[ Pobierz całość w formacie PDF ]
.The search option speci es a listof domain names to be tried.The list items are separated by spaces or tabs.If no search option is given, a default search list is constructed from the local domainname by using the domain name itself, plus all parent domains up to the root.The localdomain name may be given using the domain statement; if none is given, the resolverobtains it through the getdomainname 2 system call.If this sounds confusing to you, consider this sample resolv.conf le for the Virtual Brewery:etc resolv.confOur domaindomain vbrew.comWe use vlager as central nameserver:nameserver 191.72.1.1When resolving the name vale, the resolver would look up vale, and failing this,vale.vbrew.com, and vale.com.6.2.Running named 1076.1.4 Resolver RobustnessIf you are running a LAN inside a larger network, you de nitely should use central nameservers if they are available.The advantage of this is that these will develop rich caches,since all queries are forwarded to them.This scheme, however has a drawback: when a rerecently destroyed the backbone cable at our university, no more work was possible on ourdepartment's LAN, because the resolver couldn't reach any of the name servers anymore.There was no logging in on X terminals anymore, no printing, etc.Although it is not very common for campus backbones to go down in ames, one mightwant to take precautions against cases like these.One option is to set up a local name server that resolves hostnames from your localdomain, and forwards all queries for other hostnames to the main servers.Of course, thisis applicable only if you are running your own domain.Alternatively, you can maintain a backup host table for your domain or LAN inetc hosts.In etc host.conf you would then include order bind hosts " to make the re-solver fall back to the hosts le if the central name server is down.6.2 Running namedThe program that provides domain name service on most un?x machines is usually callednamed pronounced name-dee.This is a server program originally developed for BSDproviding name service to clients, and possibly to other name servers.The version currentlyused on most Linux installations seems to be BIND-4.8.3.The new version, BIND-4.9.3, isbeing Beta-tested at the moment, and should be available on Linux soon.This section requires some understanding of the way the Domain Name System works.If the following discussion is all Greek to you, you may want to re-read chapter 2, whichhas some more information on the basics of DNS.named is usually started at system boot time, and runs until the machine goes downagain.It takes its information from a con guration le called etc named.boot, and variousles that contain data mapping domain names to addresses and the like.The latter arecalled zone les.The formats and semantics of these les will be explained in the followingsection.To run named, simply enterusr sbin named6.2.Running named 108at the prompt.named will come up, read the named.boot le and any zone les speci edtherein.It writes its process id to var run named.pid in ASCII, downloads any zone lesfrom primary servers, if necessary, and starts listening on port 53 for DNS queries.16.2.1 The named.boot FileThe named.boot le is generally very small and contains little else but pointers to masterles containing zone information, and pointers to other name servers.Comments in theboot le start with a semicolon and extend to the next newline.Before we discuss theformat of named.boot in more detail, we will take a look at the sample le for vlager givenin gure 6.1.2;; etc named.boot file for vlager.vbrew.com;directory var named;; domain file;---------------------------------------------------cache.named.caprimary vbrew.com named.hostsprimary 0.127.in-addr.arpa named.localprimary 72.191.in-addr.arpa named.revFigure 6.1: The named.boot le for vlager.The cache and primary commands shown in this example load information into named.This information is taken from the master les speci ed in the second argument.Theycontain textual representations of DNS resource records, which we will look at below.In this example, we con gured named as the primary name server for three domains,as indicated by the primary statements at the end of the le.The rst of these lines, forinstance, instructs named to act as a primary server for vbrew.com, taking the zone datafrom the le named.hosts.The directory keyword tells it that all zone les are located invar named.The cache entry is very special and should be present on virtually all machines runninga name server.Its function is two-fold: it instructs named to enable its cache, and to load1There are various named binaries oating around Linux FTP sites, each con gured a little di erently.Some have their pid le in etc , some store it in tmp or var tmp.2Note that the domain names in this example are given wi thout trailing dot.Earlier versions of namedseem to treat trailing dots in named.boot as an error, and silently discards the line.BIND-4.9.3 is said tox this.6.2.Running named 109the root name server hints from the cache le speci ed named.ca in our example.We willcome back to the name server hints below.Here's a list of the most important options you can use in named.boot:directory This speci es a directory in which zone les reside.Names of les maybe given relative to this directory.Several directories may be speci ed byrepeatedly using directory.According to the Linux lesystem standard, thisshould be var named.primary This takes a domain name and a file name as an argument, declaring thelocal server authoritative for the named domain.As a primary server, namedloads the zone information from the given master le.Generally, there will always be at least one primary entry in every bootle, namely for reverse mapping of network 127.0, which is the localloopback network.secondary This statement takes a domain name , an address list , and a file nameas an argument.It declares the local server a secondary master server forthe domain speci ed.A secondary server holds authoritative data on the domain, too, but itdoesn't gather it from les, but tries to download it from the primary server.The IP address of at least one primary server must thus be given to namedin the address list.The local server will contact each of them in turn until itsuccessfully transfers the zone database, which is then stored in the backuple given as the third argument.If none of the primary servers responds,the zone data is retrieved from the backup le instead.named will then attempt to refresh the zone data at regular intervals.Thisis explained below along in connection with the SOA resource record type.cache This takes a domain and a file name as arguments.This le containsthe root server hints, that is a list of records pointing to the root nameservers.Only NS and A records will be recognized.The domain argumentis generally the root domain name.".This information is absolutely crucial to named: if the cache statement doesnot occur in the boot le, named will not develop a local cache at all.Thiswill severely degrade performance and increase network load if the nextserver queried is not on the local net.Moreover, named will not be able toreach any root name servers, and thus it won't resolve any addresses exceptthose it is authoritative for.An exception from this rule is when usingforwarding servers cf.the forwarders option below.6.2.Running named 110forwarders This statement takes an address list as an argument.The IP addressesin this list specify a list of name servers that named may query if it failsto resolve a query from its local cache.They are tried in order until one ofthem responds to the query
[ Pobierz całość w formacie PDF ]