Detailed analysis of Linux DNS server installation, configuration, and maintenance

Each IP address can have a host name consisting of one or more strings separated by a decimal point. With a hostname, don't memorize the IP address of each IP device, just remember the relatively intuitive and meaningful hostname. This is what the DNS protocol does.

Today we will discuss DNS servers, especially Linux DNS servers, and how to install, configure and maintain it.

/etc/hosts file

In the absence of a DNS server, it is reasonable for each system to keep a copy of its hostname and corresponding IP address list on the local network—especially on small sites that do not have an Internet connection.

On Linux systems, this list is the /etc/hosts file. Even if you don't have a DNS server or a DNS server is not available, the file can be converted to a name using the /etc/hosts file.

Maybe you already have a DNS server, but you will want to keep this file for other reasons. For example, the system may need to look up the IP address of the DNS server locally before querying to the outside; this means that the system retrieves the file before querying the DNS server. If the corresponding domain is found, it is not necessary to query any DNS server to directly convert it to IP address.

Try editing the /etc/hosts file and add the following information: 127.0.0.1 google.com.

Then, go back to your browser and type google.com to see what the results are. If Apache is installed on your system and the local host is running, the browser will display the localhost index page instead of the Google page.

As a confirmation, you can map google.com to any other IP address of any website and view the results.

So what this file does is convert the IP address to a name, but this is only under the same interconnected network. So how are the records of the external network and many systems maintained?

Does everyone need to maintain their own /etc/hosts file and update it themselves?

A more robust domain name service is a DNS server.

domain name

When you visit the website, you can enter the FQDN (Fully Qualified Domain Name) or a domain name like likegeeks.com or. Each text between two points from right to left in the domain name is in turn a top-level domain component, a secondary domain component, and a tertiary domain component.

So, com is a top-level domain component; google is a second-level domain component; and www is a third-level domain component.

In fact, when you visit any website, the browser will add an invisible point by default at the end of the field, so the field will be the same. This point is called the root domain.

This point is managed by a large number of special servers called root name servers. As of the publication of this article, there are 13 root name servers in the world. You can think of them as the brains of the Internet – if they fail, there is no Internet in the world.

Why is it 13? Because if an earthquake in the world might damage a root server, other servers can continue to provide services until the affected server is back online.

These root name servers are named alphabetically, with names such as a.root-server.net, b.root-server.net, and so on.

Top-level domains (or first-level domain names TLDs)

We have already seen components of top-level domains, such as com. It can be argued that top-level domains provide a classification organization for the DNS namespace.

Top-level domains (TLDs) are divided into categories based on geographic or functional aspects.

As of this writing, there are more than 800 top-level domains on the web.

Top-level domain categories are:

Generic top-level domains such as org, .com, .net, .gov, .edu, etc.

Country code top-level domains such as: .us, .ca, etc., corresponding to the US and Canadian country codes

A new branded top-level domain that allows organizations to create TLDs of up to 64 characters, such as: .linux, .microsoft, .companyname, etc.

Infrastructure top-level domain names such as: .arpa

Subdomain

When you visit a website like mail.google.com, the mail here is a subdomain of google.com.

Only the name server of mail.google.com knows all the hosts that exist under him, so Google will reply if there is a subdomain called mail. The root name server is unaware of this.

Type of DNS server

There are three types of DNS servers.

Primary DNS server

These servers store configuration files for specific domain names and, based on this authority, specify the addresses of specific domain names. The primary DNS server knows the addresses of all hosts and subdomains under its jurisdiction.

Secondary DNS server

These servers act as backups of the primary DNS server and also bear a certain load. The primary server knows the existence of the secondary DNS server and pushes updates to them.

Cache DNS server

Configuration files for specific domain names are not stored on these servers. When a client requests a cache server to resolve a domain name, the server will first check its local cache. If no match is found, the primary server is queried. Then this response will be cached. You can also easily use your own system as a cache server.

Build a Linux DNS server

There are many packages that implement DNS functionality under Linux, but we only focus on the BIND DNS server. It is used by most DNS servers in the world.

If you are using a Red Hat distribution based Linux, such as CentOS, you can install it like this: $ dnf -y install bind

If you use a Debian-based operating system, such as Ubuntu: $ apt-get install bind9

Once the installation is complete, you can start it and have it boot up when the computer starts.

$ systemctl start named

$ systemctl enable named

Configuring BIND

This service uses /etc/named.conf as the configuration file.

BIND uses some statements like this in that file:

Options: Used for global BIND configuration.

Logging: Configure which records need to be logged and which ones need to be ignored. I recommend you look at the Linux syslog server.

Zone: Defines the DNS zone.

Include: Include another file in named.conf.

You can see that the working directory of BIND is in /var/named in the options statement.

The zone statement can be used to define a DNS zone, such as the domain name google.com, which contains the subdomains mail.google.com and analytics.google.com.

The above three domain names (primary domain and subdomain) have an area defined by the zone statement.

Define a primary domain server

We know that the DNS server type has a primary domain name server, a secondary domain name server, and a cached domain name server. Unlike the cached domain name server, the primary domain name server and the secondary domain name server are in the same position during the response process.

In the /etc/named.conf configuration file, you can define a primary domain server using the following syntax:

Zone "likegeeks.com" {

Type master;

File likegeeks.com.db

};

The files containing the main area information are stored in the /var/named directory. As you can see from options, this is a working directory.

Note: The software server or hosting panel will automatically create the file name of the primary domain server information for you based on your domain name, so if your domain name is example.org, then the file for your primary domain server information is /var/named/example .org.db.

The type is master, which means that this is a primary domain server.

Define a secondary domain server

As with defining a primary domain server, the definition of a secondary domain server varies slightly:

Zone "likegeeks.com" {

Type slave;

Masters IP Address list; ;

File likegeeks.com.db

};

For a secondary domain server, its domain name is the same as the primary domain server. The slave type in the above syntax indicates that this is a secondary domain server. The "masters IP Address list" indicates that the information in the zone file in the secondary domain server is copied through the information in the zone file in the primary domain server.

Define a cache server

Even if you have configured a primary or secondary domain server, you still need (not necessarily) define a cache server, because you can reduce the number of DNS server queries.

Before defining a cache server, you need to define three region selectors, the first one:

Zone "." IN {

Type hint;

File "root.hint";

};

Zone "." IN {

Type hint;

File "root.hint";

};

Zone "." IN {

Type hint;

File "root.hint";

};

Zone "localhost" IN {

Type master;

File "localhost.db";

};

The third area is defined for reverse lookup to the local host. This reverse lookup is to direct the local IP address to the local host.

Zone "0.0.127.in-addr.arpa" IN {

Type master;

File "127.0.0.rev";

};

Put these three areas of information in the /etc/named.conf file and your system will work as a cache server. But how do you reference the contents of files like likegeeks.com.db, localhost.db, and 127.0.0.rev?

These files contain the DNS record type for each zone with certain options. So, what are these DNS record types and how are they written?

DNS record type

The database file contains record types such as SOA, NS, A, PTR, MX, CNAME, and TXT.

Let's see how each type is recorded.

SOA: Initial Authorization Record

The SOA record begins with a DNS entry describing a site as follows:

Example.com. 86400 IN SOA ns1.example.com. mail.example.com. (

2017012604 ;serial

86400 ;refresh, seconds

7200 ;retry, seconds

3600000 ;expire, seconds

86400 ;minimum, seconds

)

The first line begins with the domain name example.com and ends with a period - this statement is consistent with the region definition in the /etc/named.conf file. We must always remember that the DNS configuration file is extremely picky.

IN tells the domain name server: This is a network record.

SOA tells the domain name server: This is a record of the starting authority.

Ns1.example.com. is the fully qualified domain name (FQDN: Fully Qualified Domain Name) of the domain name server in the domain where the file is located.

Mail.host.com. is the domain administrator's email address. You will find that this email address does not have the "@" flag, but is replaced by a period and has a period at the end.

Line 2 is a sequence code that is used to tell the domain name server when the file was upgraded. Therefore, if you make changes to the area code, you must increment the sequence code. The format of this sequence code is YYYYMMDDxx, where xx is from 00.

Line 3 is the refresh rate per second. This value is used to tell the second domain name server how often the records in the primary server have been updated.

Line 4 is the frequency of retry per second. If the second server tries to connect to the primary domain name server for update detection multiple times but fails to connect, the second server will retry the specified number of times per second.

Line 5 is the timeout indication. The goal is for the second server to cache the zone data. This value tells these servers that if they can't connect to the primary server for updates, they will discard this value after the specified number of seconds.

Line 6 tells the cache server how long they should wait before timing out if they can't connect to the primary domain name server.

NS: Name Server Records

The NS record is used to specify which name server maintains a record of the domain.

You can write NS records like this:

IN NS ns1.example.com.

IN NS ns2.example.com.

There is no need to have 2 NS records, but usually a backup name server is preferred.

A and AAAA: Address Records

The A record is used to provide a mapping from the host name to the IP address support IN A 192.168.1.5.

If you have a host on support.example.com at address 192.168.1.5, you can type it like the example above.

Please note that the host we wrote does not have a period.

PTR: Pointer Records

PTR records are used to perform reverse name resolution, allowing someone to specify an IP address and then find the corresponding host name.

This is the opposite of the A record: 192.168.1.5 IN PTR support.example.com.

Here we type the full hostname with a dot.

MX: Mail Exchange Records

The MX record tells other sites about the mail server address of your domain: example.com. IN MX 10 mail.

Of course this field ends with a period. The number 10 is the importance of the mail server. If you have multiple mail servers, the smaller ones are less important.

CNAME: Canonical Name Records

CNAME records allow you to create aliases for hostnames. This is useful when you want to provide a name that is easy to remember.

Suppose a site has a web server with the host name whatever-bignameis.example.com, and since the system is a web server, you can create a CNAME record or alias called www for the host.

You can create a CNAME record by creating a domain name named:

Whatever-bignameis IN A 192.168.1.5

Www IN CNAME whatever-bignameis

The first line informs the DNS server about the location of the alias. The second line creates an alias pointing to www.

TXT record

You can store any information in a TXT record, such as your contact information or any other information you would like people to have when querying a DNS server.

You can save the TXT record like this: example.com. IN TXT ” YOUR INFO GOES HERE”.

In addition, the RP record is created as an explicit container for host contact information: example.com. IN RP mail.example.com. example.com.

DNS TTL value

At the top of the /etc/named.conf file, there is a $TTL entry.

This entry tells BIND the TTL value (time to live) for each individual record.

It is a number in seconds, such as 14,400 seconds (4 hours), so the DNS server caches up to 4 hours of your domain file and then re-queries it to your DNS server.

You can lower this value, but the default value is usually reasonable. Unless you know what you are doing.

Capture configuration error

When you write to a domain file, you may have forgotten a period or space or any other error.

You can diagnose Linux DNS server errors from the logs. The BIND service passes the error on /var/log/messages. You can use the tail command to view the real-time error log. Use the -f option: $ tail -f /var /log/messages.

Therefore, when you write a domain file or modify /etc/named.config and restart the service, you can easily identify the type of error from the log after displaying the error.

Host command

After you successfully add or modify the record, you can use the host command to check whether the host is correctly parsed.

The host command allows you to resolve the hostname to an IP address: $ host example.com.

In addition, you can perform a reverse lookup: $ host 192.168.1.5.

You can see more information about the host and dig commands in this article.

Whois command

The whois command is used to determine the ownership of the domain name and its owner's e-mail address and contact number: $whos example.com.

Rndc command

The rndc tool can be used to securely manage name servers because all communication with the server is authenticated by digital signatures.

This tool is used to control name servers and debugging issues. You can check the status of the Linux DNS server by: $ rndc status.

Also, if you change any of the zone files, you can reload the service without restarting the naming service: $ rndc reload example.com.

Here we reload the example.com domain file. You can reload all domains: $ rndc reload.

Or you can add a new domain or change the configuration of the service. You can reload the configuration as follows:

$ rndc reconfig.

Linux DNS resolver

We already know how the Linux DNS server works and how to configure it. The other part is of course the client that interacts with the DNS server (in communication with the DNS server to resolve the hostname to an IP address).

On Linux, the resolver is located on the client side of the DNS. To configure the parser, check the /etc/resolv.conf configuration file.

On Debian-based distributions, you can look at the /etc/resolvconf/resolv.conf.d/ directory.

The /etc/resolv.conf file contains the information the client needs to get its local DNS server address.

The first represents the default search domain and the second represents the IP address of the host name server (nameserver).

The name server line tells the parser which name server is available. As long as your BIND service is running, you can use your own DNS server.

Using a Linux DNS server is very simple. I hope that you find this article useful and easy to understand.