1. DNS (Domain Name System)
FQDN (full domain name format) Example: www.baidu.com→www.baidu.com. (multiple points)
DNS function: maintain an address database, and provide domain name forward and reverse resolution functions
2. Common DNS classifications (different classifications according to the source of address data)
*
Caching domain name server: only provides caching function, without its own control area address data, you must set the root domain or specify other DNS servers as the source of resolution. (Fast speed, saving export bandwidth)
*
Main domain name server: The only authoritative server (official server) that exists, and you need to create all the data files responsible for the area address (self-control).
*
Slave domain name server: You can make a hot backup for the main domain name server, or you can share part of the service.
3. DNS service query mode
*
recursive query: customer request, DNS reply from the local cache (only high-speed cache).
*
Iterative query: client requests, but there is no data in the cache, and the DNS cache requests other DNS servers or the root domain as a client.
*
Recursion: client-server iteration: server-server
4. DNS port number: TCP53 port UDP53 port
5. Lightweight DNS and DHCP service software: dnsmasq
6. Load balancing and pan-domain name resolution
*
DNS polling (load balancing): The same domain name corresponds to multiple IP addresses. If a server is down, the user needs to clear the cache before it can be used normally.
*
Pan domain name resolution: * A 173.16.16.173 All are resolved into the 173 URL of ipv4.
7. Cache DNS server construction
yum -y install bind bind-utils bind-libs bind-chroot //Install supporting software
rpm -qa | grep bind //View and install
cp -p /etc/nanmed.conf{,.ori} //Reserve permission to copy
vim /etc/nmed.conf //Modify information
//Comment out the key line, bnss line, root domain and configuration file prompt line
, add a line forwarders {202.106.0.20;}; (check your own dns addition)
named-checkconf /etc/named.conf //Detect Whether there is an error
systemctl start named //Start the service
netstat -anptu | grep :53 //Check the preferred address of the 53 interface
vim /etc/resolv.conf and
change it to your own IP
8. The construction of the main domain name server
cp -p /etc/named .com.ori /etc/named.conf //Restore the initial configuration
Modify the hostname hostnamectl set-hostname ns1.amber.com
//Open a new virtual machine and modify the name to ns2.amber.com
ns2 Also install the bind series software
ns2 vim /etc/resolv.conf preferred dns to ns1 ip
ns1 to .2, go vmnet8
vim /etc/hosts add two lines
192.168.42.128 ns1.amber.com ns1
192.168.42.131 ns2.amber.com ns2
ping ns2 //Check if you can ping
vim /etc/named.conf
//Add 2 zones, this is a forward analysis
cd /var/named
cp -p named.empty amber.com.zone //Reserve permission to copy
vim amber.com.zone
named-checkzone amber.com. amber.com.zone //Check if it is correct
systemctl restart named
9. Reverse primary DNS resolution service build
vim /etc/named.conf
to add a section of zone
cd /var/named
cp -p amber.com.zone 192.168.42.arpa
vim 192.168.42.arpa
named-checkzone 42.168.192.in-addr-arpa 192.168.42.arpa
systemctl restart named
10. Build from DNS domain name resolution service
scp /etc/named.conf 192.168.42.131:etc/ //The local text is sent to the 131 machine
131 machine to modify
vim /etc/named.conf
named-checkconf named.conf
systemctl restart named
vim /etc/resolv.conf
preferred DNS
Change to your own IP host modification: vim /etc/named.conf
add also-notify {192.168.42.131; };
systemctl restart named
ll /var/named/slaves
11. Separate the DNS domain name resolution server
and the client in the intranet to access itself Intranet server, after judging, go directly to the intranet without going through the public network, and the server that is not the intranet can access the public network.
Modify the main configuration file /etc/named.conf and add
view "LAN" {match-clients {internal network segment /24; };};
view "WAN" {match-clients {any; }; };
12. The intelligent DNS domain name resolution server is used in the server of different network operators in the computer room to make the user experience better.
acl lan {. . . . . } In access control list
13.vim: 1,2 co $ //copy segment
dG //delete all the following
shift + "5" //find the other half "}"