Tips ： When the article is finished , Directories can be generated automatically , How to generate it, please refer to the help document on the right

Preface
We usually visit the web page by entering the domain name , Such as Baidu 、 Sina and other websites , It is mainly because DNS Domain name system for these websites IP Address resolved , In this way, users can remember them through their familiar language .

One 、DNS The domain name system

1.DNS Concept

DNS The domain name system （Domain Name system abbreviation DNS,DomainName Translated as domain name ） It's a core service of the Internet , It can be used to IP A distributed database with address mapping , Can make people more convenient access to the Internet , Instead of remembering what can be read directly by the machine IP Number string .
DNS The default port is 53, It is divided into TCP and UDP agreement .

2.DNS The role of

1.TCP It is used for area transmission , Mostly used for master-slave synchronization
In a district DNs The server reads the data file of this area DNs Data and information , And auxiliary Ds The server is from the master of the zone DNs The server reads the DNs Data and information

2.UDP Is used to do DNS Analytic
domain name : Usually a fully qualified domain name （FQDN) identification .FQDN Full name Fully Qualified Domain Mame, It can accurately express its relative to DNs The location of the root of the domain tree , That is to say, node to DNS The complete expression of tree roots , Reverse writing from node to root , And use "." Separate , about DNS Domain google Come on , Its fully official domain name ( FQDN） by google.com.
for example ,google by com A subdomain of a domain , Its expression is google.com, and www by google A subdomain in a domain , You can make
use www. google.com. Express .

Be careful : Usually ,FQDN There are strict naming restrictions , The length cannot exceed 256 byte , Only characters... Are allowed a-z,0-9,A-Z And minus sign (-）. Order number (.） Only allowed between domain names （ for example "google.com") perhaps FQDN Use at the end of . Domain names are not size sensitive , From the top to the bottom , Can be divided into ： Root region 、 Top-level domain 、 The secondary domain 、 Subdomain

That is, the full domain name : Name with both host name and domain name FQDN =Hostname + DomainName
Such as :www .baidu. com.
Be careful : The front must be the host , The last dot represents the root domain , Usually omitted , But actually www.baidu.com=www.baidu.com.
Domain name structure :
http:// www.sina.com.cn./
http:// Host name . Subdomain . The secondary domain . Top level domain root domain /

3. Domain name Architecture

All domain names must end with a dot
for example ：www.baidu.com.
Root domain name "."
First level domain name ：.cn（ China ）.us（ The United States ）.tw（ Taiwan, China ）.kr（ South Korea ）.jp（ Japan ）.hk（ Hong Kong ）.uk（ The British ）
Two level domain name ：.com.cn（ Chinese business organizations ）.edu.cn（ educational services ）.org.cn（ uncommercially ）.net.cn（ Chinese operators ）
Three level domain name / Subdomain ： sina.com.cn baidu.com.cn
Host name ： www mail ftp

4. Domain name server

Domain names are hierarchical , The domain name server is also the corresponding hierarchy .

With the domain name structure , You also need something to resolve the domain name , Domain names need to be resolved by domain name servers all over the world , A domain name server is actually a host with a domain name system .

Level division from high to low , It can be divided into the following categories ：
|||

notes ： The scope of a domain name server , Or the scope of administrative authority , It's called the district

What we need to pay attention to ：

Each layer has its own domain name server on the domain name , At the top is the root domain name server
Each level of domain name server knows the name of the lower level domain name server IP Address
For disaster tolerance , At least two or more domain name servers are set at each level

Two 、 Domain name resolution

1. classification

Forward analysis : Search for the corresponding IP Address
Reverse DNS : according to IP Address to find the corresponding domain name （ Reverse domain name resolution is not very common , Only used on special occasions , For example, it can be used for anti spam verification .)

2. The process

Forward parsing query process ：
1. First check the cache record of this machine
2. Inquire about hosts file
3. Inquire about dns Domain name server , hand dns Domain name server processing
The above process becomes a recursive query : I want an answer. You'll give me the result directly
4. This dns The server may be a local domain name server , There is also a cache , If there is a direct return result , If not, proceed to the next step
5. Help the root domain server , The root domain server returns the top-level domain server that may know the result and asks him to find the top-level domain server
6. Help the top-level domain server , The top-level domain server returns the secondary domain server that may know the result, and then he goes to the secondary domain server
7. Turn to the secondary domain server , The secondary domain server found that it is my host , Find out ip The address is returned to the local domain name server
8. The local domain name server logs the results to the cache , Then put the domain name and ip The corresponding relationship is returned to the client
3. A query

3. recursive query

Recursive query is a kind of DNS The query mode of the server , In this mode DNS The server received a client request , You must reply to the client with an accurate query result . If DNS The server does not store queries locally DNS Information , Then the server will ask other servers , And submit the returned query results to the client .
Simply put, the client can only wait for the result after sending the request , The middle specific process is handed over to the server to realize .

4. Iterative query

DNS Another query method of the server is iterative query , When the client sends a query request ,DNS The server does not reply directly to the query results , Instead, tell the client another DNS Server address , The client will go to this DNS The server submits the request , Cycle in turn until the result of the query is returned. The total sentence , The client's request needs to be queried one by one to get the result , When the server has no results, it will only provide you with the address of other servers , Instead of asking for information for you , This is the opposite of recursion

3、 ... and 、 To configure DNS

1. install bind
2. View the configuration file

3. Modify global profile
vim /etc/named.conf

listen-on port 53 monitor 53 port hinder ip Use configuration dns Of this machine ip

allow-query You can use this dns The network segment of the resolution service You can also use any Express all
4. Next, configure the area configuration file
vim /etc/named.rfc1912.zones

5. Next, configure the forward parsing file
First the named.localhost Copy the contents in to generate a new file qqq.com.zone
cd /var/named/
cp -p named.localhost qqq.com.zone Keep the permission of the source file for copying
vim qqq.com.zone

SOA Mark 、 Domain name and administrator email ,@ The variable represents the domain name 
                NS         qqq.com                    # Record the current area of DNS Server name 
                 A          192.168.9.158             # Recording host IP Address 
     IN   MX  10         mail.qq.com.              #MX Record for mail exchange , The higher the number, the lower the priority 
www  IN    A            192.168.9.158             # Record forward resolution www.qqq.com
mail IN    A            192.168.9.160              #mail.qq.com The address of 
ftp  IN    CNAME  www                         #CNAME Use the alias ,ftp yes www Another name for 
*    IN    A            192.168.9.170             # Anti domain name resolution * Represents any host name 

6. Turn off firewall

7. Turn off core protection

8. Start after configuration dns service

appear Non-authoritative answer: This kind of problem
Translation is probably ： The unauthorized response indicates that the query result comes from an unauthorized host
It shows that this time I didn't go outside the network to inquire , Instead, look in the cache and find the data

Then we need to add DNS Server address or modification DNS

9. Configure on the client host vim /etc/resolv.conf

Use configuration dns The host ip
10. Parsing succeeded