DNS domain name resolution service for Linux Network

Posted by sleepingdanny on Fri, 08 Oct 2021 00:14:42 +0200


1. DNS self introduction:

2. DNS server type:

(1) Cache domain name server:

(2) Primary domain name server:

(3) From domain name server:

3. DNS query type and principle:

4. Forward resolution:

5. DNS forward and reverse resolution project experiment of Linux Network Service:

DNS reverse resolution:

1. DNS self introduction:

  Communication between devices in TCP/IP network is realized by using and relying on IP address. However, the IP address in digital form is difficult to remember (, while the address in domain name form is more intuitive and easier to remember by users (www.baidu.com).

Domain name resolution: it is a service that points the domain name to the website space IP so that people can easily access the website through the registered domain name. IP address is the digital address identifying the site on the network. In order to facilitate memory, domain name is used instead of IP address to identify the site address. Domain name resolution is the conversion process from domain name to IP address. The domain name resolution is completed by the DNS server.

Domain name resolution: also known as domain name pointing, server setting, domain name configuration, reverse IP registration, etc. To put it simply, it resolves the easy to remember domain name into IP. The service is completed by the DNS server. It resolves the domain name to an IP address, and then binds a subdirectory to the domain name on the host of the IP address.

2. DNS server type:

(1) Cache domain name server:

The cache function of domain name resolution results is provided to improve query speed and efficiency, but there is no regional address data under your control.

(2) Primary domain name server:

Manage and maintain the server of the domain resolution library responsible for resolution.

(3) From domain name server:

Resolve the library copy from the master or slave server replication (zone transfer).


IPv4 root name servers: there are 13 DNS servers responsible for resolving root domains in the world, including 10 in the United States, 1 in the United Kingdom, 1 in Sweden and 1 in Japan

IPv6 root name servers: there are 25 in the world, including 1 master and 3 slave in China and 1 master and 2 slave in the United States

3. DNS query type and principle:

(1) Recursive query: generally, the query between the client and the local DNS server belongs to recursive query, that is, after the client sends a request to the DNS server, if the DNS server itself cannot resolve, it will send a query request to another DNS server and transfer the final positive or negative result to the client. The source and target of this query remain unchanged. In order to query results, you only need to initiate a query once. (you don't need to do it yourself)

(2) Iterative query: generally (with exceptions), the query from the local DNS server to other DNS servers is an iterative query. For example, if the other party cannot return the authoritative result, it will initiate the query again to the next DNS server (refer to the result returned by the previous DNS server) until the query result is returned. The source of this query remains unchanged, but the target of the query is constantly changing. It is generally necessary to initiate multiple queries for query results. (you need to do it yourself)

Local name resolution profile: hosts
Linux: /etc/hosts
windows: c/windows/system32/drivers/etc/hosts

windows System query dns Cache command: ipconfig /displaydns
windows System cleaning dns Cache command: ipconfig /flushdns

Large and distributed Internet DNS resolution Library:

Root. Root domain name DNS server: responsible for root domain name;

Primary DNS server: it is specially responsible for the resolution of primary domain names (generally representing a type of organization or country or region);

. com (industrial and commercial enterprises)         . Net (network provider)       . Edu (educational institution)          . CN (Chinese national domain name)         . Org (group organization)         . gov (government department)

  Supplementary domain name address: is the DNS commonly used by China Mobile, China Telecom and China Unicom. Both mobile phones and computers can be used. is the DNS provided by GOOGLE. The address is universal in the world. Relatively speaking, it is more suitable for foreign countries and users visiting foreign websites. and are alicloud DNS.

4. Forward resolution:

Regional resolution Library: it is composed of many resource records (RR);

Record type: A, AAAA, PTR, SOA, NS, CNAME, MX;

SOA: initial authorization record. An area resolution library has and can only have one SOA record, which must be located in the first record of the resolution library;

A (internet Address): resolves domain names to IP addresses.


PTR (PoinTeR): reverse resolution, ip address resolution into domain name.

NS (Name Server): DNS server dedicated to indicating the current zone. The server type is domain Name Server.

CNAME: alias record.

MX (mail exchange): Mail eXchanger.

TXT: a way to identify and describe the domain name. Generally, this item will be used when making verification records, such as SPF (anti spam) records, https verification, etc;

#Fixed format
name    [TTL]       IN              rr_type         value
        Cache time     internet record     Area resolution Library        value

@       IN SOA  master.abc.com. admin.abc.com. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        NS      master.abc.com.
master  A
www     A
db      A
IN      MX 10   mail.abc.com.
mail    A
ftp     CNAME   www

$TTL 1D                                    #Lifetime of valid resolution records
@   in SOA benet.com. admin.benet.com. (   #The "@" symbol indicates the current DNS zone domain name
                     0   ; serial          #Update serial number, which can be an integer within 10 digits
                    1D   ; refresh         #Refresh time, the interval between re downloading address data
                    1H   ; retry           #Retry delay, retry interval after download failure
                    1W   ; expire          #Failure time,If you still cannot download after this time, you will give up#
					3H)  ; minimum         #Lifetime of invalid resolution record,
        NS      benet.com.         #Records the name of the DNS server for the current zone
        A        #Record host IP address
IN   MX 10    mail.benet.com.      #MX is a mail exchange record. The higher the number, the lower the priority
www  IN A        #Record the IP corresponding to forward resolution www.benet.com
mail IN A        #MX is a mail exchange record. The higher the number, the lower the priority 
ftp  IN CNAME  www                 #CNAME uses an alias, and ftp is the alias of www
*    IN A         #Pan domain name resolution, "*" represents any host name

5. DNS forward and reverse resolution project experiment of Linux Network Service:

#Install bind package using yum
[root@localhost ~]#yum install bind bind-utils -y
#Turn off firewall
[root@localhost ~]#systemctl stop firewalld.service
[root@localhost ~]#setenforce 0
#Open service
[root@localhost ~]#systemctl start named
#Filter and check named
[root@localhost ~]# netstat -natp | grep named
tcp        0      0  *               LISTEN      2136/named          
tcp        0      0 *               LISTEN      2136/named          
tcp6       0      0 ::1:53                  :::*                    LISTEN      2136/named          
tcp6       0      0 ::1:953                 :::*                    LISTEN      2136/named          
#Change network card domain name DNS address
[root@localhost ~]#vim /etc/sysconfig/network-scripts/ifcfg-ens33 
#Restart the network card
[root@localhost ~]#systemctl restart network
#View profile package
[root@localhost ~]# rpm -qc bind

#First host Baidu domain name address
[root@localhost ~]# host www.baidu.com
;; connection timed out; no servers could be reached
#Modify the configuration
[root@localhost ~]#vim /etc/named.conf 
#You can modify the configuration, comment, or delete these two lines
listen-on port 53 { any; };
allow-query     { any; };
# // listen-on port 53 {; };
# // allow-query     { localhost; };

#Reload DNS Service
[root@localhost ~]#rndc reload
server reload successful
#host Baidu domain name again
[root@localhost ~]# host www.baidu.com
www.baidu.com is an alias for www.a.shifen.com.
www.a.shifen.com has address
www.a.shifen.com has address

#Write your own domain name
[root@localhost named]# vim /etc/named.rfc1912.zones 
zone "apple.com" {
   type master;
   file "apple.com.zone";
   allow-update { none; };
#cd to the / var/named directory
[root@localhost ~]# cd /var/named/
[root@localhost named]# ls
data  dynamic  named.ca  named.empty  named.localhost  named.loopback  slaves
#Reserved permission replication
[root@localhost named]# cp -p named.localhost apple.com.zone
#Edit the database file and analyze the corresponding relationship of records
[root@localhost named]#vim apple.com.zone
@       IN SOA  master.apple.com. admin.apple.com. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        NS      master.apple.com.
master  IN      A
www             A
                MX  10  mail.apple.com.
mail    IN      A
ftp     IN      CNAME   www
*               A   #Represents a pan domain name
@               A   #Represents that the host name is not required
#Restart the service
[root@localhost named]# rndc reload
server reload successful
#Client 1 accesses the domain name written by the server
[root@localhost ~]# cat /etc/resolv.conf 
# Generated by NetworkManager
[root@localhost ~]# host www.apple.com
www.kgc.com has address
www.kgc.com mail is handled by 10 mail.kgc.com.
[root@localhost ~]# host mail.kgc.com
mail.kgc.com has address
[root@localhost ~]# host wwwwwwww.kgc.com
wwwwwwww.kgc.com has address
[root@localhost ~]# host kgc.com
kgc.com has address
#Client 2 does http service experiment and test
#Install httpd package using yum first
[root@localhost ~]# yum install httpd -y
 already installed:
  httpd.x86_64 0:2.4.6-97.el7.centos                                               
Installed as a dependency:
  apr.x86_64 0:1.4.8-7.el7                      apr-util.x86_64 0:1.5.2-6.el7     
  httpd-tools.x86_64 0:2.4.6-97.el7.centos      mailcap.noarch 0:2.1.41-2.el7     

[root@localhost ~]# cd /var/www/html
[root@localhost html]# ls
[root@localhost html]# vim index.html
[root@localhost html]# ls
[root@localhost html]# ifconfig 
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet  netmask  broadcast
#Start httpd service
[root@localhost html]# systemctl start httpd

#Server side or browser access IP address
[root@localhost named]# curl
hello word....
[root@localhost named]# curl www.apple.com
hello word....

DNS reverse resolution:

#Server side
#Modify the area configuration file first (add at the end of the text)
zone "59.168.192.in-addr.arpa" IN {
        type master;
        file "yun.com.zone";
        allow-update { none; };
#Copy forward parse file
[root@localhost named]# cp apple.com.zone yun.com.zone -p
#Edit file
[root@localhost named]# vim yun.com.zone 
@       IN SOA  master.yun.com. admin.yun.com. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        NS      master.yun.com.
master  IN      A
100     IN      PTR     www.yun.com.
88      IN      PTR     db.yun.com.
#Restart service
[root@localhost named]# rndc reload
server reload successful

#Client authentication
[root@localhost ~]# host domain name pointer www.yun.com.
[root@localhost ~]# host domain name pointer db.yun.com.


DNS is very important in the network. For the resident contestants in the interview questions of major manufacturers, you can learn more about the principles and steps of domain name resolution service, and be able to build master-slave domain names and separate domain name resolution servers.

Topics: Linux