1. Function and type of DNS system
1. The function of DNS system
1. Forward analysis
Find the corresponding IP address according to the domain name (resolve the domain name into an IP address to facilitate user access)
2. Reverse analysis
Find the corresponding domain name according to the IP address, a distributed database that maps domain names and IP addresses to each other.
2. Distributed data structure of DNS system
3.CDN cache server
Cache servers are distributed to regional networks where user visits are relatively concentrated, and the principle of proximity is implemented when users visit, which is faster and more stable.
There is a one-to-many relationship between domain names and IP addresses. An IP does not necessarily correspond to only one domain name, and a domain name can only correspond to one IP address.
4.DNS system type
1. Cache Domain Name Server
(1) Also known as DNS cache server.
(2) Obtain the domain name -> IP address record by querying other domain name servers.
(3) Cache the domain name query results locally to improve the speed of repeated queries.
2. Primary domain name server
(1) The authoritative server of a specific DNS zone is unique
(2) Responsible for maintaining the mapping records of all domain names -> IP addresses in the area
(3) It is necessary to establish the address data file of the responsible area by itself
3. From domain name server
(1) Also known as a secondary domain name server, it is a hot backup for the primary domain name server
(2) The domain name -> IP address record it maintains comes from the main domain name server
(3) The zone address database needs to be automatically synchronized from the primary domain name server
2. The query type, process and principle of DNS resolution
Query process:
(1) Look at the local cache (hosts) If there is no hosts, go to the second step
(2) The domain name server (operator) of dns, if there is no dns, go to the third step
(3) Go to the root domain server to check (the root domain server knows the result but will not directly inform it, and will let you go to the top-level domain to find it)
(4) Top-level domain server (do not tell the result directly, let you search for the second-level domain that you may know)
(5) Second-level domain (the domain name is unique, if the result is not told, the sub-domain knows the IP address)
(6) Subdomain feedback result (return user result – domain name server – local cache – user)
Iteration refers to the root domain to the top-level domain to the second-level domain, each time will increase a little more than the previous result
Recursion refers to the process of feedback to users, layer by layer feedback, there is no incremental relationship
6.bind parsing server
1.bind service type
hint – follow the area
master – main area
slave – slave zone
2. The role of bind parsing server
It is used to divide DNS in the intranet, which is convenient for internal access and use
7. DNS resolution configuration
1. Forward analysis
1. First check the path of the configuration file that needs to be modified
rpm -qc bind--query the path of the bind software configuration file
Install:
/etc/named.conf - the main configuration file /etc/named.rfc1912.zones - zone configuration files /var/named/named.localhost - regional data configuration file (template file, cannot be changed directly in the original file)
2. Modify the main configuration file
vim /etc/named.conf
3. Modify the area configuration file and add forward area configuration
vim /etc/named.rfc1912.zones
4. Configure the forward zone data file
cd /var/named/ cp -p named.localhost zjf.com.zone-need to retain the permissions of the source file and copy the attributes of the owner (-p) vim /var/named/zjf.com.zone
5. Set the IP address as the resolution address
vim /etc/resolv.conf
6. Restart, close the firewall and security mechanism
systemctl stop firewalld setenforce 0
7. The second machine resolves the address
2. Reverse analysis
1. Configure regional configuration file
vim /etc/named.rfc1912.zones
2. Copy zone file
cd /var/named cp -a ky29.com.zone ky29.com.zone.local
3. Configuration slave file
vim ky29.com.zone.local
4. Restart
systemctl restart named
5. The second machine resolves the address
3 master-slave server analysis
1. Main server configuration
Set the IP address as the resolution address, and it will take effect immediately after modification
vim /etc/resolv.conf
2. Modify the regional configuration file
vim /etc/named.rfc1912.zones
3. Restart
systemctl restart named
4. Configuration from the server
5. Modify the main configuration file
vim /etc/named.conf
6. Modify the regional configuration file
vim /etc/named.rfc1912.zones
7. Restart
systemctl restart named
8. Set the IP address as the resolution address, which will take effect immediately after modification
vim /etc/resolv.conf
9. Detection
10. Main server analysis
11. Close the master server to test the slave server
systemctl stop named
