Kule nqaku isihloko Qwalasela iiseva zeLinux, umsebenzisi angayazi ukuba angawenza njani lo msebenzi, kuya kufuneka ahanjiswe yimixholo yawo elula neqondakalayo.
Qwalasela iiseva zeLinux
Ulawulo lokumisela kunye nokufaka iiseva zeLinux, i-DNS emele iDomain Name System, ibhekisa kwinkqubo yamagama angachazwanga kwiinkqubo, umsebenzi wayo ubizwa ngokuba ngumncedisi we-DNS, okhokelela kwidilesi ye-IP ekhethwe ngumsebenzisi.
Yinkqubo ebalulekileyo kwaye injongo yayo kukugcina i-Intanethi, yinkonzo esisiseko kwiiseva.
Ukusuka kulo mhlathi ukuya phambili, sazisa umsebenzisi ngayo yonke into enxulumene nokuqwalaselwa kunye nokufakwa kweeseva zeLinux.
Ifayile / njl / yemikhosi
Ekuqwalaseleni iiseva zeLinux, uya kuyazi ifayile yokubamba eyikhompyuter, isetyenziswa yinkqubo yokusebenza ukugcina ulwazi olukhoyo phakathi kwemimandla ye-Intanethi kunye needilesi ze-IP, ibhekisa kwenye yeendlela ezahlukeneyo ezisetyenziswa yinkqubo yokusebenza kunye nombono yokusombulula amagama e-domain, itafile eyaziwa ngokuba yi / etc / hosts, Yeefayile ezikwiinkqubo zeLinux.
Oko kukuthi, ukuba umsebenzisi akanayo iserver ye-DNS, okanye ukusilela oko, iserver ye-DNS ayifumaneki, ifayile /njl.
Oku kuthetha ukuba inkqubo ikhangela ifayile ngaphambi kokuya kwiseva ye-DNS, kwaye nje ukuba idilesi ifunyenwe, inokuguqulelwa ngaphandle kokuya kwiseva ye-DNS.
Kufezekiswa ngokuhlela njengoko kubonisiwe ngezantsi: 127.0.0.1 google.com. Emva koko kuya kwisikhangeli, bhala ugoogle.com kwaye ungabona iziphumo, kwimeko apho uneserver ye-Apache kule nkqubo, kwaye iseva yalapha iyalungiswa, ukuze ujonge iphepha lesalathiso lomncedisi. local, endaweni yokubonisa iphepha likaGoogle.
Sincoma eli nqaku linomdla linxulumene nekhompyuter: Iindidi zeeseva.
Unokhetho onokuthi uhambise ugoogle.com kwidilesi eyahlukileyo ye-IP efumaneka naphina kwaye ujonge iziphumo ukuze uqiniseke.
Umsebenzi wale fayile kukuguqula iidilesi ezahlukeneyo ze-IP zibe ngamagama, nangona kunjalo, kwinethiwekhi exhunyiwe apho iseva exhunyiwe ikhona.
Amagama eDomain
Ukuba undwendwela iwebhusayithi, kufuneka ubhale i-FQDN, okuthetha igama elipheleleyo lesizinda, okanye ukusilela oko, igama lesizinda ngolu hlobo: likegeeks.com okanye www.google.com.
Kuya kufuneka yaziwe ukuba idomain nganye yenziwe ngezinto zommandla, kwaye inqaku linoxanduva lokwahlulahlula ezi zinto.
Umbhalo com, ubhekisa kwicandelo ledomeyini kwinqanaba eliphezulu; UGoogle licandelo lesibini le-domain, ngelixa i-www licandelo lesithathu ledomeyini.
Inyaniso kukuba xa undwendwela nayiphi na iwebhusayithi, isikhangeli sithe cwaka songeza ixesha ekugqibeleni, asibonakali, ke indawo yokwenyani iboniswa ku-www.google.com, kufuneka ikhunjulwe ukuba ixesha livela emva. Com , okwangoku ibizwa ngokuba yingcambu yesizinda.
Uninzi luza kubuza umbuzo, kutheni le ndawo yengcambu okanye inqaku longezwa kuyo, kungenxa yokuba eli nqanaba linikezelwa ngamagama engcambu, kukho malunga ne-13 igama leengcambu zegama kwihlabathi liphela, ukuba umsebenzi wabo yingqondo intanethi.
Iingcambu zamagama zibizwa ngolu hlobo lulandelayo: a.root-server.net, b.root-server.net.
Amagama esizinda akwinqanaba eliphezulu (TLD)
Kuya kufuneka ichazwe ukuba iiNdawo eziPhezulu zaManqanaba (ii-TLDs) zahlulwe zangamacandelo ahambelana nendawo okanye izinto ezisebenzayo.
Kukho malunga nemimandla engaphezulu kwama-800 kwinqanaba lewebhu, siyibonisa apha ngezantsi:
Imimandla ephezulu yesiqhelo efana no: org, .com, .net. U-Edu, phakathi kwabanye.
Iikhowudi zelizwe ezikwinqanaba eliphezulu ezizezi: .us, .ca, kunye nezinye ezininzi, ezizezekhowudi zesizwe, kule meko i-United States neCanada.
Imimandla yamanqanaba aphezulu aphezulu avela kwiimpawu ezinje nge: Linux, .Microsoft, .CompanyNamey.
Iziseko eziphezulu zemimandla njengedomeyini.
Iindawo eziphantsi
Kule meko, wakube ungene kwiwebhusayithi, umzekelo google.com, i-imeyile yindawo engezantsi kagoogle.com.
Kuphela ziiseva zamagama zeposi.google.com, ezazi ngobukho bayo yonke inginginya ephantsi kwayo, isizathu sokuba uGoogle aqonde kwimeko apho kukho okanye hayi isizinda okanye iposi, iiseva zamagama ezingcanjini abanazo Andinalwazi malunga noku.
Iindidi zeeseva ze-DNS
Kwimeko yekhompyuter, zintathu iintlobo zeeseva ze-DNS, ezinje:
- Iiseva ze-DNS zaseprayimari zezo ezineefayile zoqwalaselo zedomeyini kunye nokuphendula imibuzo ye-DNS.
- Iiseva zeSecond DNS zezona zisebenza njengekopi yogcino kwaye zinoxanduva lokuhambisa umthwalo; iiseva eziphambili ziyazi ukuba amagama asekondari akhoyo apho athumela khona uhlaziyo.
- Ukulondolozwa kweseva ye-DNS, ukusebenza kwezi ndawo zigcina kuphela zonke iimpendulo ezikhutshwe kwi-DNS, ukuze iserver yeprayimari okanye esekondari ingafuneki iphinde ibuzwe.
- Inokulawulwa yinkqubo yokwenza imisebenzi ngokulula, njengeseva egciniweyo.
Ukuqwalasela iseva ye-Linux DNS
Kwimarike kukho iipakeji ezahlukeneyo zeLinux ezibonelela ngokuphumeza ukusebenza kwe-DNS, nangona kunjalo, siza kuthetha nge-BIND DNS server, isetyenziswa kuninzi lweeseva ze-DNS kuzo zonke iindawo zehlabathi.
Kwimeko apho umsebenzisi asebenzise usasazo olusekwe kwiRed Hat, ezinje ngeCentOs, indlela yokufaka iphakheji imi ngolu hlobo lulandelayo: $ dnf -y install bind.
Ukuba ubhekisa kwiinkqubo zeDebian ezinje ngo-Ubuntu: $ apt-fumana ukufaka ukubopha9.
Ekuqwalaseleni iiseva zeLinux, ibonisa umfundi xa inkqubo yokufaka igqityiwe, inkonzo ingaqalwa kwaye igunyazise ukuba iqhubeke kanye xa iqala: $ systemctl qala igama; $ systemctl vumela igama.
Ukuseta UKUBOPHA
Kwaziswa ukuba ubumbeko lwenkonzo lufumaneka kwifayile /etc/named.conf.
Kukho iingxelo ezithile ezithi BIND zisebenzise kwifayile enje:
- Khetha: Yeyiphi esetyenziselwa ubumbeko lwe-BIND jikelele.
- Ukungena: Inokungena, kwaye inokungahoywa.
- Indawo: Ibizwa ngokuba yi-DNS zone.
- Faka: Isetyenziselwa ukufaka enye ifayile kukhetho lwegama.
- Ungabona kwinkcazo yeenketho, isikhombisi esisebenzayo esibonelelweyo se-BIND sisikhombisi: / var / named.
- Kuya kufuneka kukhunjulwe ukuba isibhengezo sommandla sivumela ukulinganiswa kwendawo ye-DNS, enje nge-google.com domain, ekwanazo ne-subdomains, i-mail.google.com eyaziwayo, kunye ne- analytics.google.com, Ukongeza kwezinye iindawo ezingaphantsi.
- Kubalulekile ukuba uqaphele ukuba nganye yezi zinto zintathu: i-domain kunye ne-subdomains, inendawo echazwe yingxelo yendawo.
Ukuchaza indawo ephambili
Nje ukuba sazi iindidi zeeseva ze-DNS ezikhoyo ezinje ngee-DNS kunye neziphambili, kunye ne-cache.
Iiseva eziziiprayimari neziziisekondari zithathwa njengezinegunya kwiimpendulo zazo, ezahlukileyo kwiseva yokugcina i-caching.
Ngoku, ukunqumamisa indawo ephambili kwifayile, oku kulandelayo kunokusetyenziswa: indawo «likegeeks.com» {; uhlobo lwenkosi; fayile njengegeeks.com.db; };.
Ngokwazi kwabasebenzisi, ifayile enedatha yolwazi ehambelana nendawo apho / var / isikhombisi esinegama sikhona, kuba sisikhombisi esisebenzayo apho kukho khona ukhetho.
Ekumiseleni iiseva zeLinux, ibonisa ukuba kufanele ukuba kukhunjulwe ukuba isoftware yeserver okanye ipaneli yokubamba izenzela ngokuzenzekelayo le fayile inegama, ukuze kuthi ukuba idomeyini ngumzekelo.org, ifayile iya kubizwa ngegama / var / named / Umzekelo.org.
Kwimeko apho olu hlobo lubonakala njengenkosi, oko kuthetha ukuba ikummandla wokuqala.
Inkcazo yendawo yesibini
Inkcazo yommandla wesibini ifana kakhulu nento ebizwa ngokuba yindawo ephambili, inezinto ezimbalwa ezinokulungiswa, masibone: indawo «likegeeks.com» {; Uhlobo lwekhoboka; masters Idilesi ye-IP yasePrayimari yeNameserver Apha; ; fayile efana ne-geeks.com.db kunye};.
Idomeyini kwimimandla yesibini iyafana naleyo yemimandla ephambili, kufuneka ibe luhlobo lwekhoboka, oko kuthetha ukuba yindawo yesibini, ukhetho lweemasters lusebenza ukudwelisa iidilesi ezahlukeneyo ze-IP zeseva yamagama aphambili, ukugqiba isenokuxela ukuba ifayile yindlela yokufaka yeefayile zommandla wokuqala.
Ukuchaza indawo yokugcina i-caching
Ekuqwalaseleni iiseva zeLinux, sikubonisa inkcazo yeendawo zokugcina i-cache, kunokuthiwa le nto iyimfuneko, nangona kunjalo, ayifanelanga kuzalisekiswa ngokuba nendawo ye-caching, enceda ukunciphisa imibuzo eyenziwe kwiseva ye-DNS.
- Ukuchaza ukuba yintoni indawo yokugcina i-caching, kufuneka amacandelo amathathu omda, kunye noku kulandelayo kulungelelwano lokuqala:
- ummandla "." KU- {uhlobo thsuphe; ifayile "ingcambu.hint"; };.
- Kowokuqala kukho ixesha, kuba ziingcambu zamagama, uhlobo oluboniswe njenge: hint; kuthetha ukufikelela kwindawo efihlakeleyo, ngelixa ifayile "iingcambu.hints"; ibhekisa kwifayile eneeseva zeengcambu.
- Ingcambu nameserver yamva nje inokufunyanwa http://www.internic.net/zones/named.root.
Kwindawo yesibini ichazwa kunye nefayile eboniswe ngezantsi: /njl / igama.rfc1912.zones, Ukongeza, ine /etc/igama.conf, ngokusebenzisa "kubandakanya" umyalelo ofakwe ngokungagqibekanga, njenge:
- IZone "localhost" IN {uhlobo inkosi; ifayile "localhost.db"; };.
- Okokugqibela kwindawo yesithathu ukukhangela okuchaseneyo kwekhaya lasekhaya kufunyenwe.
- Indawo "0.0.127.in-addr.arpa" IN {Type master; Ifayile "127.0.0.rev"; }; -.
- Kubalulekile ukuba uqaphele ukuba ukubeka le mimandla mithathu kwi /etc/named.conf, banceda inkqubo ukuba isebenze njenge-caching DNS server, ulwazi lweefayile kufuneka lubhalelwe kwezi zilandelayogegeeks.com.db, localhost. db kunye ne-127.0.0.
Iindidi zerekhodi ze-DNS
Iifayile eziqulathwe kwiziko ledatha ziintlobo zeerekhodi ezinje nge: SOA, NS, A, PTR, MX, CNAME, kunye ne-TXT.
Emva koko, siyazinikezela ukukhankanya uhlobo ngalunye lwerekhodi, siqala ngoku:
I-SOA: ukuqala kwerekhodi yegunya
Uhlobo lwerekhodi lwe-SOA luluhlu olungenisiweyo lwe-DNS kule ndawo ngolu hlobo lulandelayo: example.com. I-86400 KWI-SOA ns1.example.com. imeyile.example.com. (2017012604; serial 86400; hlaziya, imizuzwana 7200; phinda uzame, imizuzwana engama-3600000; iphelelwe, imizuzwana engama-86400; ubuncinci, imizuzwana ).
Kuyabonakala ukuba umgca wokuqala uqala ngethambeka example.com. kwaye iphela ixesha, iyafana nenkcazo yendawo kwifayile /etc/named.conf.
Kuya kuthathelwa ingqalelo ukuba iifayile zokwenza uqwalaselo lwe-DNS zingqongqo ngokugqithisileyo.
Kule nqaku kuqwalaselwa iiseva zeLinux, sikubonisa la magama alandelayo:
- IN imele ubhaliso kwi-Intanethi.
- I-SOA, Guqulela ukuqala kwengxelo yegunya.
- Ns1.example.com., Ibhekisa kwigama ledomain server.
- Imeyile.host.com.es, yile imeyile @, ithathelwe indawo lixesha, kwaye elinye ixesha libekwe ukugqiba.
Kumgca wesi-2, unenombolo yesiriyeli esetyenziselwa ukwazisa kwigama leseva ixesha apho ifayile ihlaziywa khona, oko kuthetha ukuba xa kuguqulwa kulwazi lommandla, oku kufuneka kwandiswe, inani, libhekisa Inombolo ye-serial enefomathi YYYYMMDDxx yokubeka xx kunye nokuqala nge-00.
Umgca wesi-3, ubhekisa kumaxesha ahlaziywa ngawo ngemizuzwana, ibonisa ubungakanani beeseva zesekondari ze-DNS ekufuneka zibonisene neseva ephambili, ukuqala ukukhangela uhlaziyo.
Kumgca we-4, ibhekisa kwinqanaba lokubuyiselwa kwemali ngemizuzwana, lixesha elithathayo kwiserver yesibini ye-DNS emva kokuzama ukunxibelelana neseva ephambili ye-DNS, kwaye ayinakufikelela kuyo.
Umgca wesi-5, umalunga nomgaqo-nkqubo wokuphelelwa lixesha, kwimeko apho iserver yesibini ayinakho ukunxibelelana neseva ephambili ukwenza uhlaziyo, emva koko kuya kufuneka urhoxise ixabiso emva kwenani elibonisiweyo lemizuzwana.
Okokugqibela, umgca we-6, uchaza iiseva zokugcina i-caching ezingakwaziyo ukunxibelelana neseva ephambili ye-DNS, zilinde ngaphambi kokuphela kongeno, ngumgca ophetheyo wokunciphisa ixesha lokulinda.
NS: Igama leerekhodi zeseva
Ezi rekhodi zinokusetyenziswa ngumncedisi we-NS ukunika iinkcukacha zegama lamagama lommandla othile, iirekhodi ze-NS zinokubhalwa ngezi ndlela zilandelayo:
- KWI-NS ns1.example.com. KWI-NS ns2.example.com.
- Akunyanzelekanga ukuba uneerekhodi ezi-2 ze-NS, nangona kunjalo, kukhethwa ukuba ube negama eligcina amagama.
- A kunye neAAAA: Iirekhodi zedilesi.
- Kuya kufuneka ubhalise u-A, uphethe imephu yokubamba igama kwidilesi ye-IP: inkxaso KWI-192.168.1.5. Kwimeko apho umsebenzisi abambe khona kwi suppor.example.com kwidilesi ye-IP 192.168.1.5, inokubhalwa njengakwimeko ekhankanywe apha ngasentla.
PTR: iirekhodi zesikhombisi
Ingxelo ye-PTR isetyenziselwa ukwenza isisombululo segama elichaseneyo, ibuyise idilesi ye-IP, kwaye ibuyisele igama lomphathi. Kukuchasene okupheleleyo koko kwenziwa yirejista ye-A; 192.168.1.5 Kwi-PTR inkxaso.example.com. Kule meko, igama elipheleleyo lomamkeli libekwa ngokubeka istop.
MX: Iirekhodi zotshintshiselwano ngemeyile
Olu hlobo lwerekhodi lwe-MX lubhekisa kwiifayile ezikwiseva yeposi, ngolu hlobo: example.com. KWI-MX ye-imeyile, kunokubonwa ukuba i-domain iphela ngethuba, inombolo ye-10 ithetha ukubaluleka kweseva yeposi, kwimeko apho kukho iiseva ezahlukeneyo zeposi, inani elincinci lithetha ukuba alinanto ingako.
I-CNAME: IiRekhodi zamagama eCanonical
Uhlobo lweerekhodi zeCNAME zezo zinika ukufikelela ngokuthe ngqo kumagama okubamba.
Umzekelo, kukhankanyiwe ukuba unesiza esinegama lomphathi wayo nayiphi na into -bignameis.example.com, kuba inkqubo iseva yewebhu, unokukhetha ukwenza i-www okanye i-CNAME irekhodi alias yomninimzi.
Ukwenza irekhodi leCNAME ungasebenzisa igama www.example.com:
- nantoni na-ibignameis KWI-192.168.1.5.
- www KWI-CNAME nantoni na-ibignameis.
Umgca wokuqala ubonelela ngolwazi kumncedisi we-DNS malunga nendawo ye-alias, ngelixa umgca wesibini uchaza ii-alias ezibonisa i-www.
Iirekhodi zeTXT
Naluphi na uhlobo lwesicatshulwa lunokufakwa kwiirekhodi ze-TXT, ezinje ngolwazi lokunxibelelana okanye olunye ulwazi umsebenzisi afuna ukuba abantu bachonge xa bethetha neseva ye-DNS.
Ngokukwanjalo, unokukhetha ukusebenzisa irekhodi le-RP, ukubeka ulwazi lokunxibelelana: example.com. KWI-TXT »INFO YAKHO IYA APHA».
Ixabiso le-DNS TTL
Kule nxalenye /etc/igama.conf kwisiphelo esingaphezulu kukho i- $ TTL yokungena, yenzelwe ukwazisa UKUBOPHA malunga nobomi berekhodi nganye.
Ixabiso lithathwa ngemizuzwana njenge-14400 imizuzwana (iiyure ezi-4), iiseva ze-DNS emva koko zigcina indawo yakho ukuya kuthi ga kwiiyure ezine kwaye ubuze umbuzo nge-DNS server kwakhona.