中華技術學院Linux_Chap1_Service Manager

Download Report

Transcript 中華技術學院Linux_Chap1_Service Manager 

中華技術學院
Linux課程
Chap two : DNS
王俊城
RHCE/RHCX
Agenda

DNS overview

Configuring BIND

Creating BIND databases

Additional DNS methods

Using BIND tools
Domain Name System (DNS)

forward lookup
www.hinet.net -> 61.219.38.89

reverse lookup
61.219.38.89 -> www.hinet.net

Logically group by name domains

Provides email routing information
Name Server Hierarchy

Master name server
maintain zone file itself

Slave name server
Provides a backup to the master name
server
Synchronization with master or another
slave name server

Cache-only
No any one zone file
DNS Server

Server receives request
If zone file have answer
If cache have answer
If forward assign
Asks root name server
/var/named/named.ca
 dig @168.95.192.1

BIND

Berkeley Internet Name Domain
(BIND)
BIND 9
/usr/share/doc/bind*/README
http://www.isc.org/products/B
IND
Service Profile : DNS


Type:
Packages:

Daemons:
Script:
Ports:
Configs:

Log:



System V-manager service
bind,bind-utils
caching-nameserver
openssl
named
named
UDP(53),TCP(53)
/etc/named.conf
/var/named/named.ca
/var/named/*
/var/log/messages
Configuring BIND
/etc/named.conf
 service named restart
 Text-file specifying
directives:zones,options,access
control lists,etc
 Comments can be in C,C++ or shell
style

/* C style comment */
// C++ style comment
# shell style comment
Global Options
acl "mynet" { 192.168.0/24;
192.168.1/24; };
options {
directory
"/var/named";
forwards
{ 168.95.192.1; };
forward only;
allow-query
{ mynet; };
allow-transfer { mynet; };
};
BIND utlities

host: gather host/domain
information
host example.com
host –al example.com
host –t mx example.com

dig: send queries to name server
directly
dig @168.95.192.1 www.redhat.com
dig @168.95.192.1

nslookup is deprecated
LAB1-Cache-only DNS Server

/var/named/chroot/etc/named.conf
options {
directory "/var/named/chroot/var/named";
forwarders { 192.168.0.249; };
forward only;
};




/etc/hosts
/etc/resolv.conf
service named restart
host station251.example.com
Slave Zones
zone "example.com" {
type slave;
masters { 192.168.0.249; };
file "example.com.zone-slave";
};
zone "0.168.192.in-addr.arpa" {
type slave;
masters { 192.168.0.249; };
file "192.168.0.zone";
};
LAB2-Slave DNS Server

/var/named/chroot/etc/named.conf
zone "example.com" {
type slave;
masters { 192.168.0.249; };
file "example.com.zone-slave";
};
zone "0.168.192.in-addr.arpa" {
type slave;
masters { 192.168.0.249; };
file "192.168.0.zone";
};




/etc/hosts
/etc/resolv.conf
service named restart
host station251.example.com
Master Zones
zone "domain251.example.com" {
type master;
file "domain251.example.com.zone";
};
zone "0.168.192.IN-ADDR.ARPA" {
type master;
file "192.168.0.251.zone";
};
Special Zones

Root zone: “.”
zone "." {
type hint;
file "named.ca";
};
zone "0.0.127.in-addr.arpa" {
type master;
file "127.0.0.zone";
};
Zone Files
/var/named/* ( or
/var/named/chroot/var/named/*)
 Begin with $TTL (time to live)
 First resource record is zone`s start
of authority(SOA)
 Zone data in additional resource
records
 Comments can be “;”

Example Zone Files
SOA record
 NS records
 A records
 CNAME records
 MX records

Example Zone Files
$TTL 86400
@ IN SOA station251.domain251.example.com. root.station251.domain251.example.com. (
; Dont forget to increment the serial number
2003040100
;serial number
1H
;refresh slave
5M
;retry refresh
1W
;expire zone
5M
;cache time-to-live for negative answers
)
; Name server resource records ( NS )
; owner
TTL
CL type RDATA
@
IN NS
station251.domain251.example.com.
; Mail exchanger resource records ( MX )
; owner
TTL
CL type
RDATA
domain251.example.com.
IN MX
10 station251.domain251.example.com.
; Internet address resource records( A )
; owner
TTL
CL type RDATA
@
IN A
192.168.0.251
station251.domain251.example.com.
IN A
192.168.0.251
LAB2-Master DNS Server

/var/named/chroot/etc/named.conf
zone “domain251.example.com" {
type master;
file "domain251.example.com.zone";
};




/etc/hosts
/etc/resolv.conf
service named restart
host station251.example.com
Delegating Subdomains
Configure the subdomain as a zone
on the new server
 On delegating server,set up NS
record for the subdomain pointing to
the new server
 If new server is in subdomain it
manages,on delegating server need
a “glue” A record for new server

T
h
a
n
k
Y
o
u
!