ثeHq̭Aϥγ̴ΪOҿת IP ( IPv4 )wAzLoӨwA
ڭ̥iHNƶǰe@ӥiHsW Internet aC
LAo IP wҳ]w IP O 32 Ӧ줸AনQi쪺ܡAO 4 ռƦrҶXӦA
Ҧp 123.234.56.78 o˪榡Cڭ̧Q Internet ǰeƪɭԡA
Nݭno IP A_hƫDnQe̥hH(
MաA
ǰeƪkܦhAoOzL IPv4 oӨwAҦp NetBIOS NO@ҡC
LAbo̡Aڭ̤QרLǿkAMQ IPv4 oӨwI )
MӤH IP oؼƦrNAOФObOˡCOpWһA
ڭ̻ݭnƶǿɡASܻݭn𫍧 IP AHFIoӰDA
BͷQ@ӤkANOQάYǯSwɮױNDWٻP IP @@ӹA
DWٻP IP sʡAp@ӡAڭ̴NiHzLDW٨ӨoӥD IP FI
uOӦnDNA]HWrOФOiNnhFI ^_^yC
iOAӤk٬OʾѪANODWٻP IP Lk۰ʩҦqsC
]NOAڭ̥nʥhҦq̭sӸTѧoIohɶ
ӬFɳoӯʾѡAfJܤjǵoiXt~@MhzDWٹ IP tΡA
ڭ̺٥L Berkeley Internet Name Domain, BIND AoӨtΥiNuqhF
zLhzAiHPi@u@ӴΤFI
o]Oثe@ɨϥγ̼sxW٨t(Domain Name System, DNS)
zLLAڭ̤ݭnDD IP AunDӥDW١ANsWӥDFI
(
bUAڭ̦ɷ| DNS ɷ| BIND AoPH
ѤW̭AziHAѨA DNS O@غںwW١A
ܩ Bind hOѳo DNS AȪMo˱zAѤFܡHI)
nߨӬ[] DNS DܡHMOpPWA
ںWA
ƪǿ̭nNOonD𫍧 IPAp~FsuC]A
[] DNS NnAѾںW٬[cA_hA@ DNS []~A
i|yzҺҪDLkTb Internet WYǿƪDI
ҥHAn]w DNS eAznNW٨tθ̭DΪ FQDNBHostname P IP d߬y{A
ѻPϸѡBXkv DNS DNqAH Zone ѧ@@ӻ{Ѥ~I
oiOܭnAnLFI
O Domain Name SystemG
DNS WOy
Domain name system zA
ĶWy
W٨tzA
oөNNγ~OzIڭ̪qΪ̬O
Internet @wݭnL ( רOH WWW 觋ӤW ) HI
L̤jγ~NOy
yikPOЩzHz
ISILOy֤HOHBťڮUUDӡG
- /etc/hosts vG
ٰOoڭ̦beXL ¦
̭aHثeb Internet WqΪqTw TCP/IP AƶǰeOH
TCP ʥ]ӶǰeAL٬Oغcb IP wWAӲҬҪA IP Oѥ|
8 bit ƦrզA]NOy
xxx.yyy.zzz.www zo˪AAnաApGڭ̭nsWY@qA
Nnb}CJӹqD
IP ~sWApGO@ΨⳡqٵLҿסApGثeo Internet
Dƥ.....KIְOooh IP rIH
ѩ IP O@ƦrҲզAbeQikPOЩzHұ
( Oۤv ....) ApGNoǼƦrHyWrzӨNOHSpH
]NOA
unJ@ӡyqWrzӧڭ̪tδN|۰ʪNoӦWrনqAѪ
IP IKKIp@ӡAڭnOoyWrz`O IP
ehFI
HNQo²Si觋FANO
/etc/hosts oɮתѨӡIҦpAunzJ
y ping -c 5 localhost z
z Linux WiHLX 127.0.0.1 o IP
A Why Hzhݤ@U /etc/hosts
NDFIҥHoAunNz``Wy} IP zgo /etc/hosts
UAz IP jMt״N|֤Wܦh(
GAjաAbzp줺A̦nNҦ
IP gJoɮפաI)
- DNS vG
(j20~30~e)qiOQA@HOiӤiΪA]qƶqӤ֡A
ҥHϥ /etc/hosts ӰOгo IP PW٪٩|iICOb{NA
Internet WohDAåB``|MyPqzShX@DӪAȡA
ڭ`@Ӥ@ӪNLJb /etc/hosts ̭aIHrIuoI
ҥHӪoӮɭԴNҿתyWٸѪRt,
DNSzX{աI
DNS Q𪬥ؿAANDW٪ztbPhŪ
DNS DAgѤhzAҥHC@DOЪTN|ܦhA
ӥBʤW]۷eקIo
DNS \zDFܡHաINOyNqDWĶ
IP zNOFIMoALB~\٫ܦhI`AL̤j\NOy
NqAHeOЪDW(^r)AĶqҼx
IP }I z
|ӨҤlӻnFA_ꪺ IP O 202.1.237.21
AҥHziHbzsWJy http://202.1.237.21 zӳsW_I
LAڷQSXӤHNo
IP I_ӪaHIϤAڭ̫oD_ꪺ} tw.yahoo.com AzunJy
http://tw.yahoo.com zNiHsW Internet աIܮeOЧaI
|
/etc/hosts
Gb Client ݪɮפJDWٹ IP ӬdߡF
DNS t
GQB~DNSAȡAClientݥiHzLWٸѪRӨoتaDIP
|
- Fully Qualified Domain Name ( FQDN )
bWٻP IP ѪRy{eAڭ٥ݨӰQפ@UyO
domain name P host name Hz]NOAWٻPDW١C
bQ׳oӥDDeAڭ̨Ӳ@ͬƪDAЪ`NI
UҤlAάFvII@UAKojaӷPG
-
ڭ̾oxWܦhӡynzAoӡynzNNC@ӿWߪӤHI
OzDoӧne`ΧnO_P@ӤHHxI
CӧnӦۤPIաAҥHڭ̴NHӰϤA
ҥHx_nnAoӴNiHFIӡIU@A
x_٦ӧnHNζmӤrIҥHx_BT۪nx_B
RnApGڭ̱NLCXӡAiHoˬݡG
O_NiHLPIFOHISINOoˡI
- t~@ӨҤliHϥιqܸXӬݡAp 1234567 ӥxn] 1234567
A(1)zb 1234567 ɡAL|J 1234567 qܤA
(2)pGznxnhANo[J(06)oӰϽX~Iڭ̴NOϥΰϽXӰѤΪI
O_٤MڭnHIڭ̱``|o{DWٳO www AҦp
www.gov.tw, www.seednet.net, www.hinet.net Aڭ̫Do www
W٪DbPaOHNݭnLWoI]NO gov.tw, seednet.net,
hinet.net PAҥHYϱzDW٬ۦPAOunObP@ӻ줺A
NiHQoI
WAڭ̪D
DNS OhŤACӼhŪ Hostname P Domain name
iO@˪NNzڭ̥iHϥΧڭ̪Dӥ[HApUϩҥܡG
Ϥ@Bh DNS [c
( Hostname P Domain name )
bWҤlAѤWVUƪĤGh̭A .tw O domain name A com, edu,
gov hODW١AӦboӥDW٤zUA٦Lp쪺DA
ҥHbĤThɭԡAWA
edu.tw NܦF domain name FIӦjPs ncku, nsysu hF hostname oI
IHA̫oڭ̪D aerosol ODW١A domain
name O ev.ncku.edu.tw ӦWrҨMwI۵MAڭ̪DNOz ev.ncku.edu.tw
o domain name DNS DҺzoIoˬO_AѤF domain name P hostname
PFOH
DNS d߹L{G
Uӧڭ̭nͤ@͡A DNS (1)[cOˡH
(2)d߭zOˡH`OnD[c~ાDpdߪoIҥHUڭ̥ӤФ@U骺[cC
- DNS [cG
ϤGBDNS hܷN
WNO@²檺 DNS h[coA̤W@wO
. (pI) o root DNS DALUzNu com, edu, gov, mil,
org PHaĤGhDW٤FIҦpxWaϳ̤WhW٬OH
.tw }YAzoӻW٪o IP ObxWAOLOhOOb
. (root)̭I٦La̤Whp .cn OjA
.de Ow@ˡICӰaUODnUhǻOH
IDnNOojG
| W |
NNq |
| com | qB渹B~ |
| org | ´Bc |
| edu | Ш| |
| gov | F |
| net | BqT |
| mil | xƳ |
̦eb . (root)Uuoj domain name
AOtפӧ֤FA]ӤShXoǥHXӤ
domain name Ap@ӡAbӰaAunVӰaӽ domain name
YiAݭnA̤WhhӽoI]]AboǰXUA٬Ooj
domain name DIMաAbثeAѩںoNAb
domain name bOIӰΡAҥHS۷hWٳQ]pXӡAҦpثexW
ISP Ѫ .idv.tw ӤHաI
nFAAjդ@A DNS tάOHҿתhzAҥHAЪ`NI
.tw uOU@hoӥDn domain DӤwIܩҦp edu.tw U٦
ncku.edu.tw oANv浃 edu.tw hzFI]NOy
CӤW@h
DNS DAҰOTAuU@hDW٦ӤwI
zܩAU@hAhyvzUhYDӺzoIIҥHzNӷ|D
DNS 쩳OpzaI ^_^
|o˳]w]OSDzI
o˳]pnBNOGCzuU@h
hostname IP ӤwAҥH֤FzWxZIӤUh Client ݦpGDAun߰ݤW@h
DNS server YiIݭnVWhAW]|²OI
- DNS jMy{G
軡L DNS OHy𪬥ؿz
AӶiW٪zIҥHC@
DNS DyȺzU@h DNS DWĶzӤwA
ܩUhUhAhyvzUh
DNS DӺzաIo˻n¶fAnaIڭ̴NHUϨӻ@zoG
ϤTBDNS Dd߬y{ܷN
Azbs}CJ http://aerosol.ev.ncku.edu.tw ɡAzqN|̾ڬ]w(
b Linux UNOQ
/etc/resolv.conf oɮ )
ҴѪ DNS IP hisudߡAnFAѩثe̱` DNS DN
Hinet 168.95.1.1 o DNS FAҥHڭ̴NLӰҤlaIIoӮɭԡA
hinet oD|oˤu@G
- dݥSG
軡LաAѩ DNS
Oh[cA@ DNS ȰOU@h̭DWٹ IP ӤwAѩ
hinet ëDdzṊDAҥH۵M]NSkѵ client
aerosol.ev.ncku.edu.tw o IP FAҥHաA@ӨAoӮɭ 168.95.1.1
N|V̳hA]NO . (root) Dd .tw o}F
- V̳h ( root )dG
ѩ 168.95.1.1 Sڭ̥D
IP AoӮɭԥLN|Vy̳hz . (root) oDӬd . (root) U@hA]NO
.tw oƤFIoӮɭԡA . (root) N|iD 168.95.1.1 yKIznd
.tw oӺ쪺z̧rIHܡIڳo̦ .tw oӺ쪺zD
IP TAziHhLIzF
- VĤGhdG
168.95.1.1 ۤS .tw hdߡAӸӳzSȦ
.edu.tw, .com.tw, gov.tw... XDAgLo{ڭ̭nO .edu.tw
AҥHoӮɭ .tw SiD 168.95.1.1 Gyznhz
.edu.tw oӺ쪺D̬dߡAڦL IP IzF
- VUhdG
nFA@B@BUӡA .edu.tw
iHdz .ncku.edu.tw D IP F .ncku.edu.tw iHdz .ev.ncku.edu.tw
D IP Aӳ̫ڭ aerosol.ev.ncku.edu.tw Nibz .ev.ncku.edu.tw
쪺D]wdߨաI
- OȦsOG
dF IP Ao 168.95.1.1
DNS `|bUHd aerosol.ev.ncku.edu.tw
ɭԦA]@o˪y{aI֪oIӥB]ܯӨtΪ귽PWeAҥHOA
168.95.1.1 o DNS o|O@ aerosol.ev.ncku.edu.tw IP
TbۤvȦsOAHKU@SHP@ӥDW٪nDdߡI̫hNG^
client ݡIMաAӰOЦb cache ơAOɶʪALF
DNS ]wOЪɶ(q`iO 24 p)AӰON|QI
ѳo˪htdzo{FHINOG
-
@ӡyXkz DNS Ḓ]wקFAӦۥ@ɦUa@ DNS
nDA|TL~ܥTDWٹ IP
TA]L̷|@h@hMUӡAҥHAnzDWٹ
IP N@wonzLzWh DNS D~IҥHunzDWrOgLWhyXk
DNSzD]wANiHb Internet WQdߨաII²@aAʩʤ]ܰC
-
bDȦsOOAѩOɶʪAҥHzDW٦b DNS
QקFAOѩe¸TٰOЦbL DNS
DȦsO̭AҥHաAibOHHDz
DNS DӬd߱zDWٮɡAN|oe¸TAoӮɶthiO
10 2 ѥkAo]Oڭ̱`zקF@ domain name Ain
2 ~ 3 ѫ~ҥΪtGաI
nաIzIJM DNS oΡAMڭ̤Sݭn[AҥHݭn@ӥDW١A]A
ڭ̻ݭn[] DNS FܡHIIMOAOH
赜FܦhyXkzrA]LNoAyvzDFI
ڭ̦beyӽЦXkDWz]A
unDW٦XkYiAoݭn[] DNS աI
- DNS ϥΪ port number G
nFAJM DNS tΨϥΪOdߡA۵Mݭn} Listen port
o ( ť )ISIܦXzI DNS ϥΪO@ port OHNO
53 o port աIziHz Linux U
/etc/services
oɮݬݡIjM@U domain orANiHd 53 o port
աIOo̻ݭnjaiOAq`A
DNS dߪɭԡAOH udp oӸֳtƶǿw ( protocol )
ӬdߪAOU@Skdߨ짹㪺TɡAN|AH
TCP oӨwӭsdߪIҥHҰ DNS daemon (NO named ) ɡA|PɱҰ
TCP udp 53 o port number I
yvzNqG
ܦhBͳ{y
[] DNS iH]wDW١Aӧڭn[ݭnDWrA]@wݭn[]
DNS Aun DNSAڪDNiHWrFI
zOo˶ܡHMOIoO~[IOH
q
WϤTϥAzӤo{AڭnjM
aerosol.ev.ncku.edu.tw DɡANݭnVz .ev.ncku.edu.tw oӺ쪺dߤ~Aӭnd
.ev.ncku.edu.tw hݭnb .ncku.edu.tw W߰ݤ~iHIoO]y
Wh
DNS D .ncku.edu.tw wgN .ev.ncku.edu.tw oӺ쪺zv "v"
green.ev.ncku.edu.tw oAHnd .ev.ncku.edu.tw oӺ쪺D
IP ɡA .ncku.edu.tw N|dߪȪ൹ green.ev.ncku.edu.tw hzFIqA
.ncku.edu.tw oӺ쪺zDAN|A ev.ncku.edu.tw oӺ쪺WٺzI
zO_ܹH|yvzH
]NOAzRyvzzYu@ɭԡAqA
niӶu@HAq𫖬Dz~OuyvzHAnVzХܤ@ˡI
^_^IҥHoApGzn[] DNS AӥBOiHsW Internet W DNS
ɡAzNnzLy
Wh
DNS Dvz~IoOܭn[I@Uڭ̦bU|Ф@Ӧp[]@
ygLXkv DNS DzI
ApGNWܧﴫGy
ڭn[AҥHڭnڪD@ӦXkWrI
z˴NXzFIOH]ڥiHФWh
DNS ڳ]wDWٹ IP NiHաIp@ӡAnڪ hostname
IP HAiHbڪWh DNS ̭AڥݭnzLڪ Linux DoIҦpsǪ
aerosol.ev.ncku.edu.tw NiHb green.ev.ncku.edu.tw oz DNS server
Wz㤣˦ۨӧڪ aerosol.ev.ncku.edu.tw WI]NOAǥ
DNS tγ̤j\y
DWĶ IP z
oӰʧ@AzunV@ӦXk
DNS DӽФ@ӡy
DW, hostname zz
Linux DAjaiHǥѸ DNS DӬdߨz Linux
IP ANiHϥθӥDW٨Ӭ[աINOo²I
nFAzNӪDFAnzDWٹ IP B Internet WqiHdߪANݭnG
- Wh DNS vz]w DNS DAΪ̬OF
- ФWh DNS Dz]wI
oؼҦAؼҦnOHoS@wסA
Uڭ̨ӽͤ@͡AzAX@ؼҦ]wOH
N٬Oۤv]w DNSG
pGzgӽйL domain name ܡAҦpV Hinet Seednet xWUjDn
ISP ӽ domain name ܡAӳ|DإDnҦANOWY쪺
DNS vAΪ̬O浃 ISP ӺzC浃 ISP zA
NiH٧@ONްաIMաApGzOǮճ쪺ܡAΪ̬O~pANoбzVWh
DNS DtdHnDoILצpAzuӿܴNOFAnNOХLz]wn
hostname IP AnNOХLNY domain name qvz DNS
DnzCګDӤ觋ڤnOHЪ`NAѩ DNS []A|hX@Ӻť
port AҥHzפWAOwI]Aण]MNn]wnoIҥHAo̪ijpUG
- ݭn[] DNS ɾG
- zҭtdݭnsW Internet DƶqejGҦpz@ӤHtdӤqQX
Server Aӳo Server Ozq줧UCoӮɭԷQn[] DNS
]աI
- ziݭnɱ`קz Server WrAΪ̬Oz
Server HɼW[iʻPܰʩʡF
- ݭn[] DNS ɾG
- Dƶqܤ֡GҦpa̩Τquݭn@ mail server ɡF
- ziHФWh DNS Dzz]wn Hostname ɡF
- z DNS {ɡApG[]ϦӮeyqpF
- [] DNS OΫܰɡI
ѻPϸѪ Zone NqG
Fo\hAٱoA@ѡBϸѻP Zone D~ڡI
- OѻPϸѡH
ڭ̦beY}vqNաA DNS tΥӳ̥Dn\NObĶ
hostname P IP oAѩqbW{ѪuO IP
աAҥHA@ӻAڭ̺١y
hostname hMX IP {Ǻ٬ zA
ܩ IP hd߱o hostname NQ٬ϸѤFIϸѪ]wpOtʫܤjIOH
- ѡG
bѪpUAڭ̥iHzLDh]w觋Ӭd(ҦpeϤT)AӦ]O
Hostname IP AҥHYϦbPq IP AMiHgbP@ domain
IҦpڪDObǮո̭ ( 140.116.xxx.xxx )AOڥӽЪO vbird.idv.tw
o domain W١AӫܦhBͫhOH ISP Ѫ IP ( Ҧp 61.xxx.xxx.xxx
) Ӷi *.idv.tw ӽЪII@ӡAڪ vbird.idv.tw NPja
*.idv.tw bP@ domain ]woAOoǥDoObP줧(140.116.xxx.xxx
| 61.xxx.xxx.xxx bP@ӺqaI ^_^) IҥHoA@ DNS iHNz
IP gJL̪ѷoI
- ϸѡG
OϤhIOH] IP
WtɭԡANݭn@Ӱϰ@Ӱϰ쪺AҥHMiP@Ӻq
IP bPaX{aI]oAΨ TCP/IP wP router [cz]AP@
IP qϸѴNuonzLWhD]w~FIҥH IP Ϭd hostname
ܡAjpUANݭnVݪWhӽФFI
|ӨҤlӻGڷQnۤvW٪WrAҥHڥiHh~ ISP ӽеU@ӦXkWrӬ[]ڪ
DNS IqAOHNiHgLڪ DNS Ѭd߱oڪD IPCOpGn
IP Ϭd^ hostname ܡAڴNy@wݭnzкzڥDҦb쪺Wh
DNS zӳ]w~zIo]Oثe·ЪaA]ѱziHۦ]wA
OϸѫhݭnФWhz]wIpGOV
ISP ӽЪ IP ANoV ISP ӽФϸѦW٧ﴫAoӳq`ܳ·С
- O Zone H
DϸѤAAӭnӪD@UASO Zone ( ϰ
) OH²@IܡA@ӥѩΤϸѪ]wNO@
zone AҦpڭnWd vbird.idv.tw o domain ]weALNO@
zone Iq`Ay@ӳ]wɴNO@ zone zI
pGH vbird.idv.tw oӨҤlӻAtXW ϤT ӻA
vbird.idv.tw ḒܤֻݭnD . (root) Hγۨ]wA
ҥHAo domain DNS ]wɸ̭AݭnG
- hint( root ) ]wF
- vbird.idv.tw o domain ѳ]wF
- localhost ѳ]w(Dn)F
- localhost ϸѳ]w(Dn)C
ڴN| zone FIpGHڭ̨t] DNS D green.ev.ncku.edu.tw
ӻܡALܤ֭nG
- hint(root)F
- ev.ncku.edu.tw ѡF
- ev.ncku.edu.tw ϸѥH F
- localhost ѡF
- localhost ϸѡC
zone wqoIKIz|o{AڨS vbird.idv.tw o domain
ϸѳ]w㬰OHаѦҤWaI]ϸѻݭnnD IP
wWhӳ]w~IåBAݭnSOdNOAyC@
zone @ӳ]wɡAӳWwodz]wɦWAN浃
/etc/named.conf oӰѼɨӳ]wIz
( bs Linux distribution A
]Noɮשmb /var/named/chroot IݭnSO`NI)]NOA
DNS server ϥΪ bind oӮMALDnѼɬO /etc/named.conf AӳoɮNOOFC@
zone ]wɦWIڤWADWٻP IP NOObU zone ]wɤ
- ϸѤ@wnMܡH
nFAϸѻݤݭnM͡Abo̤ΦhFaIH
^_^IЪ`NAbܦhpUAרOثenhW䧮WٲͥXӡA
ҥHA``|uѪ]wݨDӤwCL]ݭnӹL߰աA
]q`bϬdpApGzOϥΥثexWaϳ̬y檺
ADSL WܡA ISP Nwgz]wnϸѤFIҦpG211.74.253.91o
seednet Bʦ IP ϬdG|o 91.253.74.211.in-addr.arpa
o˪DW١IҥHb@ڭ̦ۦӽлW٪ɭԡAzunߥѪ]wYiI
MܡAϥϸѪvڥ]|}zAzۤv]woܰ]SΧrI ^_^
b DNS ]wWAWAznwgܲM
zone OFA_h~]wI|d@kLצpAz@wnDOA
bind ]wɡANO /etc/named.conf (
bs BIND A
oɮצGwgQh /var/named/chroot FIzۦM )
oɮסApGLsbܡAЦۦإߧaIt~Aw
DNS server jPWiHTAOOG
- MasterG
o DNS tW٪]w( NOZoneաI
)Aoӳ]wɴNO]wѩΪ̬OϸѪyDatabasezoIҥHLO㦳
Internet dߩһݪƳIҦpڥiHbڪDW]w vbird.idv.tw
oӺAڪDNO master DաI
- SlaveG
JMQn[] DNS DA۵MNOƱۤvDWٯb Internet WQdߪC
ӱz]oAqDoF褰ɭԷ|IHҳoNAɭԷ|H
O֤]ӡAz`ƱۤvDWٵLkQdߨaH
ҥHA@ӻA
DNS tγq`|ijzܤ֭nⳡD DNS Aȡ
LApGz| DNS Dѳo˪WٸѪRAȡA
ӥBo|O۬ƴA]NOAo|DeO@Ҥ@˪A
pGznʤ@ IP PW٪ɡANnʥhq|DeA
o˷||ܳ·аڡHI
oӮɭԴN slave DNS DX{FILAslaveDnP master DۤftI
HWרҨӻApGڥn|D DNS AȡAB|eۦPA
ڥunw@D Master ALT Master Slave DA
nק@WٹɡAڥunʧ master ]wɡAMA
sҰ BIND oӪAȫAILT slave N|۰ʪQqsFI
oˤ@ӡAb@WiNPgNhF
ѩثeںäwAP˪ BIND AȤ]Oܦw
]ApGz]w Master/Slave [cɡAz Master Dn
uYǯSw IP Doz DNS DϸѸƮw~nI
ҥHAW~| Master/Slave n۷ft~I
t~AJMڪҦ DNS DOݭnPɴ internet WWٸѪRAȡA
ҥHO Master ٬O Slave DALniHPɴ DNS AȤ~nI
]b DNS tηAW٪d߬OymĹzAAҥHA
ڭ̤|o@DƷ|Qdߨ쪺I
FѨ}n DNS AȡAC DNS Dnॿ`u@~nڡI
- Cache-onlyG
q`]wbWOIo
DNS DSۤvƮwA¶U Client ݦV~ DNS
DnDƦӤw²檺ӻALiHQO@ӡyNzHzӤw
Master/Slave Ƨs쩳Opʧ@OHЪ`NASlave
OݭnsӦ Master DNS ưڡIҥHM Slave b]wNݭnsb
Master ~InFA Master P Slave ƦPBʧ@iHѩUϥܨӬݡG
ϥ|BMaster/Slave DNS
DƦPBL{
- P_O_ݭns(1.1)G
ڭ̥iHb Slave ]wnV Master DNS DnDƧsgɶAhCFsɶɡA
Slave |V Master O_ݭnsơAoӧsƪP_hH
Serial number O_PӶisI
- P_O_ݭns(1.2)G
F Slave V Master dߤ~AMaster pG DNS ƸgLܧABQn Slave
PBsɡA]iHDʪV Slave isqI
- ƦPB(2)G
̫MNOƥ Master ǰe Slave ӧs Slave DNS oI
Ъ`NApGzQn[] Master/Slave DNS [cɡA
ⳡD
(Master/Slave) ݭnzx~IWܦhboӦa卖Iy{zA
ЯSOdNڡI
Uڭ̴Nӽͤ@ʹX²檺 DNS DAOO
cache-only ( forward ) PԲӪ Master DNS DA̫Aڭ̦AH@²
slave D]wӧ@
ª forward DNS D]wG
Oª forward DNS DOH
nFAAѤF BIND w]|Aڭ̪DF BIND Dn]wɬO /etc/named.conf
oɮסAOڪ /etc UNSoɮסII]znۦإ߰աI
^_^IbЫ]wC@ zone eAڭ̥Ӫ@²檺 DNS DINO
cache-only DNS server I
]٬ forward DNS oIUWqAo DNS server u
cache ( ֨ ) \A]NOALèSDWٻP IP ϸѪ]wɡA
Oѹ~dߨӴѥLƨӷI]LS zone ]wɡAҥHLNnsW@Xk
DNS ~IӹB@y{iHݦOoӼˤlG
ϤBCache-Only DNS DB@y{
ѤWϥܨӬݡAziHo{AAڭ Client MOϥ Cache-Only
DNS bjMAOAڤW Cache-only DOФ@ ( Forwarders )
DNS DdߪAèS zone ]wɰաIҥHAWA cache-only
DNS uO@Ӥǻƪ DNS D}FIn[]o˪@
DNS DOHSƷFHMOIoO]աIUzťoI
ɭԨϥ cache-only DNSH
bYǤq渹YAFwuQΤq귽@ۤvƱAҥHA
|w Internet su@Y檺CMաAs port 53 o DNS |Ψ쪺 port
]i|Qצb𤧥~oӮɭԡA
ziHby
𪺨WA[ˤ@
cache-only DNS AȡIzoONOH²ڡINOzۤvQΦۤv
DW DNS Aȥhz Client ݸĶ hostname <--> IP oI]D
iH]wۤv DNS \A Client ݴN]wӨ IP DNS D IP YiI
Io˴NiHoDWٻP IP ĶաI
² cache-only DNS ]wG
]w@ cache-only DNS Du²檺աI]ݭn]wϸѪ
Zone AҥHun]w@ɮ(NO named.conf)YiIuOֱּooFoI
- s /etc/named.conf
boɮפADnOwqDƶAHΦU Zone NtNPɮסA]
cache-only S Zone AҥHڭ̥un]wnD]wYiC]woɮתɭԽЪ`NG
- ѸƬOHy // zӧ@]wI
- CӬq᳣ݭnHy ; zӰI
ziHo˳]woɮװաI
[root@test root]# vi /etc/named.conf
// This settings is only for forwarding DNS Server
options {
pid-file "/var/run/named/named.pid";
forward only; //u\ forward!
forwarders {
168.95.1.1; //ڳǫϥ hinet DNS I
139.175.10.20; //oӬO seednet DNS I
};
};
// ڳo̦]w pid-file AҥHonSO`NFI] pid-file
// ҦbؿUA]NO /var/run/named ؿAڪ bind
// ɵ{Ǫ֦H( `ӬO name oӨϥΪ )n
// gJI]NOA /var/run/named owner
// O named o user ~I
[root@test root]# ls -al /var/run/named
total 12
drwxr-xr-x 2 named named 4096 Dec 5 02:28 ./
drwxr-xr-x 10 root root 4096 Dec 5 02:01 ../
# `NW ./ ؿ̡֦I
|
ڭ̶ȰʥΨ option oӰѼƦӤwA̭]wȷNqG
- pid-file
OC@ services Oۤv
PID ( Process ID ) ɮoIoɮ׳q`ΦbsҰʩΪ̬O reload
services ̱`QϥΨ쪺I]iHϥ kill -1 PID
ӭsҰʰڡIӡIѰOO PID
H֮X¦gƲߤ@UI
- forwarders
(nѰO s I)NOn]weM䪺ӡyXkz
DNS oIC@ forward D IP ݭny ; zӰI
- forward only
oӳ]wiHz DNS Dȶi
forward ӤwIO Cache-Only Ḏ`]wFI
²aIo˴Nwg]wF²檺 cache-only DNS DFI
- Ұ named
Ұ`|ѰOaIH֥hҰʤ@UaI
[root@test root]# /etc/rc.d/init.d/named start
Starting named: [ OK ]
|
- [ port ܤ
ЯSO`NIäOҰʪɭ OK N|\IҥHA٭n֪Ӭݤ@Uz
port 53 SҰʣz
[root@test root]# netstat -utln
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 192.168.1.2:53 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN
udp 0 0 192.168.1.2:53 0.0.0.0:*
udp 0 0 127.0.0.1:53 0.0.0.0:*
|
SOݭndNOApGSwܡAҦA]t lo,
eth0, ... |Q]wiH domain name nD^I~A
ٰOoڭ̦be쪺ACӤPɳ| TCP P UDP ʥ]AȳI
oˬݰ_ӦGuҰʪˤlALAڭ٬Oo@@@]w譱SjDOH
- ˬd /var/log/messages eT
named oӪAȪOɴNLmb /var/log/messages ̭աAҥHӬݬݸ̭XaI
[root@test root]# tail -n 15 /var/log/messages | grep named
Dec 5 02:33:33 test named[3010]: starting BIND 9.2.1 -u named
Dec 5 02:33:33 test named[3010]: using 1 CPU
Dec 5 02:33:33 test named[3015]: loading configuration from
'/etc/named.conf'
Dec 5 02:33:33 test named[3015]: no IPv6 interfaces found
Dec 5 02:33:33 test named[3015]: listening on IPv4 interface lo,
127.0.0.1#53
Dec 5 02:33:33 test named[3015]: listening on IPv4 interface eth0,
192.168.1.2#53
Dec 5 02:33:33 test named[3015]: running
Dec 5 02:33:33 test named: named startup succeeded
|
Iݰ_ӦGOSDˤlFInFINӴլݬݧaI
- աG
oаѦҡG Client ݪն
SOGForwarders nBPDR
forwarder nBPaBA꦳ܦhتNIjPNio⬣G
- Q Forwarder \ӼWiįzG
oǪB̻ͭ{AܦhUh DNS Dϥ forwarder ɡA
ӳQ]w forwarder DAѩ|OܦhTO(аѦϤT)A
]AǤUh
DNS DӨA|W֫ܦhAY|`٫ܦhd߮ɶIWAoǰy{iHݦpUϩҥܡG
ϤBForwarder ѼƪB@
Ҧ cache-only ]w forwarder yD DNS Dz@AhѩD
DNS DwgOFhTF(CӤHӭnDI)ҥHALHӭnDۦPd߸ƮɡAhD
DNS N|Ѩ cache ŪA]Ad߮IJvNܧ֤FI
- Q Forwarder Ϧӷ|Ͼ骺į୰CG
Ot~@hۤϪѡIoO]D
DNS y~ȶqzNcɭԡAz cache-only
D٦VLnDơA]LƶǿqӤjAWe譱itqAӤӦhUh
DNS SVLnDơAҥHLd߳t|ܺCI]d߳tܺCFAӱz
cache-only DSOVLXnDAҥH۵M䪺d߳t״N|PBUI
ܦhػkաIH]ıoܦIuOD@TNOF
>_<"" ALiHDOApGWh DNS tܧ֪ܡALQ]w
forwarder ɡAγ\uiHW[֮įI
DNS DԲӳ]wG
Uӧڭ̴NӬ[]@㪺 DNS DaIpPeAڭ̥n]wɮצXөOH
- /etc/named.conf
- /var/named/named.root
- /var/named/named.localhost
- /var/named/named.127.0.0
- /var/named/named.ɮ
- /var/named/named.ϸɮ
jNOoXӡIn`NOAFĤ@ /etc/named.conf ɦWOw]~ALɦWOb
/etc/named.conf ̭]wIUڭ̴NHa̪ DNS D]wӻ@UͬOp]wڪ
domain name oIn`NOAo̪ DNS ]wOyp쪺]wzAA
pGzݹLFy
vzAN|DA
Uکҳ]wҬOݩyXk
DNS DzAoNۧڪ DNS DuV~dߡAOOHOdڪ DNS
Ḓ]weIDLϥΧڪ DNS D IP oILAKKIڨϥΪOp
IP AQnϥΧڪ DNS IIS
- ʳW hostname P IP G
b@ƤeAʤ]p@UOnƧoIڰ]ڪ domain name O vbird.tw
Ӻ쬰 192.168.1.0/24ADWٰtX domain name ӳ]p@TqAOG
| qt | q IP | qW | |
| MDK 10.0 |
192.168.1.2 |
mdk.vbird.tw
forum.vbird.tw
www.vbird.tw
ftp.vbird.tw |
oqODn DNS DAڪDnW٬O mdk.vbird.tw
ALTӫhOyDOWIz |
| Win2K | 192.168.1.100 | win2k.vbird.tw | oDW٬OOb mdk.vbird.tw ̭ơC |
| WinXP | 192.168.1.200 | winxp.vbird.tw | oDW٬OOb mdk.vbird.tw ̭I |
n`NOAb mdk.vbird.tw A]ӹqγ~۷hA
ҥHڧƱ桦@DhӦW١I]ثeSu@ӥѪAҥHNȳ]wFo
domain ̭TӧOWFIҥHD`@|ӦWroI
- ]w² /etc/named.conf ɮסG
ٰOoWLAoɮפ~ODn]wɡAӨL hostname <--> IP
hObU zone ]wɤIoɮץDn]wbwD]wA
o@I forwarder DNS DwgLFIt@ӫhObwqC@ zone
ɮצWٻPӳ]w domain y Type ()zAUФTإDnA
O master ( Dn]w ) B hint ( NO root )
H slave ( w master ӶiƦPBƪ]w )C
nFApGHڭ̭WW]wӬݡAӦ /etc/named.conf
]wN|ܦUҼˤFG
[root@test root]# vi /etc/named.conf
// ]w骺DWIIb directory NqI
options {
directory "/var/named";
//oӬObWwyڪϸɮשmؿz
forwarders {
168.95.1.1;
//ޫAʹNOw forwarder ]w
};
pid-file "/var/run/named/named.pid"; //CӪiೣPI
allow-query { any; }; //O_\LHdߡHMաI
allow-transfer { none; };
}; //Woӳ]wءADnw Master/Slave [cA
//YO_\Ӧ slave ݪnDӴѾ zone ǰeI
//~ӥѩ@ǦwʪDAҥHAo̧ڭ̫ijNL]w none
// wqX . (root) o hint type ɮפeI
zone "." { //ݨFSIHoӴNOҿת zone աI
type hint; //ܪ type hint (root . M)
file "named.root"; //]wɮתɦWIw] named.root
}; //ɭԤ]iO named.ca I
// AӫhOwqX localhost ϸѤFI²աINO 127.0.0.1 Ӥw
zone "localhost" { //o zone ܳ]wɪw] domain
//name localhost NIo̽СySOzdMI
type master; //Dnb]wɡI
file "named.localhost"; //ɦWIiHHۤvHKI
};
zone "0.0.127.in-addr.arpa" { //ϸѪ IP qI in-addr.arpa O
//Tw IP qgkI
type master;
file "named.127.0.0";
};
// wqXڦۤvo@եϸѳ]wI
zone "vbird.tw" { //ڪ zone domain name vbird.tw
type master;
file "named.vbird.tw";
};
zone "1.168.192.in-addr.arpa" {
type master;
file "named.192.168.1";
};
|
nSOdNOG
- options
- directoryGoӳ]wȴNObWdC@ zone ɮשmؿC
|ҨӻApGO localhost ɡAYO named.localhost ɡA
oɮתmmNOb /var/named/named.localhost աIo˥iHAѶܡH
ӱziHۤvܦۤvɮשmaANiHMILAߺDW٬Omb /var/named ̭I
- pid-fileGOC@ services Oۤv
PID ( Process ID ) ɮoIoɮ׳q`ΦbsҰʩΪ̬O reload
services ̱`QϥΨ쪺I]iHϥ kill -1 PID
ӭsҰʰڡIӡIѰOO
PID
H֮Xy Linux pе -- ¦Dz߽gz
Ʋߤ@UI
- forwarders (nѰO s I)G
NOn]weM䪺ӡyXkz
DNS oIC@ forward D IP ݭny ; zӰI
- . (root) eG
root ̭nNO hint type աIOogI
- localhost ϸG
ϸѪWٳiHHN]wALAnSOdNNO
zone ᭱NOy domain name zIo domain name
Ӧb zone ]wɷ|ϥαoWcI
- L domain ϸG
P localhost SPANuOP domain name NOFI
- ϸѪgkG
ϸѪ Zone gkSALnN
IP ϹLӼgAҦp 127.0.0.0/24 o C class AngܡAhnϹLӼg
0.0.127 o˪ΦI𫟺ݭn`NOA̫᭱ȥn[Wy
in-addr.arpazNNInѰOFI
- ]w . ( root ) eG
@ӻApPϤTy{ѻ@ApGbWdߤYD IPA
ӧڭ̪ DNS DSS]w forwarders ɡA DNS Dq`NO
. ( root ) hdoIOڭ̫D root b̩OH`٬Oݭn IP aISoI
oɭԴNݭn hint o type Ӥ䴩աI@ӻAb BIND oӮMXɡA|W .
]NO named.root ( named.ca )oɮתApGSܡASYAڭ̥iHsWz
domain name ANO rs.internic.net ohUoIziHo˰G
[root@test root]# ftp rs.internic.net
Connected to rs.internic.net.
Name (rs.internic.net:root): anonymous
331 Guest login ok, send your complete e-mail address as password.
Password: <==your password
230 User ftp logged in. Access restrictions apply.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> cd domain
ftp> get named.root
ftp> bye
|
Ӭݤ@Uo named.root ɮתeaI
[root@test root]# vi named.root
; pAvŧiٲ
;
; formerly NS.INTERNIC.NET
;
. 3600000 IN NS A.ROOT-SERVERS.NET.
A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
;
; formerly NS1.ISI.EDU
;
. 3600000 NS B.ROOT-SERVERS.NET.
B.ROOT-SERVERS.NET. 3600000 A 128.9.0.107
;
; formerly C.PSI.NET
;
; HUٲ
|
@YzӪDA`NIӡy ; zO]wɪѡAP /etc/named.conf
S@ˡISOdNAndFIMz|o{Cӡy . z NS P A A
`NݨrAĤ@NO
. name server (NS) yA.ROOT-SERVERS.NET. z̫᭱S[W
. O@˪ISOdNIӳo nameserver IP ( A )
198.41.0.4 IILγ~ڭ̦bU@ɮצAӽ͡I`ӨA
oɮפnhL I]oӬOڤWqΪơAקաIFϦӷ|䤣 . I
- ]w ( localhost ) ɮסG
C@ localhost IҥHOAڭ̴NӰw localhost oӺ쪺qӳ]w@UoI
ӥѩ localhost q` IP NO 127.0.0.1 AҥHNLѦoӴNաI
OnSOdNOAyڪѭn@ nameserver IHz]AbU]wɷA
̭nNOnϥ NS o nameserver yDW١zлxաI
[root@test root]# cd /var/named
[root@test named]# vi named.localhost
$TTL 600 ; oӸM cache ɶYIOI
@ IN SOA localhost. root.localhost. (
2002120601 ; Serial P master slave O_PBI
; @ӨApGoӼƭܤjFA slave ~|PBsI
28800 ; Refresh wqX slave h[|Dʪˬd serial
; ȡAHKDʪsƮwI
14400 ; Retry wqXApG slave SsW master DNS
; Dhh[|sADˬdI
720000 ; Expire pG@SsW mater AF
; oӮɭslave N|ˬdʧ@FAAsI
86400 ) ; Minimum oӨNO TTL աIpGzSwq
; TTL A TTL ȴNHoӨӳ]wI
; }l]wѪTeG
@ IN NS localhost. ; SOdN̫᭱ . I
localhost. IN A 127.0.0.1
; A OѸ̭ hostname IP лx
|
WܦhǩǪrAڭ̱on@UA_h᭱z|yٷ١zI
| Ÿ |
|
| $TTL |
- oӪFDnbGywqXV~dߪƥiHOb DNS cache h[zNF
- ᭱Ʀr쬰F
- q`oӼƦrpGwqӤjܡAҦp@(86400)ɡAOHFL DNS TɡA
ѩz cache sɶ@ѡAҥHon@Ѥ cache Ƥ~|QNA]Ab@ѤA
zdߨ쪺Ty|OªIz
- OoӼƦrpGwӤpܡAҦp(300)o DNS N|_V~nDơA
ht|ܪjաI
- ADObնqAMܡAq`|ijwq@Ѫ cache ɶoI
- `NGYǮMWäwqoөNNI
|
| @ |
oӴNO zone wqXөNNաIHoɮפeҡA]ڭ̦b /etc/named.conf
NOwqX localhost o domain name @ zone A]AIbo̡A
oӲŸNN localhost աI |
| SOA |
- oӬO Start of Authority }l]weNաI]NOb᭱]wn}lFI
Ъ`NAoөNNbCӡyzone ]wɡz|sbIҥHAC zone ]w@˧YiI
- b SOA ᭱|өNNAĤ@ӬDW( localhost. )AЯSOdN localhost
᭱ӤpI (.) oӪFܭnILNy@ӧ㪺 hostname + domain name FzI
pGS[W (.) ܡANܸӤryȬ hostname Aٻݭn[W domain name zI
o̬Os̮eX{~IĤGӬz e-mail I]ϥ @ (wgOSŸF)A
ҥHo̤]P˪H (.) ӨNIҦpWڥH root@localhost Ӱڪ e-mail
AҥHNgF root.localhost. AP˪A̫᭱ (.) I
- b̫A|p ( ) A_FӼƦrAoӼƦrF̫@ӻP TTL ~A
L slave P master ƦPBB@I
- Serial GoӼƦrȬOΨӰ master P slave
update ѦҼƭȤ]NOA Slave serial p Master ɡA
update ~|ʧ@Iѩ߳]w̪]wޥDA]q`ڭ̥HɶӰ
Serial qw̾ڡAҦp 2002 ~ 12 6 Ĥ@]wAiHg
y2002120601zЪ`NAoӼƦriWL 10 ӼƦrC
- Refresh GRO slave h[iDʧsɶF
- Retry GpGF Refresh ɶAO slave oLks master ɡA
bh[Aslave |ADʹջPDsuF
- Expire GpG slave @LkP master sWAgLh[ɶA
hRO slave nAs master FI
- Minimun GoӴNIO TTL աI
t~AUӭȬOjpAL̪OG
- Serial <= 2^32
- Refresh >= Retry * 2
- Refresh + Retry < Expire
- Expire >= Retry * 10
- Expire >= 7Days
|
| NS |
- name server NA᭱Oyhostname FQDNzoӪܫe domain
Oѫ᭱oӥDҺzաI
- y @ IN NS localhost. zo@檺NOA@ ( zone AYO localhost o domain )
z Name Server localhost oDAЪ`NA localhost ᭱@wn (.)
~IOH]pGS[W (.) ܡADWٱN|ܦ localhost.localhost I Why H
oO] BIND w]pASg . ܡAhܸӦW٬ Hostname ӤwAݭnA[W
domain name ~I
- ѩ Name Server DW١AҥH٭n[Wo name server Ѫ IP
(NOUnͪ A )~I
|
| A |
oOѪŸաI]NOAe localhost. (٬Oon`N . )ҹ IP 127.0.0.1 NաI |
| . |
IALjդUAb BIND ]wɷADW٪ܡA̫᭱S[W .
OtܦhI[WF . ܳoӡy㪺DW١AYO hostname + domain name zFA
pGS[W . ܡAܸӦWٶȬy hostname zӤwIOOI |
o˥iHAѤWNFܡHIoӬO̰¦XӶسIdUnOoInѰOF
nFADFѤAڭ̭nӽͤ@ͨӤϸѪFաI
- ]w ( localhost ) ϸɮסG
ϸѸѤ@ˡAٳݭn SOA иA]ݭn NS oөNNAߤ@PjNO
IP hostname PFaI
[root@test root]# cd /var/named
[root@test named]# vi named.127.0.0
# oɮצW٬Ob /etc/named.conf ̭]w
$TTL 600
; This is about DNS server's settings
@ IN SOA localhost. root.localhost. (
2002120601 ; Serial
28800 ; Refresh
14400 ; Retry
720000 ; Expire
86400 ) ; Minimum
; The server's infomations
@ IN NS localhost.
1 IN PTR localhost.
|
WeXe@ˡANFIu̫@椣@ˡAӬOOH
| Ÿ |
|
| PTR |
- oOϸѪŸաIDn٬Ob IP DW٪NNIn`NOAѩoɮת zone
127.0.0 AҥHڭ̥un[@ӼƦr(̫@ӼƦr)NiHաIӨ 1 ܪNF 127.0.0.1 oI
- U@ѧڭ̳WO B Class zone OHҦp 127.0 o˪ zone OH²աI
NӼƦrYiI]NO 0.1 oI
- ̭nFNOGbW zone ɭԡAOܭnAӤϸѪ zone Wٳ̫ݭnW
in-addr.arpaAoI]ФdUnѰOFI
|
]o domain (localhost) Nu@AҥHڭ̫²檺NiHNL]wFI
UAڭ̱Nn]wڭ̦ۦ氲]wTDI
- ]w domain name ѡG
Aӳ]wNOڭ̥e쪺TDFAziHo˳]wG
[root@test root]# cd /var/named
[root@test named]# vi named.vbird.tw
# oɮצW٬Ob /etc/named.conf ̭]w
$TTL 600
; W쪺@ˡA]wD@ǰTI
@ IN SOA mdk.vbird.tw. root.mdk.vbird.tw. (
2004102901 ; Serial
28800 ; Refresh
14400 ; Retry
720000 ; Expire
86400 ) ; minimum
; D]wѼƳ
@ IN NS mdk.vbird.tw.@
; o zone (vbird.tw) D
@ IN MX 10 mdk.vbird.tw.@
; lDnlDI
mdk IN A 192.168.1.2
mdk IN TXT "The testing DNS server"@
; ȬO
phorum IN CNAME mdk@@@@@@
;`NoPU@檺gkI
www IN CNAME mdk.vbird.tw.
; LD]wTW
win2k IN A 192.168.1.100
win2k IN HINFO "AMD-K6-III""Windows 2000"
winxp IN A 192.168.1.200
|
Fe master P slave ɶѼƤ~A٦ӭn NS H
A oǰѼƤ~A̭ѼƥDnUXӷsANG
| Ÿ |
|
| SOA |
SO`N SOA @檺]wI]ڭ̭n]wwgO vbird.tw o Zone
FAҥHЭק@UzDW١A٦ DNS Dzl}I
- t~A٬OA . OFI
|
| MX |
- oӪFNO Mail eXchanger (MX) ²gALγ~bϥΩlDɡA
ݭnHIΩ@DOShjvTAO mail server h۷nvTI
- pGDpϥγoӪNASYAziHNzDW(FQDN)gJI
HڤWҤlӻAڴNNlDgڦۤvDA`NA̦nO FQDN I
- pGzlDS MX oӳ]w]SYաAH٬OiHǰeFAOA
ɫNO|C@ǨǦHӪHNOFI
- Ъ`N MX ᭱nW@ӼƭȳIziH]whӶlDAOЯSOdNOA
Q]wlDn䴩zl relay ~A_h]w|ܦLĪI
|
| TXT |
- oӪFbiyzӤwIYOeD@ǸTC
- SO`NOASƪܡAyTngoӸԲӡAɭԬƦӭngǿ~TIz
OHpGgoӸԲӪܡAǭ cracker N²檺NiHNzToA
öiӤJIFܡH @_@
|
| CNAME |
oӪFNO]wDOWNNաI]ڭ̪DܦhӦWrA
SnCӦWrإߤ@ A иAoӮɭԡAڭ̴NiHϥ CNAME
ӳ]wt~@ӧOWIHWҡAڳ]wFӧOWbڪDWASOdNO CNAME
gkVP@AW CNAME ̤jtʦbgO_ FQDN
P᭱S[W . oӼлxաI ^_^ |
| HINFO |
oӪF᭱өNNAĤ@ӱOw骺šAĤGӱhO@~tΡA
oөNN̦nnΦb} DNS DWA TXT @˪DաIpGn]wܡA
̦nϥj}ӳI |
oӴN]woIB~`NIb DNS ѳALnTSOhA
]wNNFҥHAzݭnSOdNCӳ]wȬO_TI@ӨA
ڭ̷|ijjaA]wAåB槹Ұʪ script AdUnOoh
/var/log/messages Yݤ@ݦS~TI
- ]w domain name ϸѡG
]wϸѭn²檺hFun hostname YiG
[root@test root]# cd /var/named
[root@test named]# vi named.192.168.1
# oɮצW٬Ob /etc/named.conf ̭]w
$TTL 600
@ IN SOA mdk.vbird.tw. root.mdk.vbird.tw. (
2004102901 ; Serial
28800 ; Refresh
14400 ; Retry
720000 ; Expire
86400 ) ; minimum
; LDTI
@ IN NS mdk.vbird.tw.
2 IN PTR mdk.vbird.tw.
; The following is about other hosts
100 IN PTR win2k.vbird.tw.
200 IN PTR winxp.vbird.tw.
|
²aINO IP YiI
- Ұ named P port ΰTT{G
SFҰʪɨFI[oI
1. }lҰʡI
[root@test root]# /etc/rc.d/init.d/named start
Starting named: [ OK ]
2. port [G
[root@test root]# netstat -tuln | grep 53
tcp 0 0 192.168.1.2:53 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN
udp 0 0 192.168.1.2:53 0.0.0.0:*
udp 0 0 127.0.0.1:53 0.0.0.0:*
3. TeI
[root@test root]# tail -n 15 /var/log/messages
Oct 29 17:30:33 test named[27159]: using 1 CPU
Oct 29 17:30:33 test named[27159]: loading configuration from
'/etc/named.conf'
Oct 29 17:30:33 test named[27159]: listening on IPv4 interface
lo, 127.0.0.1#53
Oct 29 17:30:33 test named[27159]: listening on IPv4 interface
eth0, 192.168.1.2#53
Oct 29 17:30:33 test named[27159]: zone 0.0.127.in-addr.arpa/IN:
loaded serial 2002120601
Oct 29 17:30:33 test named[27159]: zone 1.168.192.in-addr.arpa/IN:
loaded serial 2004102901
Oct 29 17:30:33 test named[27159]: zone localhost/IN: loaded serial
2002120601
Oct 29 17:30:33 test named[27159]: zone vbird.tw/IN: loaded serial
2004102901
Oct 29 17:30:33 test named[27159]: running
Oct 29 17:30:33 test named[27159]: zone vbird.tw/IN: sending notifies
(serial 2004102901)
Oct 29 17:30:33 test named: named start succeeded
|
- i]w~DG
WADNS O]w@ Server FAҥHb譱аȥpߡI
L]w~q`رpG
- yk]w~G
oӰDnѨMA]b /var/log/messages
̭wgܲMFIӤehqYiF
- ]w~G
oӴNxZFIOH]LDnoͦbz]w
DNS DɭԡAҼ{gҲͪDIҦpѰO[W (.) A
tΤ|ܿ~TAOo|ydߪ~PA
MX ]wDWٿ~A]|X{DTAO mail server
NO|Hoǿ~ݭnܸԲӪ
DNS client դ~ાDDҦbC
ڭ̳o̥Nyk]w~譱i椶СAܩ]wDAӴNݭnhhiդ~ાDF
U~T|Ob /var/log/messages ̭I
Dec 10 11:34:21 test named[31185]: /etc/named.conf:18: missing ';'
before '}'
Dec 10 11:34:21 test named[31185]: loading configuration: failure
Dec 10 11:34:21 test named[31185]: exiting (due to fatal error)
# o˪~NOoͦb /etc/named.conf a 18 AѰO[W ;
# ŸFIhץYiI
Dec 10 11:37:20 test named[31236]: dns_rdata_fromtext:
named.localhost:9: near eol: unexpected end of input
Dec 10 11:37:20 test named[31236]: zone localhost/IN:
loading master file named.localhost: unexpected end of input
# o˪~q`NOoͦb named.localhost 9 BAhץݬݡA
# q`beXܦiO SOA ᭱ӼƦrSg]I
Dec 10 11:42:28 test named[31338]: dns_master_load:
named.localhost:14: unexpected end of line
Dec 10 11:42:28 test named[31338]: dns_master_load:
named.localhost:13: unexpected end of input
Dec 10 11:42:28 test named[31338]: zone localhost/IN:
loading master file named.localhost: unexpected end of input
# P˪AiDzbɮ named.localhost DIЬdҡI
|
q`̤j]uNOrաI`Ahݬ /var/log/messages
eA@wiHzAѿ~DI
- աG
o˴N]wFIUӡAЬd\ b Client ݪ aI
Master/Slave [cԲӳ]wG
pPڭ̦be쪺ApGzh DNS DzP@ӻW٪ܡA
F`ٺ@AH Master/Slave [cӳWDtmbO@Ӥ觋I
]ApGݭnק zone DWٻP IP ơAhun Master DYiI
b Master/Slave [cUAMaster ]wPe@p`]wOۦPA
uLݭn]wwwQǰe zone allow-transfer حȦӤwI
ܩ slave ALݭnwwnǰe zone ɮסA]ɮ|۰ʲ͡
Uڭ̴Nӳ]w@UaI
- ׳W
P˪HW@p`רҨӻAڪ Master zO vbird.tw oӻW١A
Lһݭn]wɮצӡAOO]w /etc/named.confAH zone ƪA
b /var/named ̭ named.root, named.localhost, named.127.0.0, named.vbird.tw
named.192.168.1 C
ܩ slave 譱AP˻ݭn]w /etc/named.conf ALAb zone file 譱ALȻݭn
named.root, named.localhost, named.127.0.0 ӤwAt~ɮ|۰ʫإߡI
- Master ]w
Master ]wPW@p`XGۦPAuOnܤ@ӳ]wȡAЭק /etc/named.conf oˡG
....()....
zone "vbird.tw" {
type master;
file "named.vbird.tw";
allow-transfer { 192.168.1.21; };
};
zone "1.168.192.in-addr.arpa" {
type master;
file "named.192.168.1";
allow-transfer { 192.168.1.21; };
};
....()....
|
YڶȤ\ 192.186.1.21 oڪ zone file ҦeǰeڡILXɮ׳Pe@p`ۦPC
- Slave ]w
ܩ Slave ]w譱Ab /var/named ̭ named.root, named.localhost,
named.127.0.0 iH Master ƻsLӡA /etc/named.conf ]iHƻsLӡA
unק令Uo˧YiG
[root@test2 root]# vi /etc/named.conf
....()....
zone "vbird.tw" {
type slave;
file "named.vbird.tw";
masters { 192.168.1.2; };
};
zone "1.168.192.in-addr.arpa" {
type slave;
file "named.192.168.1";
masters { 192.168.1.2; };
};
....()....
|
ݨFܡHb Master \Ӧ 192.168.1.21 o slave nDA slave
NOV 192.168.1.2 o master nD zone file ǰeIbo˪]wA
䧡PɱҰ named Ab Slave N|۰ʪإߨ zone file oI
ӡAznW[LDWٻP IP ơAunb Master DW]wnA
ísҰ named A Master |̾ serial number ӧP_O_q slave eӧsA
~A Slave ]|̾ڳ]wɶȡA۰ʪ Master ŪƳI
p@ӡAzWO_ueOI ^_^y
Fb DNS Server ݪ]wAUӡAڭ̦AӲ@ Client ݪ]wPաI
qḙAڭ̾oDWٹ IP ؤkAkOgbɮ̭ӹA
ӤskhOzL DNS [cIoؤkثeϥΪAO˪OH
- ɮ׳]wG
JMwgF DNS D]wAUӦ۵Mni Client
ݪsuհաInթOHUXɮЯSOdNG
- /etc/hosts GWNLFAoӬO̦ hostname IP ɮסF
- /etc/resolv.conf GoӭnINO DNS D IPAz
Client NOQγo̭]w IP hlܦWٸѪRC
- /etc/nsswitch.confGoɮhObyMwznϥ
/etc/hosts ٬O /etc/resolv.conf ]wI
@ӨA Linux w] hostname jMO /etc/hosts ӪA
OHziHdݤ@U /etc/nsswitch.conf Aç hosts ءG
[root@test root]# vi /etc/nsswitch.conf
hosts: files nisplus nis dns
|
W files NOϥ /etc/hosts ӳ̫᪺ dns hOϥ /etc/resolv.conf
DNS D IP jMաI]AziHH /etc/hosts ӳ]w IP zI
MաAz]iHNLմLӡALA`O
/etc/hosts ²AҥHNL\benաI
nաAJMڭ̬Oni DNS ժA /etc/resolv.conf eA۵MNngڭ̦ۤv
IP oIҥHzӳo˼gG
[root@test root]# vi /etc/resolv.conf
nameserver 192.168.1.2
nameserver 168.95.1.1
nameserver 139.175.10.20
|
DNS D IP iH]whӡAoiHzӤHqƴ\I|ҨӻA
ڤW@]wFTD@ڪ DNS dߡA 192.168.1.2 DIɡA
ڪ Client q|ߨHĤGD@ DNS dߪDnDCҥHA
q`ڭ̳|ijHaboɮפiH]wTӥk DNS DW١IHOɤݰڡ
t~AWT DNS IP ӷ|QϥΡHMOӶǨӪ
ҥH|H 192.168.1.2 DӬdߡAY 192.168.1.2 FA~|ϥ 168.95.1.1 ӬdߡC
[on@UAڭ̱``ijHaAbۮa]A
SgLXkv DNS ̦nnH Internet WwgsbW٨ӽm߬[]I
|ҨӻA]ѧڥHڪ 192.168.1.2 Ӭ[] *.yahoo.com A
]NOAb 192.168.1.2 O yahoo.com zone ƪ(GO)
O]ڱN 192.168.1.2 mbĤ@AɭPCdߨ yahoo.com
oӻ쪺ƳO 192.168.1.2 ҴѡAoܤn]i|yzΤݪK
nFAڭ̭nէڭ̪ DNS D]wO_ToI
- DNS ]wG
DNS {ܦhAڭ̥Өϥγ²檺 host aIM٦ nslookup dig I
host
ykG
[root@test root]# host [-a] [FQDN] [server]
[root@test root]# host -l [domain] [server]
ѼƻG
-a GҦTCXӡACXT]t TTL
DNS DIPAұM䪺D IP A״IڡI
-l GN᭱ domain Ҧ host CXӡILAoӶحn
QQΡANn allow-transfer ئb /etc/named.conf ̭QҰʡI
serverGoӰѼƥiiLAQnQΫD /etc/resolv.conf DNS D
ӬdߥDWٻP IP ɡANiHQγoӰѼƤFI
dҡG
# jHڪ 192.168.1.2 o DNS DӬd
[root@test root]$ host mdk.vbird.tw 192.168.1.2
Using domain server: <==pG[W̫᪺ 192.168.1.2 o server Ѽ
Name: 192.168.1.2 <==N|X{oTrAܥΪ DNS DO
Address: 192.168.1.2#53 <==/etc/resolv.conf ұ] DNS DI
mdk.vbird.tw has address 192.168.1.2
# ²aIߨ IP oI
[root@test root]$ host -a mdk.vbird.tw 192.168.1.2
Trying "mdk.vbird.tw"
Using domain server:
Name: 192.168.1.2
Address: 192.168.1.2#53
Aliases:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41087
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1,
ADDITIONAL: 0
;; QUESTION SECTION:
;mdk.vbird.tw. IN ANY
;; ANSWER SECTION:
mdk.vbird.tw. 600 IN A 192.168.1.2
mdk.vbird.tw. 600 IN TXT "The testing DNS"
;; AUTHORITY SECTION:
vbird.tw. 600 IN NS mdk.vbird.tw.
Received 95 bytes from 192.168.1.2#53 in 6 ms
# boӽdҷAڭ̥iHݨܥXT]AXӳG
# HEADER(D)==>ܬdߪeǡA]A@ query, answer
# Τ@ҳC
# QUESTION(D)====>ܩҭndߪeA]ڭ̬Od mdk.vbird.tw
# ҥHo̦۵MNOܳoӰTC
# ANSWER(^)======>̾ڭ𫍧 QUESTION hdߩұo쪺GA]bڭ̪
# ]wȦ]wF A P TXT ҡAҥHo̦۵MN....
# AUTHORITY()===>ѳo̧ڭ̥iHd\ vbird.tw oӻO mdk.vbird.tw
# ӳ]w
# ̭ 600 OOH²ALNOڭ̩ҳ]w ttl ӼƭȰաI
[root@test root]$ host -l vbird.tw 192.168.1.2
Using domain server:
Name: 192.168.1.2
Address: 192.168.1.2#53
Aliases:
vbird.tw name server mdk.vbird.tw.
mdk.vbird.tw has address 192.168.1.2
win2k.vbird.tw has address 192.168.1.100
winxp.vbird.tw has address 192.168.1.200
# WTiNxhFaHISINOڭ̦b
# /var/named/named.vbird.tw ̭]wȰڡI
# LAäOҦ domain iH@o˪Ʊ|ҨӻApGڭ̤UFG
# host -l tw.yahoo.com hN|oG
# Host tw.yahoo.com not found: 5(REFUSED)
# ; Transfer failed.
# o˪^AoO]b /etc/named.conf ̭èS]w allow-transfer
# ӳ]wﶵ]ڡI
|
ƹWAϥ host XGNiHFڭ̪nDF]ݭnLO
LA٬OonDLd߫Oա
nslookup
ykG
[root @test root]# nslookup [FQDN]
[root @test root]# nslookup
ѼƻG
pGb nslookup ᭱S[WDW٩ IP ANiJ nslookup dߥ\
b nslookup dߥ\AiHJӰѼƨӶiSdߡG
set type=any GCXҦTyѤ譱]wɡz
set type=mx GCXP mx TI
dҡG
[root@test named]# nslookup win2k.vbird.tw 192.168.1.2
Server: 192.168.1.2
Address: 192.168.1.2#53
Name: win2k.vbird.tw
Address: 192.168.1.100
# ªN hostname P IP CXӤwALA
# ٬O|Ndߪ DNS D IP CXӪI
[root@test named]# nslookup <==iJ nslookup dߵe
> 192.168.1.2<==ϸѪd
Server: 192.168.1.2
Address: 192.168.1.2#53
2.1.168.192.in-addr.arpa name = mdk.vbird.tw.
> www.vbird.tw <==楿Ѫd
Server: 192.168.1.2
Address: 192.168.1.2#53
www.vbird.tw canonical name = mdk.vbird.tw.
Name: mdk.vbird.tw
Address: 192.168.1.2
> tw.yahoo.com <==DWd
Server: 192.168.1.2
Address: 192.168.1.2#53
Non-authoritative answer:
tw.yahoo.com canonical name = vip1.tw.tpe.yahoo.com.
Name: vip1.tw.tpe.yahoo.com
Address: 202.43.195.52
> set type=any <==ܩҦdߪT
> mdk.vbird.tw
Server: 192.168.1.2
Address: 192.168.1.2#53
Name: mdk.vbird.tw
Address: 192.168.1.2
mdk.vbird.tw text = "The testing DNS server"
> exit
|
bWרҷAЪ`NApGzb nslookup dߵeAJ set type=any ΨLѼơA
NLkAiϸѪdߤFIoO] any Ϊ̬O mx лxOOb zone tGI
dig
ykG
[root @test root]# dig [@server] [-t type] [FQDN]
ѼƻG
-t type Gd߬YDYӼҡAҦp MX/NS AHΩҦ any
@server GpGQH /etc/resolv.conf ӧ@ DNS DAhibJ
L DNS IPI
dҡG
[root@test root]$ dig @192.168.1.2 mdk.vbird.tw
; <<>> DiG 9.2.3 <<>> @192.168.1.2 mdk.vbird.tw
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40211
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;mdk.vbird.tw. IN A
;; ANSWER SECTION:
mdk.vbird.tw. 600 IN A 192.168.1.2
;; AUTHORITY SECTION:
vbird.tw. 600 IN NS mdk.vbird.tw.
;; Query time: 4 msec
;; SERVER: 192.168.1.2#53(192.168.1.2)
;; WHEN: Sun Oct 31 12:24:00 2004
;; MSG SIZE rcvd: 60
# ڥΧڪ DNS D 192.168.1.2 hd mdk.vbird.tw oӥDA
# iHo A P NS GIP host -a mdk.vbird.tw O_ڡI
[root@test root]$ dig @192.168.1.2 -t mx mdk.vbird.tw
; <<>> DiG 9.2.3 <<>> @192.168.1.2 -t mx mdk.vbird.tw
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15056
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;mdk.vbird.tw. IN MX
;; AUTHORITY SECTION:
vbird.tw. 600 IN SOA mdk.vbird.tw.
root.mdk.vbird.tw. 2004102901 28800 14400 720000 86400
;; Query time: 4 msec
;; SERVER: 192.168.1.2#53(192.168.1.2)
;; WHEN: Sun Oct 31 15:51:29 2004
;; MSG SIZE rcvd: 71
# boӬdߤ譱AhDnbdߥ zone MX лxC
|
ƹWA host P dig d߿XGAӥB dig XThA
pGz DNS oͤ]]w~DAiHQ dig \Ӭd߳I
whois
ykG
[root@test root]# whois domainname
dҡG
[root@test root]# whois redhat.com
Registrant:
Red Hat, Inc. (REDHAT-DOM)
P.O. Box 13588
Research Triangle Park, NC 27709
US
Domain Name: REDHAT.COM
Administrative Contact, Technical Contact:
Network, Operations (22271962I) noc@REDHAT.COM
Network Operations Center
Red Hat, Inc.
1801 Varsity Drive
Raleigh, NC 27606
US
919-754-4177 fax: 919-754-3704
Record expires on 25-May-2006.
Record created on 26-May-1994.
Database last updated on 31-Oct-2004 02:57:02 EST.
Domain servers in listed order:
NS3.REDHAT.COM 66.187.229.10
NS2.REDHAT.COM 66.187.224.210
NS1.REDHAT.COM 66.187.233.210
oӫOiH˵Uo domain name bơA
ҦpWҤlANOHUqW٨ӬdߵU̪ƪڡI
|
whois oӫOiHdߨUo domain ϥΪ̪TCLA
ѩ~ӫܦhTwDAo whois ҴѪTuOӸԲӤFA
FO@ϥΪ̪pvAҥHAثeo whois Ҭdߨ쪺TwgoOTF
ӥBAbܥX whois TeAٷ|@qŧiƶiO ^_^y
LצpAڭ̳iHzL nslookup, host, dig OӬdߥDWٻP IP A
oǫOΪkiHбzH man command ӬdߧhΪkI
A DNS DB@zP[]觋ܤơAuܰ`Ibo̡A
ڭB~X@ǤiejaѦҰѦҡAҦpl쪺vDA
Hά[]@ӦXkv DNS DC
lvD
nFAU@ڪܤjAڥutdWh DNS ӤwA
UhƱ檽浃U쪺tdHӭtdAn]wOH
|ӨҤlӻAHjҡAjpȺzUӨtҪD IP
ӤwAѩUӨtҪDƶqiܤjApGCӤHnЭpӳ]wA
zi|ƱAӥBbڳ]pW]ӤHʤơCҥHoApNNU
subdomain (l) zv浃UӨtҪDzhzAp@ӡA
UtҪ]wW|FABWh DNS D]Τӳ·ЧoI
nFAp}lvOHڳo̶ȻѪA]b ISP
譱q`wgڭ̷dwϸѤFAҥHzLIӥثeڭ̥hUTWA
q`ȨoOѪ]wvAҦpӤH vbird.idv.tw NO@ӨҤlInFA
{b]bڪ mdk.vbird.tw WAnN win2k.vbird.tw oӤlΥXh
win2k.vbird.tw zAӫOH
- D mdk.vbird.tw ]wG
D mdk.vbird.tw ]w²աIunNl}XӵOHϥδNFI
]wOHziHק /var/named/named.vbird.tw AϥLܦpUҥܡG
[root@test root]# cd /var/named
[root@test named]# vi named.vbird.tw
# AAoɮצW٬Ob /etc/named.conf ̭]w
$TTL 600
@ IN SOA mdk.vbird.tw. root.mdk.vbird.tw. (
2004100601 ; Serial
28800 ; Refresh
14400 ; Retry
720000 ; Expire
86400 ) ; minimum
; D]wѼƳ
@ IN NS mdk.vbird.tw.
@ IN MX 10 mdk.vbird.tw.
mdk IN A 192.168.1.2
mdk IN TXT "The testing DNS server"
phorum IN CNAME mdk
www IN CNAME mdk.vbird.tw.
; lΥXhLDzҤlI
win2k.vbird.tw. IN NS win2k.vbird.tw.
win2k IN A 192.168.1.100
; WLD]wT譱
winxp IN A 192.168.1.200
|
WSrNO̭naաIڱN win2k.vbird.tw. oӺ쪺 NS v(name server)൹
win2k.vbird.tw oDӺzAөUCX win2k.vbird.tw oDѸTI
ӷHnd www.win2k.vbird.tw ɡAh| mdk.vbird.tw ӬdߡA
Ӭd win2k.vbird.tw A]N|VU媺 DNS YO win2k.vbird.tw odߤFI
- UD win2k.vbird.tw ]wG
oӳ]wN²աIѦҤ@Uڭ̤WgơA۳]wAOz
domain name ܦ win2k.vbird.tw NOFI²檺ܧoIҥHڴNAhF
[]@ӦXkv DNS DG
nաI{bzӪDOy
gWvXk DNS DzFaHI
SINOW媺 DNS DNl쪺dv}zӳ]wNաIIMDzA
OڭnpӬ[]@ӦXk DNS DOHnڦۤvzۤv domain
I|ҨӻA vbird.idv.tw NO VBird ۤvz㧐Uڭ̴Nӽͤ@͡ApV
ISP ӽФ@ӦXkv DNS DAΪ̬OXkDWٰڡI
- ӽФ@ӦXk domain name
JMOnإߤ@ӦXk domain name server A۵MNnVXk DNS DӽбvoI
ثeziH쩳UahӽгI
xWaϪ@ domain wgA TWNIC zFAҥHzsWWzA
iHIYsUj ISP hUIҦpNUF vbird.idv.tw oӺI
{bNH Hinet Ua
- iJDeGs쩳UhG
http://nweb.hinet.net
- ܻݭnW١Aìd߸ӺO_wsbG
]쥲ݬOW@LGAҥHzݨϥθӺѪdߥ\A
hdߤ@UzQnO_wgQUFOH@wnSQU~iHI
- vBiUG
MHӺѪ\@B@BUhiAҦpHyӤH}zUҡA
UӤH}A|X{y{BJG
- ܺNީά[] DNS ҦG
ٰOoe쪺[aHաIڭ̥iH ISP ڭ̳]wn host
IP Nn(̦hT)AM]iHۦ]w@Uڭ̩һݭn DNS DաIpGӱzi|[]
mail server AҥH٬Oۦ]w DNS DnFIܤWϥܪĤyDNSw/ʡzءA
|X{UϥܡCOoܡyDNSzζgz hostname PT IP YiI`NG
noӶءA̦nz IP OTwABʨ IP ijγoӿﶵI
- UI
- H DNS DԲӳ]w
]weӳ]wzDG
pGzwgH DNS D觋ӽФF@ domain name AzNn]wz DNS DFI
Ъ`NAoӱpUAzun]wzU쪺ѧYiI
ϸѳhnz|AMApGzkܡA̦n٬OФWh ISP z]woI
- աG
p@ӡAz DNS DW]wTAiHzL Internet
W@DӬdߨIΧaI߰ʤFܡH֥hլݬݧaI ^_^
LAME Server DG
pGzO[] DNS DsAy@wz|b /var/log/messages
oӵnɮ̭o{o˪TG
[root@test root]# more /var/log/messages
Oct 5 05:02:30 test named[432]: lame server resolving
'68.206.244.205.in-addr.arpa' (in '206.244.205.in-addr.arpa'?): 205.244.200.3#53
Oct 5 05:02:31 test named[432]: lame server resolving
'68.206.244.205.in-addr.arpa' (in '206.244.205.in-addr.arpa'?): 206.105.201.35#53
Oct 5 05:02:41 test named[432]: lame server resolving
'68.206.244.205.in-addr.arpa' (in '206.244.205.in-addr.arpa'?): 205.244.112.20#53
|
oOFoHIھکx责ѪƨӬ (
bz Red Hat 9 tΤUAйݳoɮסy/usr/share/doc/bind-9.2.1/armBv9ARM.ch06.htmlz
)Aڭ̪ DNS DbV~ DNS tάd߬YǥϸѮɡAiѩ DNS
D]w~AɭPLkѪRwϸѵGAoӮɭԴN|oͩҿת lame server ~I
oӿ~|ڭ̪ DNS DoͤYGܡHJMȬO𫍧]w~A
ҥH
۵MN|vTڭ̪ DNS D`@~FC
uOڭ̪ DNS Dbd߮ɡA|o͵LkTѪRĵiTӤwA
oӰTM|ڭ̪ Linux DoͤxZALAtκzӻA
nѤѬdߪ /var/log/messages ɮ׳MohnTAoOܰQ@ơI
nFAڭ̪D lame server ODDAڭ̥DSvTA
OoSQnӰTX{bڭ̪n /var/log/messages A
Fo˪\OHINQ BIND oӮMҴѪnɰѼưڡI
ʧ@²Abz /etc/named.conf ɮ̩UA[JoӰѼƧYiG
1. ק /etc/named.conf
[root@test root]# vi /etc/named.conf
// [JUoӰѼơG
logging {
category lame-servers { null; };
};
// `N@UA logging ODnѼơAܩ category hOwqXTA
// ]ڭ̤n lame server AҥH lame-servers oӰѼơAéwq
// ѼƭȬ null (ŪN)Ao˴Nק粒FI
2. sҰ bind
[root@test root]# /etc/rc.d/init.d/named restart
|
OosҰ named A٬Onݤ@U /var/log/messages I
HTw named TҰʻP_IMAKKAHN|ݨ lame server I
ѨM rndc key DG
ѩ BIND ѤFw BIND zA]As BIND 9 H᪺A
ݭnѩҿת rndc key A~ॿ`L~Ұ Bind I
p BIND o Key OH²Aun rndc-confgen NFI
[root@test root]# rndc-confgen
# Start of rndc.conf
key "rndc-key" {
algorithm hmac-md5;
secret "l6zE+CnSFuteQHxYwIGQqq==";
};
options {
default-key "rndc-key";
default-server 127.0.0.1;
default-port 953;
};
# End of rndc.conf
# Use with the following in named.conf, adjusting the allow list as needed:
# key "rndc-key" {
# algorithm hmac-md5;
# secret "l6zE+CnSFuteQHxYwIGQqq==";
# };
#
# controls {
# inet 127.0.0.1 port 953
# allow { 127.0.0.1; } keys { "rndc-key"; };
# };
# End of named.conf
|
UӡAunNWƻs /etc/rndc.conf AåBN
key "rndc-key" {
algorithm hmac-md5;
secret "l6zE+CnSFuteQHxYwIGQqq==";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
|
ƻs /etc/named.conf NiHFIɭԻݭnѳo Key OH
pGpҰ DNS ɭԡAѬOb /var/log/messages ̭o{o@G
couldn't add command channel 127.0.0.1#953: not found
oNܱz DNS tΥnѳo key աIЫҧaI
[]ʺA DNS DG
ͧFWoh]wAUӡAڭ̽ͤ@Ӥ쪺NN
NO
ʺA DNS D ]w
OʺA DNS DOHٰOoڭ̦b
Xk DNS D
̭쪺ApGڭ̥OH ADSL sW Internet ɭԡAWA
ڭ̪ IP O ISP HNѪA]CW IP TwAҥHA
ڭ̨SkHW DNS ]wӵoسsW Internet k@ӾADW١C
]]ApGڭ̷QnQγoبSTw IP suk[]ɡANonSDF
𫟺@kNOQ Internet WwgѪKOʺA IP DW٪AȡI
Ҧpe쪺 http://www.adsldns.org (Ob 2004/10 AoӺIn[n[...)
Ϊ̬O http://www.no-ip.org C
ѳo˪AȧQΪOzOHWA DNS D٬Oon Internet zone
DWٻP IP Ƥ~AҥHAʺA DNS D (Dynamic DNS, Uڭ̺٬ DDNS D)
NnѤ@ӾAΤݥiHzLoӾӭקL̦b DDNS DWWٻP IP Ƥ~C
ڭ̪ BIND 9 ]INOQ update-policy oӿﶵAtX{ҥΪ key
ӶiɮתsC²檺A
1) ڭ̪ DDNS D Client @ Key (NO{ҥΪơA
AiHNLQObPKX)A 2) Client ݧQγo Key AðtX BIND 9 nsupdate OA
NiHsW DDNS DAåBקDW Zone file FCPıWܹ²I
SڡI[]Wu²檺㧐Uڭ̴Nӹճ]w@UG
- DDNS Server ݪ]wG
pPWAڭ̥n client @{ҥΪ key Ao key ͩOH
SAp]w DDNS DOHo̴Ѥ@ӮרҡC
]ڦ@ADnOΨӧ@ WWW DΪA
OSTw IPAӧڤwg mdk.vbird.tw o DNS DFC]ڪo WWW DQnDW٬O
web.vbird.tw oӥDW١AӦp]wOH
ͻ{ҥΪ key
ڭnͤ@ key web oӥDϥ (W٬ vbird.tw)AiHo˰G
[root@test root]# mkdir -p /var/named/keys; cd /var/named/keys
[root@test keys]# dnssec-keygen -a HMAC-MD5 -b 128 -n HOST web
# -a [KXtk]GoӰѼƫ᭱iHXؤPKXt觋A
# ]A RSAMD5, RSA, DSA, DH P HMAC-MD5 A
# bo̡AڪϥΤ`Ϊ HMAC-MD5 oӺtk
# -b [[K줸] G[KKXפ]OiHIڥu 128 줸ӤwC
# -n [֦] Go Key O Client Ψӧ@ HOST sΪ̬O
# ZONE sH@ӻAڭ̶Ȥ\ΤݧsLۤv
# DAҥHun HOST vNnFI
# name G̫ᵹo Key @ӦW١Aڳo̱No Key
# W٭q web
Kweb.+157+29323
[root@test keys]# ls -l
total 8
-rw------- 1 root root 47 Oct 31 20:09 Kweb.+157+29323.key
-rw------- 1 root root 81 Oct 31 20:09 Kweb.+157+29323.private
# ̫|ͨɮסAOO Kxxx.key Kxxx.privateA
# 𫟺A .key ODnΨӧ@ DDNS Dݳ]w_Ao Key e
# |Qƻs /etc/named.conf ̭i]wI
[root@test keys]# more Kweb.+157+29323.key
web. IN KEY 512 3 157 gxHUFoGGRE91YyAVuMBh+Q==
# SO`NAWXSr餤ANO Key eI
# oǸƬOgL[KA̫|Qƻs /etc/named.conf ̭I
|
p@ӡAo Key NQ]wnFI𫟺A *.key ɮפeKXA
|Q]w /etc/named.conf ̭I
]w DDNS DW named.conf ɮ
b]wW]O²檺AunN Key ƵnihAANn}gJ zone ]wn
policy (Wh) NnFI
[root@test keys]# vi /etc/named.conf
....()....
key "web" {
algorithm hmac-md5;
secret "gxHUFoGGRE91YyAVuMBh+Q==";
};
zone "vbird.tw" {
type master;
file "named.vbird.tw";
update-policy {
grant web name web.vbird.tw. A;
};
};
....()....
# `NWY gran web name web.vbird.tw. A; @A
# gran ᭱NO key W١A]NOAڳo web key
# bo zone (vbird.tw) ̭iHקDW web.vbird.tw
# A лxAYOקD IP աIyk]NOG
# gran [key_name] name [hostname]
# ]NOAڪ@ key iHhvIݱzpWdFC
|
]wnALsҰʡAM[@U /var/log/messages ̭S~YiI
p@ӡADDNS DݴN]woI
- Client ݪsG
UӫhO DDNS Client ݪsFCAzn Server ݨoإߪɮסA
бNإߪ Kweb.+157+29323.key Kweb.+157+29323.private Q SSH sftp ǰeLӡA
ڱNLm /usr/local/ddns ̭hAMլݬݡG
[root@test keys]# mkdir /usr/local/ddns; cd /usr/local/ddns
# ]ɱzwgNɮLƻs즹ؿUFI
[root@test keys]# nsupdate -k Kweb.+157+29323.key
> server 192.168.1.2
> update delete web.vbird.tw
> update add web.vbird.tw 0 A 192.168.1.222
> send ̫bU [ctrl]+D Yi
# Ъ`N update add web.vbird.tw 0 A 192.168.1.222 oA
# LNqOAsW@ơA ttl O 0 A A ҡA
# 192.168.1.222 N
# ܩ nsupdate -k ᭱[hOڭ̦b Server ݲͪ key ɮסI
|
MzN|o{ /var/named ̭hX@ӼȦsɡANO /var/named/named.vbird.tw.jnl
MA/var/named/named.vbird.tw N|H client ݪnDӧsƳI
ѩʧsn·ЪAڭ̴N Client ۰ʧsaIQΩUo script YiI
[root@test root]# vi /usr/local/ddns/ddns_update.sh
#!/bin/bash
#
# Update your Dynamic IP by using BIND 9 's tools
#
###############################################
# History
# 2004/10/27 VBird First time release
#
##############################################
PATH=/sbin:/bin:/usr/sbin:/usr/bin
export PATH
# 0. keyin your parameters
basedir="/usr/local/ddns" # working directory
keyfile="$basedir"/"Kweb.+157+29323.key" # your ddns' key (filename)
ttl=600 # the ttl time ( 10 min. )
outif="ppp0" # Your interface (to internet)
hostname="web.vbird.tw" # Your hostname
servername="192.168.1.2" # The primary DNS server
# Get your new IP
newip=`ifconfig "$outif" | grep 'inet addr' | \
awk '{print $2}' | sed -e "s/addr\://"`
checkip=`echo $newip | grep "^[0-9]"`
if [ "$checkip" == "" ]; then
echo "$0: The interface can't connect internet...."
exit 1
fi
# create the temporal file
tmpfile=$basedir/tmp.txt
cd $basedir
echo "server $servername" > $tmpfile
echo "update delete $hostname A " >> $tmpfile
echo "update add $hostname $ttl A $newip" >> $tmpfile
echo "send" >> $tmpfile
# send your IP to server
nsupdate -k $keyfile -v $tmpfile
|
zunNWz{̭ASr骺Lק@UANH /etc/crontab
觋bztΤ۰ʰFI
Q BIND 9 ҴѪoӪAȡAڭ̥un㦳@թTw IP AæV ISP ӽФ@ӦXkv domain nameA
NiHѤOTwΪ̬ODTw IP ϥΪ̡A@ӦXkDW٤FI
åBAϥΪ̤]iHۦzL nsupdate ӭקۤv IP IHۤvD IP
ûPDW٫OTIouWΤӻAuOKڡI