catalogue
(2) Primary domain name server:
3. DNS query type and principle:
5. DNS forward and reverse resolution project experiment of Linux Network Service:
1. DNS self introduction:
Communication between devices in TCP/IP network is realized by using and relying on IP address. However, the IP address in digital form is difficult to remember (64.233.189.147), while the address in domain name form is more intuitive and easier to remember by users (www.baidu.com).
Domain name resolution: it is a service that points the domain name to the website space IP so that people can easily access the website through the registered domain name. IP address is the digital address identifying the site on the network. In order to facilitate memory, domain name is used instead of IP address to identify the site address. Domain name resolution is the conversion process from domain name to IP address. The domain name resolution is completed by the DNS server.
Domain name resolution: also known as domain name pointing, server setting, domain name configuration, reverse IP registration, etc. To put it simply, it resolves the easy to remember domain name into IP. The service is completed by the DNS server. It resolves the domain name to an IP address, and then binds a subdirectory to the domain name on the host of the IP address.
2. DNS server type:
(1) Cache domain name server:
The cache function of domain name resolution results is provided to improve query speed and efficiency, but there is no regional address data under your control.
(2) Primary domain name server:
Manage and maintain the server of the domain resolution library responsible for resolution.
(3) From domain name server:
Resolve the library copy from the master or slave server replication (zone transfer).
Expansion:
IPv4 root name servers: there are 13 DNS servers responsible for resolving root domains in the world, including 10 in the United States, 1 in the United Kingdom, 1 in Sweden and 1 in Japan
IPv6 root name servers: there are 25 in the world, including 1 master and 3 slave in China and 1 master and 2 slave in the United States
3. DNS query type and principle:
(1) Recursive query: generally, the query between the client and the local DNS server belongs to recursive query, that is, after the client sends a request to the DNS server, if the DNS server itself cannot resolve, it will send a query request to another DNS server and transfer the final positive or negative result to the client. The source and target of this query remain unchanged. In order to query results, you only need to initiate a query once. (you don't need to do it yourself)
(2) Iterative query: generally (with exceptions), the query from the local DNS server to other DNS servers is an iterative query. For example, if the other party cannot return the authoritative result, it will initiate the query again to the next DNS server (refer to the result returned by the previous DNS server) until the query result is returned. The source of this query remains unchanged, but the target of the query is constantly changing. It is generally necessary to initiate multiple queries for query results. (you need to do it yourself)
Local name resolution profile: hosts Linux: /etc/hosts windows: c/windows/system32/drivers/etc/hosts windows System query dns Cache command: ipconfig /displaydns windows System cleaning dns Cache command: ipconfig /flushdns
Large and distributed Internet DNS resolution Library:
Root. Root domain name DNS server: responsible for root domain name;
Primary DNS server: it is specially responsible for the resolution of primary domain names (generally representing a type of organization or country or region);
. com (industrial and commercial enterprises) . Net (network provider) . Edu (educational institution) . CN (Chinese national domain name) . Org (group organization) . gov (government department)
Supplementary domain name address:
114.114.114.114 is the DNS commonly used by China Mobile, China Telecom and China Unicom. Both mobile phones and computers can be used.
8.8.8.8 is the DNS provided by GOOGLE. The address is universal in the world. Relatively speaking, it is more suitable for foreign countries and users visiting foreign websites.
223.5.5.5 and 223.6.6.6 are alicloud DNS.
4. Forward resolution:
Regional resolution Library: it is composed of many resource records (RR);
Record type: A, AAAA, PTR, SOA, NS, CNAME, MX;
SOA: initial authorization record. An area resolution library has and can only have one SOA record, which must be located in the first record of the resolution library;
A (internet Address): resolves domain names to IP addresses.
AAAA(FQDN): --> IPV6.
PTR (PoinTeR): reverse resolution, ip address resolution into domain name.
NS (Name Server): DNS server dedicated to indicating the current zone. The server type is domain Name Server.
CNAME: alias record.
MX (mail exchange): Mail eXchanger.
TXT: a way to identify and describe the domain name. Generally, this item will be used when making verification records, such as SPF (anti spam) records, https verification, etc;
#Fixed format
name [TTL] IN rr_type value
Cache time internet record Area resolution Library value
$TTL 1D
@ IN SOA master.abc.com. admin.abc.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS master.abc.com.
master A 192.168.91.100
www A 192.168.91.103
db A 192.168.91.101
IN MX 10 mail.abc.com.
mail A 192.168.91.10
ftp CNAME www
$TTL 1D #Lifetime of valid resolution records
@ in SOA benet.com. admin.benet.com. ( #The "@" symbol indicates the current DNS zone domain name
0 ; serial #Update serial number, which can be an integer within 10 digits
1D ; refresh #Refresh time, the interval between re downloading address data
1H ; retry #Retry delay, retry interval after download failure
1W ; expire #Failure time,If you still cannot download after this time, you will give up#
3H) ; minimum #Lifetime of invalid resolution record,
NS benet.com. #Records the name of the DNS server for the current zone
A 192.168.80.10 #Record host IP address
IN MX 10 mail.benet.com. #MX is a mail exchange record. The higher the number, the lower the priority
www IN A 192.168.80.10 #Record the IP corresponding to forward resolution www.benet.com
mail IN A 192.168.80.11 #MX is a mail exchange record. The higher the number, the lower the priority
ftp IN CNAME www #CNAME uses an alias, and ftp is the alias of www
* IN A 192.168.80.100 #Pan domain name resolution, "*" represents any host name5. DNS forward and reverse resolution project experiment of Linux Network Service:
#Install bind package using yum
[root@localhost ~]#yum install bind bind-utils -y
#Turn off firewall
[root@localhost ~]#systemctl stop firewalld.service
[root@localhost ~]#setenforce 0
#Open service
[root@localhost ~]#systemctl start named
#Filter and check named
[root@localhost ~]# netstat -natp | grep named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 2136/named
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 2136/named
tcp6 0 0 ::1:53 :::* LISTEN 2136/named
tcp6 0 0 ::1:953 :::* LISTEN 2136/named
#Change network card domain name DNS address
[root@localhost ~]#vim /etc/sysconfig/network-scripts/ifcfg-ens33
DNS1=127.0.0.1
#Restart the network card
[root@localhost ~]#systemctl restart network
#View profile package
[root@localhost ~]# rpm -qc bind
/etc/logrotate.d/named
/etc/named.conf
/etc/named.iscdlv.key
/etc/named.rfc1912.zones
/etc/named.root.key
/etc/rndc.conf
/etc/rndc.key
/etc/sysconfig/named
/var/named/named.ca
/var/named/named.empty
/var/named/named.localhost
/var/named/named.loopback
#First host Baidu domain name address
[root@localhost ~]# host www.baidu.com
;; connection timed out; no servers could be reached
#Modify the configuration
[root@localhost ~]#vim /etc/named.conf
#You can modify the configuration, comment, or delete these two lines
listen-on port 53 { any; };
allow-query { any; };
# // listen-on port 53 { 127.0.0.1; };
# // allow-query { localhost; };
#Reload DNS Service
[root@localhost ~]#rndc reload
server reload successful
#host Baidu domain name again
[root@localhost ~]# host www.baidu.com
www.baidu.com is an alias for www.a.shifen.com.
www.a.shifen.com has address 180.101.49.11
www.a.shifen.com has address 180.101.49.12
#Write your own domain name
[root@localhost named]# vim /etc/named.rfc1912.zones
zone "apple.com" {
type master;
file "apple.com.zone";
allow-update { none; };
};
#cd to the / var/named directory
[root@localhost ~]# cd /var/named/
[root@localhost named]# ls
data dynamic named.ca named.empty named.localhost named.loopback slaves
#Reserved permission replication
[root@localhost named]# cp -p named.localhost apple.com.zone
#Edit the database file and analyze the corresponding relationship of records
[root@localhost named]#vim apple.com.zone
$TTL 1D
@ IN SOA master.apple.com. admin.apple.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS master.apple.com.
master IN A 192.168.59.131
www A 192.168.59.132
MX 10 mail.apple.com.
mail IN A 192.168.59.30
ftp IN CNAME www
* A 192.168.59.132 #Represents a pan domain name
@ A 192.168.59.132 #Represents that the host name is not required
#Restart the service
[root@localhost named]# rndc reload
server reload successful
#Client 1 accesses the domain name written by the server [root@localhost ~]# cat /etc/resolv.conf # Generated by NetworkManager nameserver 192.168.59.131 [root@localhost ~]# host www.apple.com www.kgc.com has address 192.168.59.132 www.kgc.com mail is handled by 10 mail.kgc.com. [root@localhost ~]# host mail.kgc.com mail.kgc.com has address 192.168.59.30 [root@localhost ~]# host wwwwwwww.kgc.com wwwwwwww.kgc.com has address 192.168.59.132 [root@localhost ~]# host kgc.com kgc.com has address 192.168.59.132
#Client 2 does http service experiment and test
#Install httpd package using yum first
[root@localhost ~]# yum install httpd -y
already installed:
httpd.x86_64 0:2.4.6-97.el7.centos
Installed as a dependency:
apr.x86_64 0:1.4.8-7.el7 apr-util.x86_64 0:1.5.2-6.el7
httpd-tools.x86_64 0:2.4.6-97.el7.centos mailcap.noarch 0:2.1.41-2.el7
complete!
[root@localhost ~]# cd /var/www/html
[root@localhost html]# ls
[root@localhost html]# vim index.html
[root@localhost html]# ls
[root@localhost html]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.59.132 netmask 255.255.255.0 broadcast 192.168.59.255
#Start httpd service
[root@localhost html]# systemctl start httpd
#Server side or browser access IP address
[root@localhost named]# curl 192.168.59.132
hello word....
[root@localhost named]# curl www.apple.com
hello word....DNS reverse resolution:
#Server side
#Modify the area configuration file first (add at the end of the text)
zone "59.168.192.in-addr.arpa" IN {
type master;
file "yun.com.zone";
allow-update { none; };
};
#Copy forward parse file
[root@localhost named]# cp apple.com.zone yun.com.zone -p
#Edit file
[root@localhost named]# vim yun.com.zone
$TTL 1D
@ IN SOA master.yun.com. admin.yun.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS master.yun.com.
master IN A 192.168.59.131
100 IN PTR www.yun.com.
88 IN PTR db.yun.com.
#Restart service
[root@localhost named]# rndc reload
server reload successful
#Client authentication
[root@localhost ~]# host 192.168.59.100
100.59.168.192.in-addr.arpa domain name pointer www.yun.com.
[root@localhost ~]# host 192.168.59.88
88.59.168.192.in-addr.arpa domain name pointer db.yun.com.
Summary:
DNS is very important in the network. For the resident contestants in the interview questions of major manufacturers, you can learn more about the principles and steps of domain name resolution service, and be able to build master-slave domain names and separate domain name resolution servers.