1, domain name system
The domain name system is a distributed database, which allows locally responsible for controlling part of the entire distributed database. The data in each segment can be accessed through the customer and server mode on the entire network. By using replication technology and caching technology, the entire database is reliable and has good performance.
The domain name server contains information about partial segments of the database and can be accessed by customers called parsers. The DNS database structure forms an inverted tree structure, with the root name represented by an empty string "" but written in the text with "." Each node of the tree represents a partition (domain) in the entire distributed database. Each domain can be further divided into child partitions (domain). Each domain has a label (LABEL), indicating its relationship with the parent domain. The domain also has a domain name, giving its location in the entire distributed database. In DNS, the full domain name is a sequence of tags from the domain to the root, separating the tags with "." The tag can contain up to 63 characters. The complete domain name of each node in the tree is the sequence of tags on the path from that node to the root.
If the root domain appears in the node's domain name, the name looks like it ends with a dot (actually ends with a dot and an empty tag). These dot-end domain names are called Absoulte Domain Name, and dot-end dot-end is called relative domain names. Domains is a subtree in the tree-like domain name space, and the domain name of the domain is the same as the domain name of the root node of the subtree. In other words, the name of the domain is the name of the highest level node in the domain. For example, the top of the domain is a node named .
In DNS, each domain is managed by a different organization. Each organization can divide its domain into a certain number of subdomains and delegate these subdomains to other organizations for management. The domain can include both the host and other domains (its subdomains). Domain names are used as indexes in DNS databases. Any domain name in a subdomain is considered part of the domain. In fact, the host is a domain, and the domain name is only an index in the DNS database. The "host" can be indexed by a domain name pointing to the relevant host information. The domain contains all hosts whose domain names are in the domain.
In the domain name tree, the domains of the leaf nodes usually represent the host, and their domain names can point to network addresses, hardware information, and mail routing information. In a node in the tree, its domain name can either name a host or point to structural information about the descendants or subdomains of the domain. The internal domain names in the domain name tree are not restricted by uniqueness. They can represent the domain they correspond to, and they can represent a specific host in the network. For example, it is both a domain of sun and the domain name of the mail server that forwards messages between sun and the internet.
Each host on the network has a domain name. The domain name gives information about the host, which contains IP address, MAIL routing information, etc. The host can also have one or more domain aliases.
1.1 Domain Name
A simple way to determine whether a domain is a subdomain of another domain is to compare their domain names, and the subdomain ends with their parent domain names. One of the main purposes of designing a domain name system is to decentralize management, which is achieved through proxy. Organizations that manage domains divide the domain into subdomains, each subdomain can be proxyed by other organizations, meaning that those proxy organizations are responsible for maintaining all data in that subdomain. They are free to change the data, and even re-dividing the subdomains they manage into more subdomains and redistribute them. The parent domain contains only pointers to these child domains, thus referring to the query there.
1.2 Domain Name Server
The program that stores information about the domain name space is called a domain name server. Usually, the domain name server has complete information about part of the domain name space (called zone zones), and the domain name server can have authorization for multiple zones.
Relationship between regions:
The zone contains all domain names and data contained in the domain except for the subdomains that are proxyed to other places. If the subdomain of a domain is not proxyed, the area contains the subdomain name and data in the subdomain.
DNS defines two types of domain name servers: primary Master and secondary domain name server. The SM domain name server obtains the data of the zone it is responsible for from the files on the host it is running, and the SM domain name server obtains the data of its zone from other domain name servers authorized by the zone. The SM domain name server will regularly query the PM domain name server to ensure that the zone data is the latest version.
Generally speaking, it is best to set up a PM domain name server and several SM domain name servers to share the load. It also ensures that all hosts in the area have relatively close domain name servers for easy access.
1.3 parser
Resolver is needed for running on the host and requiring domain namespace information. In bind, the parser is just a set of library routines and compiled into programs like telnet and ftp. They are not independent processes. The work done by the parser is: gather queries, send queries and wait for answers, and resend queries when no response is received.
1.4 Address to domain name mapping
The data in the domain name space is indexed by name, and it is relatively easy to find the address of a given domain name. However, to find a domain name mapped to a certain address, you need to search every domain name space on the tree. If this is the case, the efficiency will be quite inefficient. To solve this problem, create a domain namespace indexed by the address. This part of the namespace is called a domain.
The nodes in the domain represent the IP address in the form of Doted-octet (a method of decimal 32bit IP address as four 8-bit decimal forms separated by "."). The IP address is represented in the opposite direction in the name space, because the name is read from the leaf to the root, for example, the IP address is 202.105.177.100, and the corresponding subdomain is 177.105., so that the first byte in the IP address appears at the highest level of the tree allows the administrator to proxy the domain along the network connection, for example
177.105. Can be proxyed to the administrator of network 177.105.202.
1.5 Cache and lifetime
When a name server processes recursive queries, it may have to conduct multiple queries to obtain information. In this process, the name server can obtain a lot of information about the domain name space, and the name server will cache all this information to speed up future queries. In addition to accelerating query, caching also allows us to not have to query the root name server again, which allows us to not have to rely too much on the root name server and greatly reduce the load on the root name server.
The lifetime (TTL) is the length of time that the name server allows to cache data. Once the lifetime has reached, the name server must discard the cached data and re-get new data from the authorized name server. This ensures consistency of domain data across the entire network.
2. Install server software
2.1 Get the bind package (now the new version is 8.2.2 p5)
Get the latest stable version of three files from bind's homepage http://:
Or get three files from http://:
bind-8.2.2-p5-9.
bind-devel-8.2.2-p5-9.
cache-nameserver-6.
2.2 Install the bind package
Install the package packages encapsulated by tar:
(1) Unzip the software package first
tar zxpf
tar zxpf
tar zxpf
(2) Edit and modify files, add or modify
'DESTLIB=/usr/lib/bind/lib'
'DESTINC='/usr/lib/bind/include'
(3) Compile and install
make
make install
(4) Install rpm package:
rpm -Uhv bind-8.2.2-p5-9.
rpm -Uhv bind-devel-8.2.2-p5-9.
rpm -Uhv cache-nameserver-6.
3.Let the server run---Basics
3.1
BIND can be configured in several different ways of running. The general BIND is configured as a pure parser system, a pure cache server, a primary server, and a secondary server.
The parser refers to the program code that querys domain information through the domain name server. In the unix system, it is implemented in the form of a library routine, not a separate client program. The pure parser system is easy to configure, just set it up.
/etc/ file. This approach is often used in systems where domain name server software cannot be run locally due to certain restrictions.
For example: /etc/ content is similar to:
search
nameserver 202.106.0.20
When configuring the parser library to use the BIND name service for host searches, you must also tell it which name server to use. There is a separate file for this, called. If the file does not exist or is empty, the parser assumes that the name server is on your local host. If you run a name server on your localhost, you must set it up separately. The most important option in this is the nameserver, which gives the IP address of the name server to use. If you specify several name servers by giving the nameserver option several times, they will be tried in the order given. Therefore, you should first give the most reliable server. Currently, up to three name servers are supported. If the nameserver option is not given, the resolver attempts to connect to the name server on the localhost.
The other two options, domain and search, involve the default domain attached to the hostname if BIND cannot resolve the hostname with the first request. The search option specifies a trial domain name list. List items are separated by spaces or tabs.
If the search option is not given, a search list is created from the local domain name and from the parent domain of root by using the domain name itself. The local domain name can be given using the domain statement; if none of it is given, the parser will be obtained through the system call getdomainname(2).
3.2 The other three types of configuration methods are pure cache server used for domain name servers. The pure cache server runs the domain name server software, but does not have the domain name server database file. It records each data obtained from the remote domain name server to answer future queries for the same information.
(1) Three basic configuration files required for pure cache servers:
/etc/
/var/named/
/var/named/
(2) Create or modify /etc/:
// generated by
options
{
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
forwarders {202.99.8.1;202.106.0.20;};
};
//
// a caching only nameserver config
//
zone '.'
{
type hint;
file "";
};
zone '0.0.'
{
type master;
file "";
};
(3) In the file 'forwarders {202.106.0.20;202.99.8.1;};'The IP address is the main server in your network
The IP address of the server and secondary server.
(4) Create or modify /var/named/:
@ IN SOA localhost. . (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS localhost.
1 IN PTR localhost.
(5) Create or modify /var/named/:
As for /var/named/, you need to obtain it from the redhat linux disc. You can also use the command to obtain it from the Internet:
dig @ > /var/named/
If it is installed with rpm package, these three files will be automatically generated, we only need to modify it
/etc/ . Among them /var/ is generally not required to be modified.
Article entry: csh Editor in charge: csh