name, such as our blog address: blog.51cto.com, in fact, is not complete, it is omitted at the end of the root domain. "." Is a "point", the full name should be "blog.51cto.com.". Here we explain what this address on behalf of the various parts.
. "": Represents the root domain. Root domain servers, global only 13 units.
".Com": represents the top-level domain. There are many top-level domain, according to different uses have different top-level domains. We usually appear more ".com" for commercial organizations, ". Net" used for network service provider, ". Edu" for education institutions, ". Cn" is in accordance with the regional division of top-level domains, representing the country is our continent.
".51cto": represents the second-level domain. This is generally defined by the use of their bodies, the principle is simple and easy to remember. Of course, in the previous two domain may also increase the level domain according to individual needs.
"Blog": indicates the host name. Like we usually appear the most "www" is the host name.
Forward Analysis:
1. The DNS server program installed bind, directly mounting yum source. Note: You need to install in a networked environment.
2. After installation, use "rpm -qc bind" command, look at the profile of the program.
In these profiles, there are three main configuration file.
/etc/named.conf----------------------------主配置文件(控制系统全局)
/etc/named.rfc1912.zones--------------区域配置文件(控制具体单个区域)
/var/named/named.localhost----------区域数据配置文件(区域信息)
3. configure the main configuration file "/etc/named.conf" with vim editor. The "127.0.0.1" instead its own IP address "192.168.52.131", the following "localhost" replaced by "any".
options {
listen-on port 53 { 192.168.52.131; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
recursing-file "/var/named/data/named.recursing";
secroots-file "/var/named/data/named.secroots";
allow-query { any; };
4. configure zone profile "/etc/named.rfc1912.zones" with vim editor.
Add a forward resolution of the zone configuration content, you can copy the above template, direct change on the template.
zone "yun.com" IN {
type master;
file "yun.com.zone";
allow-update { none; };
};
5. Use the "cd" command, enter "/ var / named" directory, then "cp -p" command to copy a "named.localhost" file, named "yun.com.zone".
输入:cd /var/named/
输入:cp -p named.localhost yun.com.zone
6. configure the "yun.com.zone" file with vim editor. (CNAME is set alias hostname * is a pan-DNS)
$TTL 1D
@ IN SOA yun.com. admin.yun.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS yun.com.
A 192.168.52.131
IN MX 10 mail.yun.com.
www IN A 192.168.100.100
ftp IN A 192.168.99.99
stmp IN CNAME www
* IN A 8.8.8.8
7. Turn off the firewall and enhanced security features, and then open the DNS service.
输入:systemctl stop firewalld.service
输入:setenforce 0
输入:systemctl start named
8. Change the local IP address of the DNS server IP addresses for their own, with their own DNS servers to resolve domain names. Check whether the change is successful.
Enter: echo "nameserver 192.168.52.131"> /etc/resolv.conf
Enter: cat /etc/resolv.conf
9. Use the "host" command to test whether the DNS servers to resolve domain names. We can see that we have set the domain name can be successfully resolved.
输入:host www.yun.com
输入:host stmp.yun.com
输入:host ftp.yun.com
输入:host abc.yun.com
Reverse lookup:
1. Once again configure the zone configuration file "/etc/named.rfc1912.zones" with vim editor.
Add a reverse analysis of the content area configuration, the above template can be copied directly changed on the template.
zone "100.168.192.in-addr.arpa" IN {
type master;
file "yun.com.local";
allow-update { none; };
};
2. Use the "cd" command, enter "/ var / named" directory, then "cp -p" command to copy a "yun.com.zone" file, named "yun.com.local".
输入:cd /var/named/
输入:cp -p yun.com.zone yun.com.local
3. configure "yun.com.local" file with vim editor.
$TTL 1D
@ IN SOA yun.com. admin.yun.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS yun.com.
A 192.168.52.131
99 IN PTR www.yun.com.
88 IN PTR ftp.yun.com.
4. After configuration is complete, restart the DNS service.
输入:systemctl restart named
5. "host" command is detected reverse DNS server can resolve. We can see the IP address settings can reverse lookup a domain name.
输入:host 192.168.100.99
输入:host 192.168.100.88
Master-slave synchronization:
1. First firewall and enhanced security features turned off, and then turn on a CentOS 7, and the installer DNS services with yum source. Used as a slave name servers.
输入:systemctl stop firewalld.service
输入:setenforce 0
输入:yum install bind -y
2. vim editor to be configured from the primary domain name server configuration file "/etc/named.conf". The "127.0.0.1" instead its own IP address "192.168.52.132", the following "localhost" replaced by "any".
options {
listen-on port 53 { 192.168.52.132; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
recursing-file "/var/named/data/named.recursing";
secroots-file "/var/named/data/named.secroots";
allow-query { any; };
3. Domain Name Server configuration files from the region "/etc/named.rfc1912.zones" configured with vim editor.
Add a forward resolution of the zone configuration content, you can copy the above template, direct change on the template. Note: You need to type from the "master" was changed to "slave"
zone "yun.com" IN {
type slave;
file "slaves/yun.com.zone";
masters { 192.168.52.131; };
};
4. vim editor and then a region of the primary domain name server configuration file "/etc/named.rfc1912.zones" configuration. In which the "allow-update {none;};" to "allow-transfer {192.168.52.132;};".
zone "yun.com" IN {
type master;
file "yun.com.zone";
allow-transfer { 192.168.52.132; };
};
The primary domain name server configuration is complete restart is required, then return to start the service from the domain name server.
主域名服务器:
输入:systemctl restart named
从域名服务器:
输入:systemctl start named
6. DNS server from the domain name server's IP address, change your IP address. And see if the change is successful.
输入:echo "nameserver 192.168.52.132" > /etc/resolv.conf
输入:cat /etc/resolv.conf
7. Use the command "host" to test whether you can resolve the domain name from the domain name server. We can see that we can resolve the domain primary domain name server settings, so the master-slave synchronization success.
输入:host www.yun.com
输入:host stmp.yun.com
输入:host ftp.yun.com
输入:host abc.yun.com