I. background
By the end of 1970s, ARPAnet was a very small and friendly network with hundreds of hosts. Only one file named HOSTS.TXT is needed to hold all the host information that needs to be known: it contains name-to-addressmapping of all host names connected to ARPAnet.
TXT files are maintained by SRI’s Network Information Center (NIC) and distributed from one host SRI-NIC to the entire network. ARPAnet administrators usually notify the NIC by email and regularly FTP to SRI-NIC to obtain the latest HOSTS.TXT file.
However, with the growth of ARPAnet, this method does not work. The change of each host will result in the change of HOSTS.TXT, resulting in all hosts needing to obtain updated files on SRI-NIC. After ARPAnet adopted TCP/IP protocol, the number of hosts on the network exploded and the following problems occurred:
- Flow and load:
- Name conflict:
- Consistency
Introduction to DNS
DNS(Domain Name System), a distributed database on the World Wide Web that maps domain names and IP addresses to each other, can make it easier for users to access the Internet without remembering the IP number strings that can be read directly by machines. The process of finally obtaining the IP address corresponding to the domain name through the domain name is called domain name resolution (or hostname resolution). The DNS protocol runs over UDP and uses port number 53. In RFC documents, RFC 2181 specifies DNS, RFC 2136 specifies dynamic update of DNS, and RFC 2308 specifies reverse caching of DNS queries.
Three, DNS data structure
3.1 DNS record type
The correspondence between domain name and IP is called “record”. According to the purpose of the use of different, and divided into different types, common DNS record types are as follows:
- A: Address Record (ADDRESS), which returns the IP address pointed to by the domain name.
- NS: Domain Name Server Record (NAME Server), which returns the server address where the next-level domain name information is stored. This record can only be set as a domain name, not as an IP address.
- MX: Mail eXchange, which returns the address of the server receiving the e-mail.
- CNAME: Canonical Name, which returns another domain name, that is, the domain name currently queried is a jump to another domain name.
- PTR: Pointer Record, which is only used to query domain names from IP addresses.
3.2 working principle
DNS service work process
When a DNS client needs to query the name used in the program, it queries the local DNS server to resolve the name. Each query message sent by the client includes 3 pieces of information to specify the questions the server should answer.
- The specified DNS domain name, expressed as a fully qualified domain name (FQDN).
- Specifies the query type, which can specify resource records according to the type, or as a specialized type of query operation.
- The specified category of DNS domain names.
For DNS servers, it should always be designated as an Internet category. For example, the specified name can be a fully qualified domain name of the computer, such as im.qq.com, and the specified query type is used to search for address resource records through the name.
DNS queries are resolved in various ways. The client can sometimes respond to queries in place by using cached information obtained from previous queries. The DNS server can use its own resource record information cache to answer the query, or query or contact other DNS servers on behalf of the requesting client to fully resolve the name and then return the response to the client. This process is called recursion.
In addition, the client itself can also try to contact other DNS servers to resolve the name. If the client does this, it will use independent and additional queries based on server responses. This process is called iteration, i.e. interactive queries between DNS servers are iterative queries.
DNS query process
DNS installation
YUM installation
yum install bind* caching-nameserver
Source installation
tar zxvf bind-9.6.1.tar.gz
cd bind-9.6.1
./configure --prefix=/usr/local/bind9 --sysconfdir=/etc/named/ --enable-threads --disable-chroot --disable-ipv6
make && make install
Configure environment variables
vim /etc/profile.d/bind.sh
Append the following lines
export PATH=/usr/local/bind9/bin:/usr/local/bind9/sbin:$PATH
Help document viewing
man -M share/man/ named
vim /etc/man.config
Append the following lines
MANPATH /usr/local/bind9/share/man
DNS single point configuration
#修改/etc/named.conf
listen-on port 53 { any; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
recursion yes;
#(此处,做的是dns转发,当本地服务器无法解析的,如公网上的域名时,转发到114.114.114.114上)
forwarders { 114.114.114.114; };
};
#配置/etc/named.rfc1912.zones
zone "test.com" IN {
type master;
file "test.com.zone";
};
zone "40.168.192.in-addr.arpa" IN {
type master;
file "40.168.192.in-addr.arpa.zone";
};
#test.com.zone 配置文件
$TTL 600
@ IN SOA ns.test.com. root.test.com. (
201810131834 ; serial
300 ; refresh (5 minutes)
60 ; retry (1 minute)
604800 ; expire (1 week)
3600 ; minimum (1 hour)
)
@ IN NS ns.test.com.
ns IN A 192.168.40.105
mail IN A 192.168.40.103
rhl IN A 192.168.40.102
#40.168.192.in-addr.arpa.zone 配置文件
$TTL 600
@ IN SOA ns.test.com. root.test.com. (
201810151834 ; serial
300 ; refresh (5 minutes)
60 ; retry (1 minute)
604800 ; expire (1 week)
3600 ; minimum (1 hour)
)
@ IN NS ns.test.com.
103 IN PTR mail.test.com.
Master-slave synchronization of DNS
1) Primary Server Configuration
#修改/etc/named.conf
options {
listen-on port 53 { any; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
recursion yes;
#(此处,做的是dns转发,当本地服务器无法解析的,如公网上的域名时,转发到114.114.114.114上
forwarders { 114.114.114.114; };
#配置/etc/named.rfc1912.zones
zone "test.com" IN {
type master;
file "test.com.zone";
allow-update {none;};
#从服务器地址
allow-transfer {192.168.40.170;};
notify yes;
};
#反向解析
zone "40.168.192.in-addr.arpa" IN {
type master;
file "named.192.168.40";
allow-update {none;};
#从服务器地址
allow-transfer {192.168.40.170;};
notify yes;
};
2) Configuration of Slave Server
#修改/etc/named.conf
options {
listen-on port 53 { any; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
recursion yes;
forwarders { 114.114.114.114; };
};
#配置/etc/named.rfc1912.zones
zone "test.com" IN {
type slave;
file "slaves/test.com.zone";
#设置主dns服务器的地址
masters { 192.168.40.105; };
allow-update { none; };
};
zone "40.168.192.in-addr.arpa" IN {
type slave;
file "slaves/40.168.192.in-addr.arpa.zone";
masters { 192.168.40.105; };
allow-update { none; };
};
DNS profile check
#检查主配置文件
named-checkconf
#检查域名配置文件
named-checkzone test.com /var/named/test.com.zone
#测试正向解析
dig -t A rhl.test.com @192.168.40.105
#测试反向解析
dig -x 192.168.40.103 @192.168.40.105
Author: Qin Wei/Ji Baoman/Ren Hongli
Source:Yixin Institute of Technology
Expand reading:Data in Taiwan: Construction Practice of Yixin Agile Data in Taiwan | Record of Sharing