Table of Contents
1. Introduction to DNS service
1. Basic concepts
2.Domain name classification
3.DNS server type
2. DNS principle
1. Query method
2. Query principle process
3. Configuration file
1. Configuration file location
①. Main configuration file
②. Regional configuration file
③. Database configuration file
2. Resource records
4. Forward analysis steps
1. Experimental preparation
2. Configure the DNS resolution address of the ens33 network card
3. Modify the main configuration file and reload the DNS service
4. Configure the zone configuration file
5. Edit database files
6.Experimental results
1. Introduction to DNS service
1.Basic concepts
DNS: is a system used to convert domain names into IP addresses, and it plays an important role in the Internet.
In the browser, you usually enter the domain name to access the website, rather than the IP address of the website. DNS is the system responsible for resolving these domain names into corresponding IP addresses.
Server side: 53/udp, 53/tcp
2.Domain name classification
Domain names adopt a hierarchical management model and can be divided into: first-level domain names (or top-level domain names), second-level domain names, third-level domain names, fourth-level domain names, etc.
-
Root domain: represented by “.”
-
First-level domain name: generally managed by a country or region
-
Second-level domain names: Generally managed by national subordinate departments
-
Third-level domain name: generally managed by an organization
-
Up to 127 level domain names can be reached
3.DNS server type
Root domain name server: The root domain name server is the highest level domain name server.
Top-level domain name servers: These domain name servers are responsible for managing all second-level domain names registered with that top-level domain name server.
Authoritative name servers: These name servers are responsible for managing domain names in a certain zone.
Local domain name server: The local domain name server does not belong to the above-mentioned domain name server hierarchy. The IP address of the local domain name server needs to be configured directly on the host that requires domain name resolution.
2.DNS Principle
1. Query method
Recursive query:
When the client sends a request to the DNS server, if the DNS server itself can resolve it, it will give the client a positive or negative result of the resolution. This query only requires one query to be issued for results.
Iterative query:
When the client sends a request to the DNS server, if the DNS server itself cannot resolve it, it will query again to the next DNS server until the query result is returned. The goal of this query is constantly changing, and multiple queries need to be launched to obtain the query results.
2. Query principle process
① First check the cache record of this machine
②Query hosts file
③Query the dns domain name server and hand it over to the dns domain name server for processing.
The above process becomes a recursive query: I want an answer and you will give me the result directly.
④This dns server may be a local domain name server and also has a cache. If there is a result, the result will be returned directly. If not, proceed to the next step.
⑤ Ask the root domain server for help. The root domain server returns the top-level domain server that may know the result and asks him to find the top-level domain server.
⑥Ask the top-level domain server for help. The top-level domain server returns the second-level domain server that may know the result, and then he goes to the second-level domain server.
⑦ Ask the secondary domain server for help. The secondary domain server queries and finds that it is my host, and returns the queried IP address to the local domain name server.
⑧The local domain name server records the results into the cache, and then returns the corresponding relationship between the domain name and IP to the client.
Three. Configuration File
1. Configuration file location
Software name: bind
Service name: named
①. Main configuration file
/etc/named.conf
②. Regional configuration file
/etc/named.rfc1912.zones management domain name
③. Database configuration file
/var/named/domain name
2. Resource record
SOA records
Notice:
-
Forward resolution of the current zone’s primary DNS server. You can also use the name of the current zone.
-
The email address of the current regional administrator; however, the @ symbol cannot be used in the address, and is generally replaced with .
-
Master-slave service area transmission related definitions and unified TTL for negative answers
name [TTL] IN rr_type value Domain Name Cache Internet Protocol Resource Type Value 1. TTL can inherit the cache time from the global 2. Use the "@" symbol to refer to the domain name of the current zone 3. The same name can be defined with multiple different values through multiple records; at this time the DNS server will respond in a polling manner. 4. The same value may also have multiple different definition names; multiple different names point to the same value for definition; this only means that the same host can be found through multiple different names. $TTL 1D (unified ttl definition is 1 day, if D is not written, it is seconds) @ IN SOA master.kgc.com. admin.kgc.com. ( Current server name Email address 0; serial #Whether there is an update, version number, update file, manually add 0 to 1 1D; refresh #refresh time pull time 1H ; retry #Try again one hour after failure 1W; expire #Expiration time, always unable to be retrieved, expires after 1 week 3H ) ; minimum #Always check the wrong resolution address. If cached within 3 hours, the user will return directly to the error that it cannot be found
NS records
Notice:
-
When the names of two adjacent resource records are the same, the subsequent ones can be omitted.
-
For NS records, any server name following an ns record should be followed by an A record.
-
A zone can have multiple NS records
master IN NS kgc.com. master IN NS kgc.com. NS master
MX records
Notice:
-
There can be multiple MX records in a region; but there should be a number (0-99) before the value of each record, indicating the priority of this server; the smaller the number, the higher the priority.
-
For MX records, any server name following an MX record should be followed by an A record.
mail IN MX 10 mx1.kgc.org. IN MX 20 mx2.kgc.org. mx1 A 192.168.91.10 mx2 A 192.168.91.10
A record
name: Domain name resolution of a certain host, for example: www.kgc.com
value: The IP address of the host corresponding to the host name
To avoid giving wrong answers when users write wrong names, they can be resolved to a specific address through pan-domain name resolution.
www.kgc.com. IN A 1.1.1.1 www.kgc.com. IN A 2.2.2.2 www.kgc.com. IN A 3.3.3.3 www.kgc.com. IN A 4.4.4.4 * IN A 5.5.5.5 # represents the domain name @ IN A 6.6.6.6 # stands for no name
PTR record
3.2.1.in-addr.arpa. IN PTR www.kgc.org. #For example, 1.2.3 is the network address, which can be abbreviated as: 4 IN PTR www.kgc.com
CNAME alias record
name: FQDN of the alias value: FQDN of the real name ftp.kgc.com. IN CNAME www.kgc.com
#Fixed format name [TTL] IN rr_type value Cache time internet record regional parsing library value $TTL 1D @ IN SOA master.kgc.com. admin.kgc.com. ( 0;serial 1D; refresh 1H; retry 1W; expire 3H ) ;minimum NS master.kgc.com. master A 192.168.91.100 www A 192.168.91.103 dbA 192.168.91.101 IN MX 10 mail.kgc.com. mail A 192.168.91.10 ftp CNAME www $TTL 1D #Effective parsing record lifetime @ in SOA benet.com. admin.benet.com. ( #The "@" symbol represents the current DNS zone name 0; serial #Update serial number, which can be an integer within 10 digits 1D; refresh #Refresh time, interval for re-downloading address data 1H; retry #Retry delay, retry interval after download failure 1W; expire #Expiration time, if it cannot be downloaded after this time, give up# 3H) ; minimum #The lifetime of invalid parsing records, NS benet.com. #Record the name of the DNS server in the current zone A 192.168.80.10 #Record the host IP address IN MX 10 mail.benet.com. #MX is the mail exchange record. The larger the number, the lower the priority. www IN A 192.168.80.10 #Record the IP corresponding to forward resolution www.benet.com mail IN A 192.168.80.11 #MX is the mail exchange record. The larger the number, the lower the priority. ftp IN CNAME www #CNAME uses aliases, ftp is the alias of www * IN A 192.168.80.100 #Pan domain name resolution, "*" represents any host name
Four. Forward analysis steps
1. Experiment preparation
Turn off the firewall and security mechanism and install bind software
yum install bind* -y
yum install bind bind-utils -y
2. Configure the DNS resolution address of the ens33 network card
vim /etc/sysconfig/network-scripts/ifcfg-ens33
systemctl restart network
3. Modify the main configuration file and reload the DNS service
vim /etc/named.conf
rndc reload
4. Configure regional configuration file
vim /etc/named.rfc1912.zones
5.Edit database file
cd /var/named/
cp named.localhost ./ky33.com.zone -p
6. Experimental results
The knowledge points of the article match the official knowledge files, and you can further learn relevant knowledge. CS entry skill treeLinux introductionFirst introduction to Linux 38136 people are learning the system