n]w DNS eAnAѤO FQDN OHO Hostname P IP y{OH٦An DNS oӨtΩOHHΧڭ̱``|쪺yOѡBϸѰڡIzodzOܰ¦NNAonzѱoܲM~Io DNS iHO[]Ĥ@BաI]ڭ`OƱۤveHaӰOйI`sjaQzDҦb IP aIzOaI]AӽФ@ӦXkDW١AΪ̳]w@gLXkv DNS DAiO۷n@ưڡI
@


---

O Domain Name SystemG
@
DNS WOy Domain name system zO]AĶWyW٨tzAoөNNγ~OzIڭ̪qΪ̬O Internet @wݭnL ( רOH WWW 觋ӤW ) HIL̤jγ~NOyyikPOЩzHzISI򻡥LOy֤HOHBťڮUUDӡG
@
• /etc/hosts vG

ٰOoڭ̦beXL ¦ ̭aHثeb Internet WqΪqTw TCP/IP AƶǰeOH TCP ʥ]ӶǰeAL٬Oظmb IP wWAӲҬҪA IP Oѥ| 8 bit ƦrզA]NOy xxx.yyy.zzz.www zo˪AAnաApGڭ̭nsWY@qANnb}CJӹqD IP ~sWApGO@ΨⳡqٵLҿסApGثeo Internet Dƥ.....KIְOooh IP rIHѩ IP O@ƦrҲզAbeQikPOЩzHұ ( Oۤv ....) ApGNoǼƦrHyWrzӨNOHSpH]NOAunJ@ӡyqWrzӧڭ̪tδN|۰ʪNoӦWrনqAѪ IP IKKIp@ӡAڭnOoyWrz`O IP ehFIHNQo²Si觋FANO /etc/hosts oɮתѨӡIҦpAunzJy ping -c 5 localhost zz Linux WiHLX 127.0.0.1 o IP A Why Hzhݤ@U /etc/hosts NDFIҥHoAunNz``Wy} IP zgo /etc/hosts UAz IP jMt״N|֤Wܦh(GAjաAbzp줺A̦nNҦ IP gJoɮפաI)
@
• DNS vG

(j20~30~e)qiOQA@HOiӤiΪA]qƶqӤ֡AҥHiHϥ /etc/hosts ӰOгo IP PW٪COb{NA Internet WohDAåB``|MyPqzShX@DӪAȡAڭ`@Ӥ@ӪNLJb /etc/hosts ̭aIHrIuoIҥHӪoӮɭԴNҿתyWٸѪRt, DNSzX{աIDNS Q𪬥ؿAANDW٪޲ztbPhŪ DNS DAgѤh޲zAҥHC@DOЪTN|ܦhAӥBʤW]۷eקIo DNS \zDFܡHաINOyNqDWĶ IP zNOFIMoALB~\٫ܦhI`AL̤j\NOyNqAHeOЪDW(^r)AĶqҼx IP }Iz|ӨҤlӻnFA_ꪺ IP O 202.1.237.21 AҥHziHbzsWJy http://202.1.237.21 zӳsW_ILAڷQSXӤHNo IP I_ӪaHIϤAڭ̫oD_ꪺ} tw.yahoo.com AzunJy http://tw.yahoo.com zNiHsW Internet աIܮeOЧaI
@

/etc/hosts  GbɮפJDWٹ IP ӬdߡF DNS t    Gb Client ݥH resolver 觋 DNS DWjM IP PW٪I

@
• Fully Qualified Domain Name ( FQDN )

bWٻP IP ѪReAڭ٥ݨӰQפ@UyO domain name P host name Hz]NOAWٻPDW١CbQ׳oӥDDeAڭ̨Ӳ@ͬƪDAЪ`NIUҤlAάFvII@UAKojaӷPG
@
• ڭ̾oxWܦhӡynzAoӡynzNNC@ӿWߪӤHIOz򪾹Doӧne`ΧnO_P@ӤHHxICӧnӦۤPIաAҥHڭ̴NHӰϤAҥHx_n򰪶nAoӴNiHFIӡIU@Ax_٦ӧnHNζmӤrIҥHx_BT۪nx_BRnApGڭ̱NLCXӡAiHoˬݡG

nBTۡBx_ nBRBx_ nB ....

O_NiHLPIFOHISINOoˡI
@
• t~@ӨҤliHϥιqܸXӬݡAp 1234567 ӥxn] 1234567 A(1)zb 1234567 ɡAL|J 1234567 qܤA(2)pGznxnhANo[J(06)oӰϽX~Iڭ̴NOϥΰϽXӰѤΪI
@
O_٤MڭnHIڭ̱``|o{DWٳO www AҦp www.gov.tw, www.seednet.net, www.hinet.net Aڭ̫򪾹Do www W٪DbPaOHNݭnLWoI]NO gov.tw, seednet.net, hinet.net PAҥHYϱzDW٬ۦPAOunObP@ӻ줺ANiHQoI򥻤WAڭ̪D DNS OhŤACӼhŪ Hostname P Domain name iO@˪NNzڭ̥iHϥΧڭ̪Dӥ[HApUϩҥܡG

Ϥ@Bh DNS [c ( Hostname P Domain name )

bWҤlAĤGh̭A .tw O domain name A com, edu, gov hODW١AӦboӥDW٤޲zUA٦Lp쪺DAҥHbĤThɭԡA򥻤WA edu.tw NܦF domain name FIӦjPs ncku, nsysu hF hostname oIIHA̫oڭ̪D aerosol ODW١A domain name O ev.ncku.edu.tw ӦWrҨMwI۵MAڭ̪DNO޲z ev.ncku.edu.tw o domain name DNS DҺ޲zoIoˬO_AѤF domain name P hostname PFOH
@


---

DNS d߹L{G
@
Uӧڭ̭nͤ@͡A DNS (1)[cOˡH (2)d߭zOˡH`OnD[c~ાDpdߪoIҥHUڭ̥ӤФ@U骺[cC
@
• DNS [cG

ϤGBDNS hܷN

WNO@²檺 DNS h[coA̤W@wO . o root DNS DALU޲zNu com, edu, gov, mil, org PHaĤGhDW٤FIҦpxWaϳ̤WhW٬OH .tw }YA޲zoӻW٪o IP ObxWAOLOhOOb . (root)̭I٦La̤Whp .cn OjA.de Ow@ˡICӰaUODnUhǻOHIDnNOojG
@

W	NNq
com	qB渹B~
org	´Bc
edu	Ш|
gov	F
net	BqT
mil	xƳ

@
̦eb . (root)Uuoj domain name AOtפӧ֤FA]ӤShXoǥHXӤ domain name Ap@ӡAbӰaAunVӰaӽ domain name YiAݭnA̤WhhӽoI]]AboǰXUA٬Ooj domain name DIMաAbثeAѩں򪺵oNAb domain name bOIӰΡAҥHS۷hWٳQ]pXӡAҦpثexW ISP Ѫ .idv.tw ӤHաI
@
nFAAjդ@A DNS tάOHҿתh޲zAҥHAЪ`NI .tw uOU@hoӥDn domain DӤwIܩҦp edu.tw U٦ ncku.edu.tw oANv浃 edu.tw h޲zFI]NOyCӤW@h DNS DAҰOTAuU@hDW٦ӤwIzܩAU@hAhyvzUhYDӺ޲zoIIҥHzNӷ|D DNS 쩳Op޲zaI ^_^ |o˳]w]OSDzIo˳]pnBNOGC޲zuU@h hostname IP ӤwAҥH֤F޲zWxZIӤUh Client ݦpGDAun߰ݤW@h DNS server YiIݭnVWhAW]|²OI
@
• DNS jMy{G

軡L DNS OHy𪬥ؿzAӶiW٪޲zIҥHC@ DNS DyȺ޲zU@h DNS DWĶzӤwAܩUhUhAhyvzUh DNS DӺ޲zաIo˻n¶fAnaIڭ̴NHUϨӻ@zoG

ϤTBDNS Dd߬y{ܷN

Azb}CJ http://aerosol.ev.ncku.edu.tw ɡAzqN|̾ /etc/resolv.conf ҴѪ DNS IP hisudߡAnFAѩثe̱` DNS DN Hinet 168.95.1.1 o DNS FAҥHڭ̴NLӰҤlaIIoӮɭԡA hinet oD|oˤu@G
@
1. dݥSG軡LաAѩ DNS Oh[cA@ DNS ȰOU@h̭DWٹ IP ӤwAѩ hinet ëDdzṊDAҥH۵M]NSkѵ client aerosol.ev.ncku.edu.tw o IP FAҥHաA@ӨAoӮɭ 168.95.1.1 N|V̳hA]NO . (root) Dd .tw o}F

@
2. V̳h ( root )dGѩ 168.95.1.1 Sڭ̥D IP AoӮɭԥLN|Vy̳hz . (root) oDӬd . (root) U@hA]NO .tw oƤFIoӮɭԡA . (root) N|iD 168.95.1.1 yKIznd .tw oӺ쪺޲z̧rIHܡIڳo̦  .tw oӺ쪺޲zD IP TAziHhLIzF

@
3. VĤGhdG168.95.1.1 ۤS .tw hdߡAӸӳ޲zSȦ .edu.tw, .com.tw, gov.tw... XDAgLo{ڭ̭nO .edu.tw AҥHoӮɭ .tw SiD 168.95.1.1 Gyznh޲z .edu.tw oӺ쪺D̬dߡAڦL IP IzF

@
4. VUhdGnFA@B@BUӡA .edu.tw iHd޲z .ncku.edu.tw D IP F .ncku.edu.tw iHd޲z .ev.ncku.edu.tw D IP Aӳ̫ڭ aerosol.ev.ncku.edu.tw Nib޲z .ev.ncku.edu.tw 쪺D]wdߨաI

@
5. OȦsOGdF IP Ao 168.95.1.1 DNS `|bUHd aerosol.ev.ncku.edu.tw ɭԦA]@o˪y{aI֪oIӥB]ܯӨtΪ귽PWeAҥHOA 168.95.1.1 o DNS o|O@ aerosol.ev.ncku.edu.tw IP TbۤvȦsOAHKU@SHP@ӥDW٪nDdߡI̫hNG^ client ݡIMաAӰOЦb cache ơAOɶʪALF DNS ]wOЪɶ(q`iO 24 p)AӰON|QI
@
ѳo˪htdzo{FHINOG
@
• @ӡyXkz DNS Ḓ]wקFAӦۥ@ɦUa@ DNS nDA|TL~ܥTDWٹ IP TA]L̷|@h@hMUӡAҥHAnzDWٹ IP N@wonzLzWh DNS D~IҥHunzDWrOgLWhyXk DNSzD]wANiHb Internet WQdߨաII²@aAʩʤ]ܰC

@
• bDȦsOOAѩOɶʪAҥHzDW٦b DNS QקFAOѩ󤧫e¸TٰOЦbL DNS DȦsO̭AҥHաAibOHHDz DNS DӬd߱zDWٮɡAN|oe¸TAoӮɶthiO 10 2 ѥkAo]Oڭ̱`zקF@ domain name Ain 2 ~ 3 ѫ~ҥΪtGաI
@
nաIzIJM DNS oΡAMڭ̤Sݭn[AҥHݭn@ӥDW١A]Aڭ̻ݭn[] DNS FܡHIIMOAOH赜FܦhyXkzrA]LNoAyvzDFIڭ̦beyӽЦXkDWz]AunDW٦XkYiAoݭn[] DNS աI

• DNS ϥΪ port number G

nFAJM DNS tΨϥΪOdߡA۵Mݭn} Listen port o ( ť )ISIܦXzI DNS ϥΪO@ port OHNO 53 o port աIziHz Linux U /etc/services oɮ׬ݬݡIjM@U domain orANiHd 53 o port աIOo̻ݭnjaiOAq`A DNS dߪɭԡAOH udp oӸֳtƶǿw ( protocol ) ӬdߪAOU@Skdߨ짹㪺TɡAN|AH TCP oӨwӭsdߪIҥHҰ DNS daemon (NO named ) ɡA|PɱҰ TCP udp 53 o port number I
@

---

yvzNqG
@
ܦhBͳ{y[] DNS iH]wDW١Aӧڭn[ݭnDWrA]@wݭn[] DNS Aun DNSAڪDNiHWrFIzOo˶ܡHMOIoO~[I򻡩OHqWϥܷAzӤo{AڭnjM aerosol.ev.ncku.edu.tw DɡANݭnV޲z .ev.ncku.edu.tw oӺ쪺dߤ~Aӭnd .ev.ncku.edu.tw hݭnb .ncku.edu.tw W߰ݤ~iHIoO]yWh DNS D .ncku.edu.tw wgN .ev.ncku.edu.tw oӺ쪺޲zv "v" green.ev.ncku.edu.tw oAHnd .ev.ncku.edu.tw oӺ쪺D IP ɡA .ncku.edu.tw N|dߪȪ൹ green.ev.ncku.edu.tw h޲zFIqA .ncku.edu.tw oӺ쪺޲zDAN|A ev.ncku.edu.tw oӺ쪺Wٺ޲zIzO_ܹH|yvzH]NOAzRyvzzYu@ɭԡAqAniӶu@HAq𫖬Dz~OuyvzHAnVzХܤ@ˡI ^_^IҥHoApGzn[] DNS AӥBOiHsW Internet W DNS ɡAzNnzLyWh DNS Dvz~IoOܭn[I@Uڭ̦bU|Ф@Ӧp[]@ӡygLXkv DNS DzI
@
ApGNWܧﴫGyڭn[AҥHڭnڪD@ӦXkWrIz˴NXzFI򻡩OH]ڥiHФWh DNS ڳ]wDWٹ IP NiHաIp@ӡAnڪ hostname IP HAiHbڪWh DNS ̭AڥݭnzLڪ Linux DoIҦpڭ̬sǪ aerosol.ev.ncku.edu.tw NiHb green.ev.ncku.edu.tw o޲z DNS server Wz㤣˦ۨӧڪ aerosol.ev.ncku.edu.tw WI]NOAǥ DNS tγ̤j\yDWĶ IP zoӰʧ@AzunV@ӦXk DNS DӽФ@ӡyDW, hostname zz Linux DAjaiHǥѸ DNS DӬdߨz Linux IP ANiHϥθӥDW٨Ӭ[աINOo²I
@
nFAzNӪDFAnzDWٹ IP B Internet WqiHdߪANݭnG
@
1. Wh DNS vz]w DNS DAΪ̬OF
2. ФWh DNS Dz]wI
@
oؼҦAؼҦnOHoS@wסAUڭ̨ӽͤ@͡AzAX@ؼҦ]wOH
@


---

N٬Oۤv]w DNSG
@
pGzgӽйL domain name ܡAҦpV Hinet Seednet xWUjDn ISP ӽ domain name ܡAӳ|DإDnҦANOWY쪺 DNS vAΪ̬O浃 ISP Ӻ޲zC浃 ISP ޲zANiH٧@ONްաIMաApGzOǮճ쪺ܡAΪ̬O~pANoбzVWh DNS DtdHnDoILצpAzu঳ӿܴNOFAnNOХLz]wn hostname IP AnNOХLNY domain name qvz DNS Dn޲zCګ򪾹DӤ觋ڤnOHЪ`NAѩ DNS []A|hX@Ӻť port AҥHzפWAOwI]Aण]MNn]wnoIҥHAo̪ijpUG
@
• ݭn[] DNS ɾG
• zҭtdݭnsW Internet DƶqejGҦpz@ӤHtdӤqQX Server Aӳo Server Ozq줧UCoӮɭԷQn[] DNS ]աI
• ziݭnɱ`קz Server WrAΪ̬Oz Server HɼW[iʻPܰʩʡF
@
• ݭn[] DNS ɾG
• Dƶqܤ֡GҦpa̩Τquݭn@ mail server ɡF
• ziHФWh DNS D޲zz]wn Hostname ɡF
• z DNS {ɡApG[]ϦӮeyö몺pF
• [] DNS OΫܰɡI
@

---

ѻPϸѪ Zone NqG
@
Fo\hAٱoA@󥿸ѡBϸѻP Zone D~ڡI
@@
• OѻPϸѡH

ڭ̦beY}vqNաA DNS tΥӳ̥Dn\NObĶ hostname P IP oAѩqbW{ѪuO IP աAҥHA@ӻAڭ̺١y hostname hMX IP {Ǻ٬ zAܩ IP hd߱o hostname NQ٬ϸѤFIϸѪ]wpOtʫܤjI򻡩OH
@
• ѡGbѪpUAڭ̥iHzLDh]w觋Ӭd(ҦpW@ǹϥoI)AӦ]O Hostname IP AҥHYϦbPq IP AMiHgbP@ domain IҦpڪDObǮո̭ ( 140.116.xxx.xxx )AOڥӽЪO vbird.idv.tw o domain W١AӫܦhBͫhOH ISP Ѫ IP ( Ҧp 61.xxx.xxx.xxx ) Ӷi *.idv.tw ӽЪII@ӡAڪ vbird.idv.tw NPja *.idv.tw bP@ domain ]woAOoǥDoObP줧(140.116.xxx.xxx | 61.xxx.xxx.xxx bP@ӺqaI ^_^) IҥHoA@ DNS iHNz IP gJL̪ѷoI

@
• ϸѡGOϤhI򻡩OH] IP WtɭԡANݭn@Ӱϰ@Ӱϰ쪺AҥHMiP@Ӻq IP bPaX{aI]oAΨ TCP/IP wP router [cz]AP@ IP qϸѴNuonzLWhD]w~FIҥH IP Ϭd hostname ܡAjpUANݭnVݪWhӽФFI
@
|ӨҤlӻGڷQnۤvW٪WrAҥHڥiHh~ ISP ӽеU@ӦXkWrӬ[]ڪ DNS IqAOHNiHgLڪ DNS Ѭd߱oڪD IPCOpGn IP Ϭd^ hostname ܡAڴNy@wݭnzк޲zڥDҦb쪺Wh DNS ޲zӳ]w~zIo]Oثe·ЪaA]ѱziHۦ]wAOϸѫhݭnФWh޲z]wIpGOV ISP ӽЪ IP ANoV ISP ӽФϸѦW٧ﴫAoӳq`ܳ·С
@
• O Zone H

DϸѤAAӭnӪD@UASO Zone ( ϰ ) OH²@IܡA@ӥѩΤϸѪ]wNO@ zone AҦpڭnWd vbird.idv.tw o domain ]weALNO@ zone Iq`Ay@ӳ]wɴNO@ zone zIbڪҤlAڪ vbird.idv.tw o domain DNS ]wɸ̭AݭnG
@
• hint( root ) ]wF
• vbird.idv.tw o domain ѳ]wF
• localhost ѳ]wF
• localhost ϸѳ]wC
@
ڴN| zone FIpGHڭ̨t] DNS D green.ev.ncku.edu.tw ӻܡALܤ֭nG
@
• hint(root)F
• ev.ncku.edu.tw ѡF
• ev.ncku.edu.tw ϸѥH F
• localhost ѡF
• localhost ϸѡC
@
zone wqoIKIz|o{AڨS vbird.idv.tw o domain ϸѳ]w㬰OHаѦҤWaI]ϸѻݭnnD IP wWhӳ]w~IåBAݭnSOdNOAyC@ zone @ӳ]wɡAӳWwodz]wɦWAN浃 /etc/named.conf oӰѼɨӳ]wIz]NOA DNS server ϥΪ bind oӮM󤤡ALDnѼɬO /etc/named.conf Aӳoɮ׷NOOFC@ zone ]wɦWIڤWAb]wϸѪANOC@ zone ]wɰաI
@
• ϸѤ@wnMܡH

nFAϸѻݤݭnM͡Abo̤ΦhFaIH ^_^IЪ`NAbܦhpUAרOثenhW䧮WٲͥXӡAҥHA``|uѪ]wݨDӤwCL]ݭnӹL߰աA]q`bϬdpApGzOϥΥثexWaϳ̬y檺 ADSL WܡA ISP Nwgz]wnϸѤFIҦpG211.74.253.91o seednet Bʦ IP ϬdG|o91.253.74.211.in-addr.arpa o˪DW١IҥHb@ڭ̦ۦӽлW٪ɭԡAzunߥѪ]wYiIMܡAϥϸѪvڥ]|}񵹱zAzۤv]woܰ]SΧrI ^_^

• w DNS MG BIND

שoܳFI۫Hzj]I֪aIHOZ֪աA]uBVĵhfY....xIoӷFIH @_@ nաAڭ̲שnӦw DNS һݭnMFIٰOoeLAڭ̭nϥΪ DNS NOϥάfJܤjǵoiXӪ BIND ( Berkeley Internet Name Domain, BIND ) oӮMաI򪾹DzwˤFSHٰOo¦g̭ RPM ܡHաINOϥ RPM oG
@

[root@test root]# rpm -qa | grep bind bind-9.2.1-4mdk@@@@@@@@@<==oӬOΨӦw Server bind-utils-9.2.1-4mdk@@@@@@<==oӬOΨӰ Client ݷjM domain name O

@
U@S˫HӡIٰݧڣ{㻰ֱNz쪩ЮXӡAMNLwˤWh㤣|wˡHЦۦ殳Xy Linux pе -- ¦Dz߽gzh[@U RPM ΪkaI

• BIND w]|]wG

򥻤WA BIND Dn]wɬ /etc/named.confo@ɮסAUذwD]wȳboɮפ]wIO hostname <--> IP YANݭn zone ӳ]wFIOo zone ɮצW٬Ob /etc/named.conf ̭WwIҥHAЪ`NAC@ zone WٳOiܪAOݭnb /etc/named.conf ̭RWnI~A̦nN zone WwXӪɮתm BIND w] zone \񪺥ؿANO /var/named ̭hIn޲zoI

• BIND ɯšG

Фja`NOAo DNS 53 port ]OӫܦwNNAҥHOADnAOӫijҥ DNS աILApGunw˪ܡAHɪ`Nz Linux distribution O_wɪi|}׸ɮMOHoӯuܭnA]ܤ[ܤ[HeANOQo port 53 شӤF@įΡAuOQܡI @_@

b DNS ]wWA򥻤WAznwgܲM zone OFA_h~]wI|d@kLצpAz@wnDOA bind ]wɡANO /etc/named.conf oɮסApGLsbܡAЦۦإߧaIt~Aw DNS server jPWiHTAOOG
@
• MasterGo DNS tW٪]w(NOZoneաI)Aoӳ]wɴNO]wѩΪ̬OϸѪyDatabasezoIҥHLO㦳 Internet dߩһݪƳIҦpڥiHbڪDW]w vbird.idv.tw oӺAڪDNO master DաI
@
• SlaveGoD DNS tκ޲zʳ]w DNS ϸѸƮwɮסAӬOo Slave Ҥ䴩 Master Dhƥ DNS ]wɮ׸ơA]NOA Slave |N Master Wwgqwnϸѹɮ׳ƥ@bۤvtηI( GMoAo Master n} Slave ӧs Slave ƹɳI ) ~AݭnSOdNOA Slave DäOb Master Iɤ~|y_ӡzAӬOLP Master ۦPAPɭtd Internet W domain dMI[]o Slave nBOHI̤jnBNOyI@zաI򻡩OH]zT DNS DAU@zҺ޲z줧n[J@sDW١AհݡAzOnʭק 3 q٬Oȭק@qALⳡL۰ʪs]wOHo˻˷RB̡ͭAzӥiHzѤFaI ^_^Iѩo Slave äOb Master Iɤ~|_Ӫ@ DNS DA]ApGzV ISP qwⳡ DNS DɡAdUnoⳡ_ӳI]׬O Master άO Slave Ab Internet WëD`ǨӬdM domain name AӬOĹAҥHڭ̤|o@D|QdߨIMաI]ⳡ Master/Slave NݭnqqiHb Internet Wu@աI
@
• Cache-onlyGq`]wbWOIo DNS DSۤvƮwA¶U Client ݦV~ DNS DnDƦӤw²檺ӻALiHQO@ӡyNzHzӤw
@
Master/Slave Ƨs쩳Opʧ@OHЪ`NASlave OݭnsӦ Master DNS ưڡIҥHM Slave b]wNݭnsb Master ~InFA Master P Slave ƦPBʧ@iHѩUϥܨӬݡG
@
ϥ|BMaster/Slave DNS DƦPBL{
@
• P_O_ݭns(1.1)Gڭ̥iHb Slave ]wnV Master DNS DnDƧsgɶAhCFsɶɡA Slave |V Master O_ݭnsơAoӧsƪP_hH Serial number O_PӶisI
• P_O_ݭns(1.2)GF Slave V Master dߤ~AMaster pG DNS ƸgLܧABQn Slave PBsɡA]iHDʪV Slave isqI
• ƦPB(2)G̫MNOƥ Master ǰe Slave ӧs Slave DNS oI
@
Ъ`NApGzQn[] Master/Slave DNS [cɡAⳡD (Master/Slave) ݭnzx~IWܦhboӦa卖Iy{zAЯSOdNڡI
@
Uڭ̴Nӽͤ@ͨ²檺 DNS DAOO cache-only ( forward ) PԲӪ Master DNS DaIܩ slave P Master ]wZAo̧ڭ̴Nh[ФFI
@


---

ª forward DNS D]wG
@
Oª forward DNS DOH
nFAAѤF BIND w]|Aڭ̪DFDn]wɬO /etc/named.conf oɮסAOڪ /etc UNSoɮסII]znۦإ߰աI ^_^IbЫ]wC@ zone eAڭ̥Ӫ@²檺 DNS DINO cache-only DNS server I]٬ forward DNS oIUWqAo DNS server u cache ( ֨ ) \A]NOALS]wɡAOѹ~dߨӴѥLƨӷI]LS]wɡAҥHLNnsW@Xk DNS ~IӹB@y{iHݦOoӼˤlG

ϤBCache-Only DNS DB@y{

ѤWϥܨӬݡAziHo{AAڭ Client MOϥ Cache-Only DNS AjMAOAڤW Cache-only DOФ@ ( Forwarders ) DNS DdߪAèS]wɪաIҥHA򥻤WA cache-only DNS uO@Ӥǻƪ DNS D}FI򬰤n[]o˪@ DNS DOHSƷFHMOIoO]աIUzťoI

ɭԨϥ cache-only DNSH
bYǤq渹YAFwuQΤq귽@ۤvƱAҥH|Ww Internet suW۷YAҥHAɭԡAsۤv|QצI۵MAo port 53 ]NP˪AiQצաIڭ̪DApGS port 53 o DNS A۵MNLkѪRX hostname IP oIOIHoӮɭԡAziHby𪺨WA[ˤ@ cache-only DNS AȡIzoONOH²ڡINOzۤvQΦۤv firewall P DNS hz Client ݸĶ hostname <--> IP oI] firewall iH]wۤv DNS ~XA Client ݪ DNS server IP N]wۤv firewall AIo˴NiHoĶաI

² cache-only DNS ]wG
]w@ cache-only DNS Du²檺աI]ݭn]wϸѪ Zone AҥHun]w@ɮקYiIuOֱּooFoI
@
1. s /etc/named.conf

boɮפADnOwqDƶAHΦU Zone NtNPɮסA] cache-only S Zone AҥHڭ̥un]wnD]wYiC]woɮתɭԽЪ`NG
@
• ѸƬOHy // zӧ@]wI
• CӬq᳣ݭnHy ; zӰI
@
ziHo˳]woɮװաI
@

[root@test root]# vi /etc/named.conf // This settings is only for forwarding DNS Server options {         pid-file "/var/run/named/named.pid";  //ڳo̳]w pid-file IoӮɭԡA @@@@@@@@@@@@@@@@@@@@@@@//ЯSOdNӸ|ҦH ( owner ) @@@@@@@@@@@@@@@@@@@@@@@//@wOn named oӤH~I         forward only;@@@@@@@@@@@@ //u\ forward!         forwarders {                 168.95.1.1;@@@@@@@@@ //ڳǫϥ hinet DNS I                 139.175.10.20;@@@@@@@@//oӬO seednet DNS I         }; }; [root@test root]# ls -al /var/run/named total 12 drwxr-xr-x    2 named    named        4096 Dec  5 02:28 ./  <==`No owner I drwxr-xr-x   10 root     root         4096 Dec  5 02:01 ../

@
• options eObDDn]wȡAY]wG
• pid-file OC@ services Oۤv PID ( Process ID ) ɮoIoɮ׳q`ΦbsҰʩΪ̬O reload services ̱`QϥΨ쪺I]iHϥ kill -1 PID ӭsҰʰڡIӡIѰOO PID H֮X¦gƲߤ@UI
• forwarders (nѰO s I)NOn]weM䪺ӡyXkz DNS oIC@ forward D IP ݭny ; zӰI
• forward onlyGoӳ]wiHz DNS Dȶi forward ӤwIO Cache-Only Ḏ`]wFI
@
²aIo˴Nwg]wF²檺 cache-only DNS DFI
@
2. Ұ named

Ұ`|ѰOaIH֥hҰʤ@UaI
@

[root@test root]# /etc/rc.d/init.d/named start Starting named:                                                 [  OK  ]

@
3. [ port ܤ

ЯSO`NIäOҰʪɭ OK N|\IҥHA٭n֪Ӭݤ@Uz port 53 SҰʣz
@

[root@test root]# netstat -utln Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address           Foreign Address         State tcp        0      0 192.168.1.2:53          0.0.0.0:*               LISTEN tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN udp        0      0 192.168.1.2:53          0.0.0.0:* udp        0      0 127.0.0.1:53            0.0.0.0:*

@
SOݭndNOApGSwܡAҦA]t lo, eth0, ... |Q]wiH domain name nD^I~AٰOoڭ̦be쪺ACӤPɳ| TCP P UDP ʥ]AȳIoˬݰ_ӦGuҰʪˤlALAڭ٬Oo@@@]w譱SjDOH
@
4. ˬd /var/log/messages eT

named oӪAȪOɴNLmb /var/log/messages ̭աAҥHӬݬݸ̭XaI
@

[root@test root]# tail -n 15 /var/log/messages | grep named Dec  5 02:33:33 test named[3010]: starting BIND 9.2.1 -u named Dec  5 02:33:33 test named[3010]: using 1 CPU Dec  5 02:33:33 test named[3015]: loading configuration from '/etc/named.conf' Dec  5 02:33:33 test named[3015]: no IPv6 interfaces found Dec  5 02:33:33 test named[3015]: listening on IPv4 interface lo, 127.0.0.1#53 Dec  5 02:33:33 test named[3015]: listening on IPv4 interface eth0, 192.168.1.2#53 Dec  5 02:33:33 test named[3015]: running Dec  5 02:33:33 test named: named startup succeeded

@
Iݰ_ӦGOSDˤlFInFINӴլݬݧaI
@
5. ( [ Client ݪն )

Forwarders nBPDR
forwarder nBPaBA꦳ܦhتNIjPNio⬣G
@
• Q Forwarder \ӼWiį઺zGoǪB̻ͭ{AܦhUh DNS Dϥ forwarder ɡA򨺭ӳQ]w forwarder DAѩ|OܦhTOA]A󨺨ǤUh DNS DӨA|W֫ܦhAY|`٫ܦhd߮ɶI򥻤WAoǰ򥻪y{iHݦpUϩҥܡG


ϤBForwarder ѼƪB@
@
Ҧ cache-only ]w forwarder yD DNS Dz@AhѩD DNS DwgOFhTF(CӤHӭnDI)ҥHALHӭnDۦPd߸ƮɡAhD DNS N|Ѩ cache ŪA]Ad߮IJvNܧ֤FI
@
• Q Forwarder Ϧӷ|Ͼ骺į୰CGOt~@hۤϪѡIoO]D DNS y~ȶqzNcɭԡAz cache-only D٦VLnDơA]LƶǿqӤjAWe譱itqAӤӦhUh DNS SVLnDơAҥHLd߳t׷|ܺCI]d߳tܺCFAӱz cache-only DSOVLXnDAҥH۵M䪺d߳t״N|PBUI
@
ܦhػkաIH]ıoܦIuOD@TNOF >_<"" ALiHDOApGWh DNS t׫ܧ֪ܡALQ]w forwarder ɡAγ\uiHW[֮įI
@


---

DNS DԲӳ]wG
@
ڭ̴NӬ[]@㪺 DNS DaIpPeAڭ̥n]wɮצXөOH
@
1. /etc/named.conf
2. /var/named/named.root
3. /var/named/named.localhost
4. /var/named/named.127.0.0
5. /var/named/named.ɮ
6. /var/named/named.ϸɮ
@
jNOoXӡIn`NOAFĤ@ /etc/named.conf ɦWOw]~ALɦWOb /etc/named.conf ̭]wI򩳤Uڭ̴NHa̪suAӻ@UͬOp]wڪ domain name oIn`NOAo̪ DNS ]wOyp쪺]wzAApGzݹLFyvzAN|DAUکҳ]wҬOݩyXk DNS DzAoNۧڪ DNS DuV~dߡAOOHOdڪ DNS Ḓ]weIDLϥΧڪ DNS D IP oILAKKIڨϥΪOp IP AQnϥΧڪ DNS IIS
@
1. ʳW hostname P IP G

b@ƤeAʤ]p@UOnƧoIڰ]ڪ domain name O vbird.org Ӻ쬰 192.168.1.0/24AӥDWٰtX domain name ӳ]p@TqAOG
@

qt	q IP	qW
Mandrake 9.0	192.168.1.2	mdk90.vbird.org phorum.mdk90.vbird.org www.mdk90.vbird.org ftp.mdk90.vbird.org	1. oODn DNS ]wDF 2. ڪDnW٬ mdk90.vbird.org 3. `@TӡyOWzboDWI
Windows 2000	192.168.1.100	win2k.vbird.org	Ob mdk90.vbird.org ̭ơC
Windows XP	192.168.1.200	winxp.vbird.org	Ob mdk90.vbird.org ̭ơC

@
n`NOAb mdk90 A]ڪγ~۷hAҥHڧƱڪ@DhӦW١IڥثeSu@ӥѪAҥHNȳ]wFo domain ̭TӧOWFI`@|ӦWroI
@
2. ]w² /etc/named.conf ɮסG

ٰOoWLAoɮפ~ODn]wɡAӨL hostname <--> IP hObU zone ]wɤIoɮץDn]wbwD]wAo@I forwarder DNS DwgLFIt@ӫhObwqC@ zone ɮצWٻPӳ]w domain y Type ()zAثeTAOmaster ( Dn]w ) B hint ( NO root ) H slave ( w master ӶiƦPBƪ]w ) CnFApGHڭ̭WW]wӬݡAӦ /etc/named.conf ]wN|ܦUҼˤFG
@

[root@test root]# vi /etc/named.conf // ]w骺DWIIb directory NqI options {         directory "/var/named";@@@@//oӬObWwyڪϸɮשmؿz         forwarders {                 168.95.1.1; @@ @@@//ޫ򻡡AʹNOw forwarder ]w         };         pid-file "/var/run/named/named.pid"; //C distribution iೣPI         allow-query { any; };@@@@@//O_\LHdߡHMաI         allow-transfer { any; };@@@ //O_\ slave PBIMաI };@@@@@@@@@@@@@@@@@@ //Woӳ]]wLҿװաIw]ȡI // wqX . (root) o hint type ɮפeI zone "." {@@@@@@@@@@@@@@ //ݨFSIHoӴNOҿת zone աI         type hint;@@@@@@@@@@ //ܪ type hint (root . M)         file "named.root";@@@@@@ //]wɮתɦWIܦhɭԹw] named.root }; // AӫhOwqX localhost ϸѤFI²աINO 127.0.0.1 Ӥw zone "localhost" {@@@@@@@@@@ //o zone ܳ]wɪw] domain name @@@@@@@@@@@@@@@@@@@ // NIo̽СySOzdMI         type master;@@@@@@@@@ //Dnb]wɡI         file "named.localhost";@@@@//ɦWIiHHۤvHKI }; zone "0.0.127.in-addr.arpa" {@@@@@//ϸѪ IP qI in-addr.arpa O @@@@@@@@@@@@@@@@@@@ //Tw IP qgkI         type master;         file "named.127.0.0"; }; // wqXڦۤvo@եϸѳ]wI zone "vbird.org" {@@@@@@@@@@//ڪ zone domain name vbird.org         type master;         file "named.vbird.org"; }; zone "1.168.192.in-addr.arpa" {         type master;         file "named.192.168.1"; };

@
nSOdNOG
• options
• ̭hwqF@ directory NNAoӴNO]wɩmؿFIHUɮ׬ҡApGO localhost ɡAYO named.localhost ɡAoɮתmmNOb /var/named/named.localhost աIo˥iHAѶܡHӱziHۤvܦۤvɮשmaANiHMI
• pid-file OC@ services Oۤv PID ( Process ID ) ɮoIoɮ׳q`ΦbsҰʩΪ̬O reload services ̱`QϥΨ쪺I]iHϥ kill -1 PID ӭsҰʰڡIӡIѰOO PID H֮Xy Linux pе -- ¦Dz߽gzƲߤ@UI
• forwarders (nѰO s I)NOn]weM䪺ӡyXkz DNS oIC@ forward D IP ݭny ; zӰI
• . (root) eGroot ̭nNO hint type աIOogI
• localhost ϸGϸѪWٳiHHN]wALAnSOdNNO zone ᭱NOy domain name zIo domain name Ӧb]wɷ|ϥαoWcI
• L domain ϸGP localhost S򤣦PANuOP domain name NOFI
• ϸѪgkGϸѪ Zone gkSALnN IP ϹLӼgAҦp 127.0.0.1/24 o C class AngܡAhnϹLӼg 0.0.127 o˪ΦI𫟺ݭn`NOA̫᭱ȥn[Wyin-addr.arpazNNInѰOFI
@
3. ]w . ( root ) eG

@ӨAϥdASS]w forwarder ɭԡAq`NO . ( root ) hdoIOڭ̫򪾹D root b̩OH`٬Oݭn IP aISoIpGOª Red Hat άO Mandrake |ѳo hint type ɮסAO Open Linux ̭oSѡIåBAɭԡAoǥD IP ٬Oi|ܰʪաI]OAڭ̥iHsW޲z domain name ANO rs.internic.net ohUoIziHo˰G
@

[root@test root]# ftp rs.internic.net Connected to rs.internic.net. Name (rs.internic.net:root): anonymous 331 Guest login ok, send your complete e-mail address as password. Password: <==your password 230 User ftp logged in.  Access restrictions apply. Remote system type is UNIX. Using binary mode to transfer files. ftp> cd domain ftp> get named.root ftp> bye

@
Aڭ̨Ӭݤ@U named.root oɮקaI
@

[root@test root]# vi named.root ;       This file holds the information on root name servers needed to ;       initialize cache of Internet domain name servers ;       (e.g. reference this file in the "cache  .  <file>" ;       configuration file of BIND domain name servers). ; ;      This file is made available by InterNIC ;       under anonymous FTP as ;           file                /domain/named.root ;           on server           FTP.INTERNIC.NET ; ;       last update:    Nov 5, 2002 ;       related version of root zone:   2002110501 ; ; ; formerly NS.INTERNIC.NET ; .                        3600000  IN  NS    A.ROOT-SERVERS.NET. A.ROOT-SERVERS.NET.      3600000      A     198.41.0.4 ; ; formerly NS1.ISI.EDU ; .                        3600000      NS    B.ROOT-SERVERS.NET. B.ROOT-SERVERS.NET.      3600000      A     128.9.0.107 ; ; formerly C.PSI.NET ; .                        3600000      NS    C.ROOT-SERVERS.NET. C.ROOT-SERVERS.NET.      3600000      A     192.33.4.12 ; ; formerly TERP.UMD.EDU ; .                        3600000      NS    D.ROOT-SERVERS.NET. D.ROOT-SERVERS.NET.      3600000      A     128.8.10.90 ; ; formerly NS.NASA.GOV HUٲ

@
@YzӪDA`NIӡy ; zO]wɪѡAP /etc/named.conf S@ˡISOdNAndFIMz|o{Cӡy . z NS P A A`NݨrAĤ@NO . name server (NS) yA.ROOT-SERVERS.NET. z̫᭱S[W . O@˪ISOdNIӳo nameserver IP ( A ) 198.41.0.4 IILγ~ڭ̦bU@ɮצAӽ͡I`ӨAoɮפnhLI]oӬOڤWqΪơAקաIFϦӷ|䤣 . I
@
4. ]w ( localhost ) ɮסG

C@ localhost IҥHOAڭ̴NӰw localhost oӺ쪺qӳ]w@UoIӥѩ localhost q` IP NO 127.0.0.1 AҥHNLѦoӴNաIOnSOdNOAyڪѭn@ nameserver IHz]AbU]wɷA̭nNOnϥ NS o nameserver yDW١zлxաI
@

[root@test root]# cd /var/named [root@test named]# vi named.localhost $TTL    600@@@@@@@@@; oӸM cache ɶYIOI @       IN      SOA     localhost.      root.localhost. (                 2002120601   ; Serial  P master slave O_PBI @@@@@@@@@@@@@@ ; @ӨApGoӼƭܤjFA slave ~|PBsI                 28800        ; Refresh wqX slave h[|Dʪˬd serial ȡA @@@@@@@@@@@@@@ ; HKDʪsƮwI                 14400        ; Retry   wqXApG slave SsW master DNS D @@@@@@@@@@@@@@ ; hh[|sADˬdI                 720000      ; Expire  pG@SsW mater AFoӮɭ @@@@@@@@@@@@@@ ; slave N|ˬdʧ@FAAsI                 86400 )      ; Minimum oӨNO TTL աIpGzSwq TTL A @@@@@@@@@@@@@@ ; TTL ȴNHoӨӳ]wI ; }l]wѪTeG @               IN      NS      localhost. ; SOdN̫᭱ . I localhost.      IN      A       127.0.0.1   ; A OѸ̭ hostname IP лx

@
WܦhǩǪrAڭ̱on@UA_h᭱z|yٷ١zI
@

Ÿ
$TTL	oӪFDnbGywqXV~dߪƥiHOb DNS cache h[zNF ᭱Ʀr쬰F q`oӼƦrpGwqӤjܡAҦp@(86400)ɡAOHFL DNS TɡAѩz cache sɶ@ѡAҥHon@Ѥ cache Ƥ~|QNA]Ab@ѤAzdߨ쪺Ty|OªIz OoӼƦrpGwӤpܡAҦp(300)o DNS N|_V~nDơAht|ܪjաI ADObնqAMܡAq`|ijwq@Ѫ cache ɶoI `NGYǮMWäwqoөNNI
@	oӴNO zone wqXөNNաIHoɮפeҡA]ڭ̦b /etc/named.conf NOwqX localhost o domain name @ zone A]AIbo̡AoӲŸNN localhost աI
SOA	oӬO Start of Authority }l]weNաI]NOb᭱]wn}lFIЪ`NAoөNNbCӡyzone ]wɡz|sbIҥHAC zone ]w@˧YiI b SOA ᭱|өNNAĤ@ӬDW( localhost. )AЯSOdN localhost ᭱ӤpI (.) oӪFܭnILNy@ӧ㪺 hostname +  domain name FzIpGS[W (.) ܡANܸӤryȬ hostname Aٻݭn[W domain name zIo̬Os̮eX{~IĤGӬ޲z e-mail I]ϥ @ (wgOSŸF)AҥHo̤]P˪H (.) ӨNIҦpWڥH root@localhost Ӱڪ e-mail AҥHNgF root.localhost. AP˪A̫᭱ (.) I b̫A|p ( ) A_FӼƦrAoӼƦrF̫@ӻP TTL ~AL slave P master ƦPBB@I Serial GoӼƦrȬOΨӰ master P slave update ѦҼƭȤ]NOA Slave serial p Master ɡA update ~|ʧ@Iѩ߳]w̪]wޥDA]q`ڭ̥HɶӰ Serial qw̾ڡAҦp 2002 ~ 12 6 Ĥ@]wAiHgy2002120601zЪ`NAoӼƦriWL 10 ӼƦrC Refresh GRO slave h[iDʧsɶF Retry GpGF Refresh ɶAO slave oLks master ɡAbh[Aslave |ADʹջPDsuF Expire GpG slave @LkP master sWAgLh[ɶAhRO slave nAs master FI Minimun GoӴNIO TTL աI
NS	name server NA᭱Oyhostname FQDNzoӪܫe domain Oѫ᭱oӥDҺ޲zաI y @ IN NS localhost. zo@檺NOA@ ( zone AYO localhost o domain ) ޲z Name Server localhost oDAЪ`NA localhost ᭱@wn (.) ~IOH]pGS[W (.) ܡADWٱN|ܦ localhost.localhost I Why HoO] BIND w]pASg . ܡAhܸӦW٬ Hostname ӤwAݭnA[W domain name ~I ѩ Name Server DW١AҥH٭n[Wo name server Ѫ IP (NOUnͪ A )~I
A	oOѪŸաI]NOAe localhost. (٬Oon`N . )ҹ IP 127.0.0.1 NաI
.	IALjդUAb BIND ]wɷADW٪ܡA̫᭱S[W . OtܦhI[WF . ܳoӡy㪺DW١AYO hostname + domain name zFApGS[W . ܡAܸӦWٶȬy hostname zӤwIOOI

@
o˥iHAѤWNFܡHIoӬO̰¦XӶسIdUnOoInѰOFnFADFѤAڭ̭nӽͤ@ͨӤϸѪFաI
@
5. ]w ( localhost ) ϸɮסG

ϸѸ򥿸Ѥ@ˡAٳݭn SOA иA]ݭn NS oөNNAߤ@PjNO IP hostname PFaI
@

[root@test root]# cd /var/named [root@test named]# vi named.127.0.0  <==oɮצW٬Ob /etc/named.conf ̭]w $TTL    600 ; This is about DNS server's settings @       IN      SOA     localhost.      root.localhost. (                 2002120601      ; Serial                 28800           ; Refresh                 14400           ; Retry                 720000          ; Expire                 86400 )         ; Minimum ; The server's infomations @               IN      NS      localhost. 1               IN      PTR     localhost.

@
WeXe@ˡANFIu̫@椣@ˡAӬOOH
@

Ÿ
PTR	oOϸѪŸաIDn٬Ob IP DW٪NNIn`NOAѩoɮת zone 127.0.0 AҥHڭ̥un[@ӼƦr(̫@ӼƦr)NiHաIӨ 1 ܪNF 127.0.0.1 oI U@ѧڭ̳WO B Class zone OHҦp 127.0 o˪ zone OH²աINӼƦrYiI]NO 0.1 oI ̭nFNOGbW zone ɭԡAOܭnAӤϸѪ zone Wٳ̫ݭnW in-addr.arpaAoI]ФdUnѰOFI

@
]o domain (localhost) Nu@AҥHڭ̫²檺NiHNL]wFIUAڭ̱Nn]wڭ̦ۦ氲]wTDI
@
6. ]w domain name ѡG

Aӳ]wNOڭ̥e쪺TDFAziHo˳]wG
@

[root@test root]# cd /var/named [root@test named]# vi named.vbird.org  <==oɮצW٬Ob /etc/named.conf ̭]w $TTL    600 ; W쪺@ˡA]wD@ǰ򥻸TA]t master P slave I @       IN      SOA     mdk90.vbird.org.        root.mdk90.vbird.org.   (                         2002120601      ; Serial                         28800           ; Refresh                         14400           ; Retry                         720000          ; Expire                         86400   )       ; minimum ; D]wѼƳ @               IN      NS      mdk90.vbird.org.@; o zone (vbird.org) D @               IN      MX 10   mdk90.vbird.org.@; l໼DnlDI mdk90           IN      A       192.168.1.2 mdk90           IN      TXT     "The testing DNS server"@; ȬO phorum.mdk90    IN      CNAME   mdk90@@@@@@;`NoPU@檺gkI www.mdk90       IN      CNAME   mdk90.vbird.org. ; LD]wTW win2k           IN      A       192.168.1.100 win2k           IN      HINFO   "AMD-K6-III""Windows 2000" winxp           IN      A       192.168.1.200

@
Fe master P slave ɶѼƤ~A٦ӭn NS H A oǰѼƤ~A̭ѼƥDnUXӷsANG
@

Ÿ
SOA	SO`N SOA @檺]wI]ڭ̭n]wwgO vbird.org o Zone FAҥHЭק@UzDW١A٦ DNS D޲zl}I t~A٬OA . OFI
MX	oӪFNO Mail eXchanger (MX) ²gALγ~bϥΩlDɡAݭnH໼IΩ@DOShjvTAO mail server h۷nvTI pGDpϥγoӪNASYAziHNzDW(FQDN)gJIHڤWҤlӻAڴNNlDgڦۤvDA`NA̦nO FQDN I pGzlDS MX oӳ]w]SYաAH٬OiHǰeFAOAɫNO|C@ǨǦHӪHNOFI Ъ`N MX ᭱nW@ӼƭȳIziH]whӶlDAOЯSOdNOAQ]wlDn䴩zl relay ~A_h]w|ܦLĪI
TXT	oӪFbiyzӤwIYOeD@ǸTC SO`NOASƪܡAyTngoӸԲӡAɭԬƦӭngǿ~TIzOHpGgoӸԲӪܡA򨺨ǭ cracker N²檺NiHNzToAöiӤJIFܡH @_@
CNAME	oӪFNO]wDOWNNաI]ڭ̪DܦhӦWrASnCӦWrإߤ@ A иAoӮɭԡAڭ̴NiHϥ CNAME ӳ]wt~@ӧOWIHWҡAڳ]wFӧOWbڪDWASOdNO CNAME gkVP@AW CNAME ̤jtʦbgO_ FQDN P᭱S[W . oӼлxաI ^_^
HINFO	oӪF᭱өNNAĤ@ӱOw骺šAĤGӱhO@~tΡAoөNN̦nnΦb} DNS DWA TXT @˪DաIpGn]wܡA̦nϥ޸j}ӳI

@
oӴN]woIB~`NIb DNS ѳALnTSOhA]wNNFҥHAzݭnSOdNCӳ]wȬO_TI@ӨAڭ̷|ijjaA]wAåB槹Ұʪ script AdUnOoh /var/log/messages Yݤ@ݦS~TI
@
7. ]w domain name ϸѡG

]wϸѭn²檺hFun hostname YiG
@

[root@test root]# cd /var/named [root@test named]# vi named.192.168.1  <==oɮצW٬Ob /etc/named.conf ̭]w $TTL    600 @       IN      SOA     mdk90.vbird.org.        root.mdk90.vbird.org.   (                         2002120601      ; Serial                         28800           ; Refresh                         14400           ; Retry                         720000          ; Expire                         86400   )       ; minimum ; LDTI @       IN      NS      mdk90.vbird.org. 2       IN      PTR     mdk90.vbird.org. ; The following is about other hosts 100     IN      PTR     win2k.vbird.org. 200     IN      PTR     winxp.vbird.org.

@
²aINO IP YiI
@
8. Ұ named P port ΰTT{G

SFҰʪɨFI[oI
@

1. }lҰʡI [root@test root]# /etc/rc.d/init.d/named start Starting named:                  [  OK  ] 2. port [G [root@test root]# netstat -tuln | grep 53 tcp        0      0 192.168.1.2:53          0.0.0.0:*               LISTEN tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN udp        0      0 192.168.1.2:53          0.0.0.0:* udp        0      0 127.0.0.1:53            0.0.0.0:* 3. TeI Dec  8 23:27:39 test named[8106]: starting BIND 9.2.1 -u named Dec  8 23:27:39 test named[8106]: using 1 CPU Dec  8 23:27:39 test named: named startup succeeded Dec  8 23:27:40 test named[8111]: loading configuration from '/etc/named.conf' Dec  8 23:27:40 test named[8111]: no IPv6 interfaces found Dec  8 23:27:40 test named[8111]: listening on IPv4 interface lo, 127.0.0.1#53 Dec  8 23:27:40 test named[8111]: listening on IPv4 interface eth0, 192.168.1.2#53 Dec  8 23:27:40 test named[8111]: couldn't add command channel 127.0.0.1#953: not found Dec  8 23:27:40 test named[8111]: zone 0.0.127.in-addr.arpa/IN: loaded serial 2002080601 Dec  8 23:27:40 test named[8111]: zone 1.168.192.in-addr.arpa/IN: loaded serial 2002120601 Dec  8 23:27:40 test named[8111]: zone localhost/IN: loaded serial 2002080601 Dec  8 23:27:40 test named[8111]: zone vbird.org/IN: loaded serial 2002120601 Dec  8 23:27:40 test named[8111]: running

@
9. i઺]w~DG

򥻤WADNS O]w@ Server FAҥHb譱аȥpߡIL]w~q`رpG
• yk]w~GoӰDnѨMA]b /var/log/messages ̭wgܲMFIӤeh׭qYiF
• ޿]w~GoӴNxZFIOH]LDnoͦbz]w DNS DɭԡAҼ{gҲͪDIҦpѰO[W (.) AtΤ|ܿ~TAOo|ydߪ~PA MX ]wDWٿ~A]|X{DTAO mail server NO|Hoǿ~ݭnܸԲӪ DNS client դ~ાDDҦbC
ڭ̳o̥Nyk]w~譱i椶СAܩ޿]wDAӴNݭnhhiդ~ાDF
@

Dec 10 11:34:21 test named[31185]: loading configuration from '/etc/named.conf' Dec 10 11:34:21 test named[31185]: /etc/named.conf:18: missing ';' before '}' Dec 10 11:34:21 test named[31185]: loading configuration: failure Dec 10 11:34:21 test named[31185]: exiting (due to fatal error) o˪~NOoͦb /etc/named.conf a 18 AѰO[W ; ŸFIhץYiI Dec 10 11:37:20 test named[31236]: dns_rdata_fromtext: named.localhost:9: near eol: unexpected end of input Dec 10 11:37:20 test named[31236]: zone localhost/IN: loading master file named.localhost: unexpected end of input o˪~q`NOoͦb named.localhost 9 BAhץݬݡAq`beXܦiO SOA ᭱ӼƦrSg]I Dec 10 11:42:28 test named[31338]: dns_master_load: named.localhost:14: unexpected end of line Dec 10 11:42:28 test named[31338]: dns_master_load: named.localhost:13: unexpected end of input Dec 10 11:42:28 test named[31338]: zone localhost/IN: loading master file named.localhost: unexpected end of input P˪AiDzbɮ named.localhost DIЬdҡI

@
q`̤j]uNOrաI`Ahݬ /var/log/messages eA@wiHzAѿ~DI
@
10. Go˴N]wFIЫe Client [aI

• ɮ׳]wG

JMwgF DNS D]wAUӦ۵Mni Client ݪsuհաInթOHUXɮ׽ЯSOdNG

• /etc/hosts GWNLFAoӬO̦ hostname IP ɮסF
• /etc/resolv.conf GoӴNO]wz Client ݳsW DNS D IP ]wɡF
• /etc/nsswitch.confGoɮ׫hObyMwznϥ /etc/hosts ٬O /etc/resolv.conf ]wI

@ӨA Linux w] hostname jMO /etc/hosts ӪAOHziHdݤ@U /etc/nsswitch.conf Aç hosts ءG
@

[root@test root]# vi /etc/nsswitch.conf hosts:      files nisplus nis dns

@
W files NOϥ /etc/hosts ӳ̫᪺ dns hOϥ /etc/resolv.conf DNS D IP jMաI]AziHH /etc/hosts ӳ]w IP zIMաAz]iHNLմLӡALA`O /etc/hosts ²AҥHNL\benաI

nաAJMڭ̬Oni DNS ժA /etc/resolv.conf eA۵MNngڭ̦ۤv IP oIҥHzӳo˼gG
@

[root@test root]# vi /etc/resolv.conf nameserver 192.168.1.2 nameserver 163.28.112.1 nameserver 163.28.113.1

@
nameserver iH]whӡAOѩ nameserver O@Ӥ@ӪldUӪAҥHAz DNS D IP ngb̤WIMNiH}lդFI

• DNS ]wG

DNS {ܦhAڭ̥Өϥγ²檺 host aIM٦ nslookup dig I
@
hostG

ykG  [root @test root]# host [-a] [FQDN] [root @test root]# host -l [domain] ѼƻG -a GҦTCXӡF -l GN᭱ domain Ҧ host CXӡI dҡG [root @test root]# host mdk90.vbird.org mdk90.vbird.org has address 192.168.1.2 ܳªuCX hostname IP ӤwILTh@LXI [root @test root]# host -a mdk90.vbird.org Trying "mdk90.vbird.org" ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51741 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;mdk90.vbird.org.               IN      ANY ;; ANSWER SECTION: mdk90.vbird.org.        600     IN      A       192.168.1.2 mdk90.vbird.org.        600     IN      TXT     "The testing DNS server" ;; AUTHORITY SECTION: vbird.org.              600     IN      NS      mdk90.vbird.org. Received 98 bytes from 192.168.1.2#53 in 9 ms `NݤWAW 600 NOڭ̭qw TTL ƭȡA A, TXT, NS hOb master file A]NO named.vbird.org ̭]wTIFFzH [root @test root]# host -l vbird.org vbird.org SOA mdk90.vbird.org. root.mdk90.vbird.org. 2002120601 28800 14400 720000 86400 vbird.org name server mdk90.vbird.org. vbird.org mail is handled by 10 mdk90.vbird.org. mdk90.vbird.org has address 192.168.1.2 mdk90.vbird.org text "The testing DNS server" phorum.mdk90.vbird.org is an alias for mdk90.vbird.org. www.mdk90.vbird.org is an alias for mdk90.vbird.org. win2k.vbird.org has address 192.168.1.100 win2k.vbird.org host information "AMD-K6-III" "Windows 2000" winxp.vbird.org has address 192.168.1.200 vbird.org SOA mdk90.vbird.org. root.mdk90.vbird.org. 2002120601 28800 14400 720000 86400 WTSܼxOHաINOڭ̦b]w named.vbird.org ̭Ҧ]wTI

@
򥻤WApGSSݨDA host oӵ{NbOܦnΤFIӥBٯKzI
@
nslookup G

ykG  [root @test root]# nslookup [FQDN] [root @test root]# nslookup ѼƻG set type=any GCXҦTyѤ譱]wɡz set type=mx  GCXP mx TI dҡG [root @test root]# nslookup win2k.vbird.org Server:         192.168.1.2 Address:        192.168.1.2#53 Name:   win2k.vbird.org Address: 192.168.1.100 OªN hostname IP CXӦӤwIZKաIӥBe|ܥXO@ DNS DhdߪI [root @test root]# nslookup > 192.168.1.2@@  @@@<==ˬdϸѡI Server:         192.168.1.2 Address:        192.168.1.2#53 2.1.168.192.in-addr.arpa        name = mdk90.vbird.org. > www.mdk90.vbird.org@@<==ˬdѡI Server:         192.168.1.2 Address:        192.168.1.2#53 www.mdk90.vbird.org     canonical name = mdk90.vbird.org. Name:   mdk90.vbird.org Address: 192.168.1.2 > tw.yahoo.com@@@@@<==ˬdDݪѡI Server:         192.168.1.2 Address:        192.168.1.2#53 Non-authoritative answer:  <==o@bAoӸToۡyD{ҡIzY cache oI Name:   tw.yahoo.com Address: 202.1.237.21 > set type=any@@@@@<==ܩҦTIȰw勵ѦӨI > mdk90.vbird.org Server:         192.168.1.2 Address:        192.168.1.2#53 Name:   mdk90.vbird.org Address: 192.168.1.2 mdk90.vbird.org text = "The testing DNS server" > exit

@
nslookup ]O@ӫܤΪTILAU dig SF`FI
@
digG

ykG  [root @test root]# dig [-t type] [FQDN] ѼƻG -t type Gd߬Y type ADn any mx I dҡG [root @test root]# dig mdk90.vbird.org ; <<>> DiG 9.2.1 <<>> mdk90.vbird.org ;; global options:  printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41014 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;mdk90.vbird.org.               IN      A ;; ANSWER SECTION: mdk90.vbird.org.        600     IN      A       192.168.1.2 ;; AUTHORITY SECTION: vbird.org.              600     IN      NS      mdk90.vbird.org. ;; Query time: 10 msec ;; SERVER: 192.168.1.2#53(192.168.1.2) ;; WHEN: Tue Dec 10 13:50:38 2002 ;; MSG SIZE  rcvd: 63 ѤWTڭ̥iHo A Ѥ NS DWٳI [root @test root]# dig -t mx mkd90.vbird.org ; <<>> DiG 9.2.1 <<>> -t mx mkd90.vbird.org ;; global options:  printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39261 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;mkd90.vbird.org.               IN      MX ;; AUTHORITY SECTION: vbird.org.              600     IN      SOA     mdk90.vbird.org. root.mdk90.vbird.org. 2002120601 28800 14400 720000 86400 ;; Query time: 9 msec ;; SERVER: 192.168.1.2#53(192.168.1.2) ;; WHEN: Tue Dec 10 13:53:10 2002 ;; MSG SIZE  rcvd: 80 DnOo MX TաI

@
o˪dߤ觋OO]ܤKOIH֥hլݬݱz]w藍aI
@
whoisG

ykG  [root @test root]# whois hostname ѼƻG dҡG [root @test root]# whois redhat.com    Domain Name: REDHAT.COM    Registrar: NETWORK SOLUTIONS, INC.    Whois Server: whois.networksolutions.com    Referral URL: http://www.networksolutions.com    Name Server: NS2.REDHAT.COM    Name Server: NS3.REDHAT.COM    Name Server: NS1.REDHAT.COM    Status: ACTIVE    Updated Date: 09-jan-2003    Creation Date: 26-may-1994    Expiration Date: 25-may-2006 Registrant: Red Hat, Inc. (REDHAT-DOM)    P.O. Box 13588    Research Triangle Park, NC 27709    US    Domain Name: REDHAT.COM    Administrative Contact, Technical Contact:       Network Operations Center  (NOC144-ORG)           noc@REDHAT.COM       Red Hat, Inc.       P.O. Box 13588       Research Triangle Park, NC 27709       US       919-547-0012Fax- 919-547-0024       Fax- - 919-547-0024    Record expires on 27-May-2006.    Record created on 26-May-1994.    Database last updated on 9-Mar-2003 11:44:55 EST.    Domain servers in listed order:    NS3.REDHAT.COM               66.187.229.10    NS1.REDHAT.COM               66.187.233.210    NS2.REDHAT.COM               66.187.224.210

@
whois iHΨӬd߬Y@DάY domain DnOgLӤHUHӤH]wePOIoӫO]ܬOnΡAҦpWdҷAڭ̥iHD redhat.com o IP PUAIܤΧaI ^_^

٦@ǤieiHѵjaѦҳIҦpl쪺vDP[]@ӦXk hostname I
@


---

lvDG
@
nFAU@ڪܤjAڥutdWh DNS ӤwAUhƱ檽浃U쪺tdHӭtdAn]wOH|ӨҤlӻAHjҡAjpȺ޲zUӨtҪD IP ӤwAѩUӨtҪDƶqiܤjApGCӤHnЭpӳ]wA޲zi|ƱAӥBbڳ]pW]ӤHʤơCҥHoApNNU subdomain ޲zv浃UӨtҪD޲zh޲zAp@ӡAUtҪ]wW|FABWh DNS D]Τӳ·ЧoI

nFAp}lvOHڳo̶ȻѪA]b ISP 譱q`wgڭ̷dwϸѤFAҥHzLIӥثeڭ̥hUTWAq`ȨoOѪ]wvAҦpڪ vbird.idv.tw NO@ӨҤlInFA{b]bڪ mdk90.vbird.org WAnN win2k.vbird.org oӤlΥXh win2k.vbird.org ޲zAӫOH

D mdk90.vbird.org ]wG
D mdk90.vbird.org ]w²աIunNl}XӵOHϥδNFI]wOHziHק /var/named/named.vbird.org AϥLܦG
@

[root@test root]# cd /var/named [root@test named]# vi named.vbird.org  <==oɮצW٬Ob /etc/named.conf ̭]w $TTL    600 @       IN      SOA     mdk90.vbird.org.        root.mdk90.vbird.org.   (                         2002120601      ; Serial                         28800           ; Refresh                         14400           ; Retry                         720000          ; Expire                         86400   )       ; minimum ; D]wѼƳ @               IN      NS      mdk90.vbird.org.@ @               IN      MX 10   mdk90.vbird.org. mdk90           IN      A       192.168.1.2 mdk90           IN      TXT     "The testing DNS server"@ phorum.mdk90    IN      CNAME   mdk90@@ www.mdk90       IN      CNAME   mdk90.vbird.org. ; lΥXhLD޲zҤlI win2k.vbird.org.   IN@@@NS@ win2k.vbird.org. win2k           IN      A       192.168.1.100 ; WLD]wT譱 winxp           IN      A       192.168.1.200

@
WrNO̭naաIڱN win2k.vbird.org. oӺ쪺 NS v(name server)൹ win2k.vbird.org oDӺ޲zAөUCX win2k.vbird.org oDѸTI򥼨ӷHnd www.win2k.vbird.org ɡAh| mdk90.vbird.org ӬdߡAӬd win2k.vbird.org A]N|VU媺 DNS YO win2k.vbird.org odߤFI

UD win2k.vbird.org ]wG
oӳ]wN²աIѦҤ@Uڭ̤WgơA۳]wAOz domain name ܦ win2k.vbird.org NOFI²檺ܧoI
@


---

[]@ӦXkv DNS DG
@
nաI{bzӪDOygWvXk DNS DzFaHISINOW媺 DNS DNl쪺dv}񵹱zӳ]wNաIIMDzAOڭnpӬ[]@ӦXk DNS DOHnڦۤv޲zۤv domain IҦpڪ vbird.idv.tw NO VBird ۤv޲zz㧐Uڭ̴Nӽͤ@ͫ]waI
@
1. ӽФ@ӦXk domain name G

JMOnإߤ@ӦXk domain name server A۵MNnVXk DNS DӽбvoIثeziH쩳UahӽгI
@
• http://www.twnic.net/index3.php
 @
xWaϪ@ domain wgA TWNIC zFAҥHzsWWzAiHIYsUj ISP hUIҦpڴNUF vbird.idv.tw oӺI{bH Hinet UaI
@
• iJDeGs쩳UhGhttp://nweb.hinet.net/
• ܻݭnW١Aìd߸ӺO_HsbG]쥲ݬOW@LGAҥHzݨϥθӺѪdߥ\Ahdߤ@UzQnO_wgQUFOH@wnSQU~iHI
• vBiUGMHӺѪ\@B@BUhiAҦpHڪyӤH}zUҡAUӤH}A|X{y{BJG

• ܺNީά[] DNS ҦGٰOoe쪺TaHաIڭ̥iH ISP ڭ̳]wn host IP Nn(̦hT)AM]iHۦ]w@Uڭ̩һݭn DNS DաI]ӱzi|[] mail server AҥH٬Oۦ]w DNS DnFIܤWϥܪĤyDNSw/ʡzءA|X{UϥܡCOoܡyDNSzζgz hostname PT IP YiI`NGnoӶءA̦nz IP OTwABʨ IP ijγoӿﶵI

• UI
@
2. H DNS DԲӳ]w ]weӳ]wzDAЪ`NAoӱpUAzun]wzU쪺ѧYiIϸѳhnz|AMApGzkܡA̦n٬OФWh ISP z]woI

@
3. աI
p@ӡAz DNS DW]wTAiHzL Internet W@DӬdߨIΧaI߰ʤFܡH֥hլݬݧaI ^_^
@


---

LAME Server D
@
pGzO[] DNS DsAy@wz|b /var/log/messages oӵnɮ׸̭o{o˪TG
@

[root@test root]# more /var/log/messages Oct  5 05:02:30 test named[432]: lame server resolving '68.206.244.205.in-addr.arpa' (in '206.244.205.in-addr.arpa'?): 205.244.200.3#53 Oct  5 05:02:31 test named[432]: lame server resolving '68.206.244.205.in-addr.arpa' (in '206.244.205.in-addr.arpa'?): 206.105.201.35#53 Oct  5 05:02:41 test named[432]: lame server resolving '68.206.244.205.in-addr.arpa' (in '206.244.205.in-addr.arpa'?): 205.244.112.20#53

@
oOFoHIھکx责ѪƨӬ ( bz Red Hat 9 tΤUAйݳoɮסy/usr/share/doc/bind-9.2.1/armBv9ARM.ch06.htmlz )Aڭ̪ DNS DbV~ DNS tάd߬YǥϸѮɡAiѩ DNS D]w~AɭPLkѪRwϸѵGAoӮɭԴN|oͩҿת lame server ~I
@
oӿ~|ڭ̪ DNS DoͤYGܡHM|I]~O𫍧 DNS ]wAuOڭ̪ DNS Dbd߮ɡA|o͵LkTѪRĵiHӤwAoӰTM|ڭ̪ Linux DoͤxZALAtκ޲zӻAnѤѬdߪ /var/log/messages ɮ׳MohnTAoOܰQ@ơI
@
nFAڭ̪D lame server ODDAڭ̥DSvTAOoSQnӰTX{bڭ̪n /var/log/messages AFo˪\OHINQ BIND oӮMҴѪnɰѼưڡIʧ@²Abz /etc/named.conf ɮ׷̩UA[JoӰѼƧYiG
@

1. ק /etc/named.conf  [root@test root]# vi /etc/named.conf // [JUoӰѼơG logging {         category lame-servers { null; }; }; // `N@UA logging ODnѼơAܩ category hOwqXTA // ]ڭ̤n lame server AҥH lame-servers oӰѼơAéwq // ѼƭȬ null (ŪN)Ao˴Nק粒FI @ 2. sҰ bind  [root@test root]# /etc/rc.d/init.d/named restart

@
OosҰ named A٬Onݤ@U /var/log/messages IHTw named TҰʻP_IMAKKAHN|ݨ lame server I

• b Internet A@XkD㦳W@LGDW١AoӥDW٥]tF hostname P domain name Aú٬ Fully Qualified Domain Name (FQDN)F
• FJAH IP OЪxZAӦWٸѪR͡AO /etc/hosts AӫhO DNS tΪ͡F
• DNS ADn master, slave HΥui֨O cache-only DNS DF
• Internet WDw]V master DNS d߸ơA slave Dn\byƥ master ]wƮwzɮסIåBb master IɡAiƴtΡF
• ثe Unix Like AOH BIND oӬfJܤjǵoi DNS MF
• b DNS tΤAѬ hostname IP AӤϸѫhO IP hostname Aܩ zone hO@өΪ̬O쪺]wȡF
• bind ]wɬ /etc/named.conf A named.conf iHWdXϸ zone ɮשҦbF
• Ѫ(record)DnGSOA, A, MX, NS, CNAME, TXT HINFO F
• ϸѪDnG SOA, PTR F
• b client ݳ]w DNS d߶ǻP\઺Xӭnɮ׬G /etc/nsswitch.conf, /etc/hosts, /etc/resolv.conf F
• DNS dߪODnG host, nslookup, dig, whois F
• bJF named o daemon Aаȥe /var/log/messages ݦ daemon \P_C

b LPI http://www.lpi.org ̭쪺A NFS ҸDwaAub LPI level 1 102 A̭ topic 113 Networking Services AĤIA² DNS ]wCjժOyժ̻AѦץBϸѡBZone P cache-only DNS Dzܩ|Ҫɮ׻POi঳oǡG

• /etc/hosts
• /etc/nsswitch.conf
• /etc/resolv.conf
• /etc/named.boot(V4) /etc/named.conf(V8)
• named (o daemon )

• BIND xGhttp://www.isc.org/products/BIND/
• Study Area DzߺGhttp://www.study-area.org/linux/servers/linux_dns.htm
• uȵOGhttp://turtle.ee.ncku.edu.tw/~tung/dns/dnsintro.html
• lame server ²Ghttp://linux.cvf.net/lame_server.html

• n DNS tΡG
• б Unix Like tηADnϥΨӮM󰵬 DNS D[]APɡALSOϥΨ daemon ӱҰ DNS tΡH
• ̦ Internet OFFHiHsWHi귽ɡAt~AhOqll󪺨ϥΡCӦbϥΪnɮץu /etc/hosts oӡAбгo hosts ɮתet򶵥ءH
• л DNS TPeG
• ɮ(forward)ϸɮ(reverse)PjϥΪɮ(loopback)Dn\ରG
• bDn DNS ]w /etc/named.conf A@ӸSɮסAL hint Aаݳoɮת\ରH
• b client ݷjM HOSTNAME IP d߮ɡA̭nɮסAHθɮתDnγ~H
• @ӻAb Client ݨϥΪd HOSTNAME OjhϥΤH
• а named nTnbbɮפH

eѦҸѵ