DNS Domain name resolution service

1. summary

DNS The domain name system （Domain Name System abbreviation DNS,Domain Name Translated as domain name ） It's a core service of the Internet , It can be used to IP A distributed database with address mapping , Can make people more convenient access to the Internet , Instead of remembering what can be read directly by the machine IP Number string

DNS The role of ：

■ Forward analysis ： Search for the corresponding IP Address （A Record ）

■ Reverse DNS ： according to IP Address to find the corresponding domain name （P Record ）

■ DNS The distributed data structure of the system

DNS The default port is 53

DNS The agreement is divided into TCP and UDP

TCP It is used for area transmission , Mostly used for master-slave synchronization

In a district DNS The server reads the data file of this area DNS Data and information , And auxiliary DNS The server is from the master of the zone DNS The server reads the DNS Data and information

UDP Is used to do DNS Analytic

domain name ： Usually a fully qualified domain name （FQDN） identification .FQDN The entire Fully Qualified Domain Name, It can accurately express its relative to DNS The location of the root of the domain tree , That is, nodes DNS The complete expression of tree roots , Reverse writing from node to root , And use “.” Separate

Be careful ： Usually ,FQDN There are strict naming restrictions , The length cannot exceed 256 byte , Only characters... Are allowed a-z,A-Z,0-9 And minus sign （-）, Order number （.） Only allowed between domain name flags or FQDN Use at the end of , Domain names are not size sensitive , From the top to the bottom , Can be divided into ： Root region 、 Top-level domain 、 The secondary domain 、 Subdomain

FQDN= Host name + domain name

example ：www.baidu.com.

The front must be the host , The last dot represents the root domain , The root field is usually omitted

example ：http://www.sina.com.cn./

http:// Host name . Subdomain . The secondary domain . Top-level domain . Root region /

2. Forward parsing query process

1） recursive query

① First check the cache record of this machine

② Inquire about hosts file

③ Inquire about DNS Domain name server , hand DNS Domain name server processing

Recursive query is a kind of DNS The query mode of the server , In this mode DNS The server received a client request , You must reply to the client with an accurate query result . If DNS The server does not store queries locally DNS Information , Then the server will ask other servers , And submit the returned query results to the client

2） Iterative query

① This DNS The server may be a local domain name server , There is also a cache , If there is a direct return result , If not, proceed to the next step

② Help the root domain server , The root domain server returns the top-level domain server that may know the result and asks it to find the top-level domain server

③ Help top servers , The top-level server returns the secondary domain server that may know the result and asks it to find the secondary domain server

④ Turn to the secondary domain server , The secondary domain server found that it is my host , Find out IP The address is returned to the local domain name server

⑤ The local domain name server logs the results to the cache , Then put the domain name and IP The corresponding relationship of returns to the client

DNS Another query method of the server is iterative query , When the client sends a query request ,DNS The server does not reply directly to the query results , Instead, tell the client another DNS Server address , The client will go to this DNS The server submits the request , Loop back and forth until the result of the query is returned

3. Domain name Architecture

1） Root region

It generally represents a type of organization or country or region , Such as net（ Internet companies ）、com（ business ）、org（ Civil society organizations ）、edu（ education ）、gov（ The government ）、mil（ military ）、cn（ China ）、jp（ Japan ）、hk（ Hong Kong, China, ）

2） The secondary domain

Used to identify a specific organization in the top-level domain , The secondary domain names under the national top-level domain are managed by the national network department , Such as .cn

The secondary domain name set under the top-level domain name ： .com.cn 、.net.cn 、 .edu.cn etc.

3） Subdomain

The top-level domains are all sub domains

4） host

The host is at the bottom of the domain name space , It's a concrete computer , Such as www、mail It's all specific computer names

4.DNS System type （ understand ）

■ Primary domain server

● given DNS The authoritative server of the region , Have uniqueness

● Responsible for maintaining all domain names in the region —》IP Mapping record of address

● The address data file of the area in charge of your resume is required

■ From the domain name server

● Also known as a secondary domain name server , It is a hot backup of the primary domain name server

● The domain name it maintains —》IP The address record comes from the primary domain name server

● You need to automatically synchronize the regional address database from the primary domain name server

■ Cache domain name server

● Also known as DNS Cache server

● Obtain the domain name by querying other domain name servers —》 IP Address record

● Cache the domain name query results to the local , Speed up duplicate queries

■ Forward DNS

5.DNS Service configuration

1）BIND Software installation

BIND (Berkeley Internet Name Daemon)

BIND Is the most widely used DNS Service program

The official site : https://www.isc.org/

[[email protected] ~]# yum install -y bind

2） Modify the main configuration file

 View the configuration file 
[[email protected] ~]# rpm -qc bind
/etc/logrotate.d/named
/etc/named.conf
/etc/named.iscdlv.key
/etc/named.rfc1912.zones
/etc/named.root.key
/etc/rndc.conf
/etc/rndc.key
/etc/sysconfig/named
/var/named/named.ca
/var/named/named.empty
/var/named/named.localhost
/var/named/named.loopback

Modify the main configuration file

/etc/named.conf                 # Master profile  （ Define global configuration ）
/etc/named.rfc1912.zones        # Zone profile  （ Define what domain name to resolve ）
/var/named/named.localhost      # Zone data profile  （ The domain name that needs to be resolved , How to parse , Forward parsing 、 Reverse DNS ）

[[email protected] ~]# vim /etc/named.conf

[[email protected] ~]# vim /etc/named.rfc1912.zones

Be careful ： Don't lose the semicolon

/var/named/named.localhost         # This file is a template , It describes how to combine the domain name and IP To analyze 

[[email protected] ~]# cd /var/named
[[email protected] named]# cp -p named.localhost liwenbin.com.zone
[[email protected] named]# ls
data     liwenbin.com.zone  named.empty      named.loopback
dynamic  named.ca           named.localhost  slaves
[[email protected] named]# vim liwenbin.com.zone

 Try to parse www.baidu.com

[[email protected] ~]# nslookup www.baidu.com
Server:		114.114.114.114
Address:	114.114.114.114#53

Non-authoritative answer:
Name:	www.baidu.com
Address: 36.152.44.96
Name:	www.baidu.com
Address: 36.152.44.95

[[email protected] ~]# vim /etc/resolv.conf
nameserver 192.168.36.131

 Turn on named
[[email protected] ~]# systemctl start named

 Try to parse www.liwenbin.com
[[email protected] ~]# nslookup www.liwenbin.com
Server:		192.168.36.131
Address:	192.168.36.131#53

Name:	www.liwenbin.com
Address: 192.168.36.131

[[email protected] ~]# nslookup ttt.liwenbin.com
Server:		192.168.36.131
Address:	192.168.36.131#53

Name:	ttt.liwenbin.com
Address: 192.168.36.100

3） Summary

Global profile

Effective range ： At present DNS host

To configure ：①Listen 53 ②allow The rules

Zone profile

The core is ： Judge whether it is forward parsing or reverse parsing , Define which domain name we need to resolve , And point to the specific implementation of the domain name —IP Resolve the configuration file of the relationship （ Zone data profile ）

Zone data profile

Defines the domain name and local IP

Various host names and IP Analytical relationship of , for example ：www、ftp、mail、*（ Pan domain name resolution ）