dns & bind (to be continued)

2.1. The Domain Name Space:

DNS's distributed database is indexed by domain names. Each domain name is essentially just a path in a large inverted tree, called the domain name space.

The depth of the tree is limited to 127 levels.

Each node in the tree has a text label (without dots) that can be up to 63 characters long.A null (zero-length) label is reserved for the root.

If the root node's label actually appears in a node's domain name, the name looks as though it ends in a dot, as in "www.oreilly.com."(It actually ends with a dot)(a trailing dot in a domain name  indicates that the domain name is absolute. An absolute domain name is written relative to the root and unambiguously specifies a node's location in the hierarchy)

An absolute domain name is also referred to as a fully qualified domain name, often abbreviated FQDN.

Names without trailing dots are sometimes interpreted as relative to some domain name other than the root.

2.3. Delegation

the main goals of the design of the Domain Name System was to decentralize administration. This is achieved through delegation.

Delegating domains is a lot like delegating tasks at work. A manager may break up a large project into smaller tasks and delegate responsibility for each of these tasks to different employees.

2.4. Name Servers and Zones

The programs that store information about the domain name space are called name servers.

Name servers generally have complete information about some part of the domain name space (a zone), which they load from a file or from another name server.

The name server is then said to have authority for that zone.

Delegation, in the abstract, involves assigning responsibility for some part of your domain to another organization. What really happens, however, is the assignment of authority for your subdomains to different name servers. (Note that we said "name servers," not just "name server.")

2.4.2. Types of Name Servers

 Two: master and slave name servers

Normally,slave name servers 

gets the zone data from master(zone transfer)

master gets from zone data files.

Slave name servers can also load their zone data from data files.  If the slave is later killed and restarted, it will read the backup data files first, then check to see whether its zone data is current.

2.5. Resolvers

Resolvers are the clients that access name servers.

  • Querying a name server

  • Interpreting responses (which may be resource records or an error)

  • Returning the information to the programs that requested it

In BIND, the resolver is just a set of library routines linked into programs such as Telnet and FTP. It's not even a separate process.


2.6. Resolution

 Not only can they give you data from zones for which they're authoritative, they can also search through the domain name space to find data for which they're not authoritative. This process is called name resolution or simply resolution.

A name server can issue a query to a root name server for any domain name in the domain name space, and the root name server starts the name server on its way.

2.6.1. Root Name Servers

2.7. Caching

2.7.1. Time to Live

Deciding on a time to live for your data is essentially deciding on a trade-off between performance and consistency. A small TTL helps ensure that data in your zones is consistent across the network, because remote name servers will time it out more quickly and be forced to query your authoritative name servers more often for new data. On the other hand, it tends to increase the load on your name servers and lengthen resolution time for information in your zones.


3.2. Choosing a Domain Name

registry is an organization responsible for maintaining a top-level domain's (well, zone's, really) data files, which contain the delegation to each subdomain of that top-level domain. Under the current structure of the Internet, a given top-level domain can have no more than one registry.

registrar acts as an interface between customers and the registry, providing registration and value-added services. It submits to the registry zone data and other data (including contact information) for each of its customers in a single top-level domain.

Registration, then, is the process by which a customer tells a registrar which name servers to delegate a subdomain to and provides the registrar with contact and billing information. The registrar then makes these changes through the registry.

start of authority (SOA) record

 

 

4.2.1. The Zone Data Files

DNS lookups are case-insensitive

Resource records must start in the first column of a line. 

SOA record

Indicates authority for this zone

NS record

Lists a name server for this zone

Other records
Data about hosts in this zone

Of the other records, this chapter covers:

A

Name-to-address mapping

PTR

Address-to-name mapping

CNAME

Canonical name (for aliases)

 

 

movie.edu. IN SOA terminator.movie.edu. al.robocop.movie.edu. (

                                              1 ; Serial

                                              3h ; Refresh after 3 hours

                                              1h ; Retry after 1 hour

                                              1w ; Expire after 1 week

                                              1h ) ; Negative caching TTL of 1 day

The IN stands for Internet.

The first name after SOA (terminator.movie.edu.) is the name of the primary master name server for the movie.edu zone. 

The second name (al.robocop.movie.edu.) is the mail address of the person in charge of the zone if you replace the first "." with an "@". 

The parentheses allow the SOA record to span more than one line.

Most of the fields within the parentheses of the SOA record are for use by slave name servers.

Unlike host table lookups, a DNS lookup can return more than one address for a name.

你可能感兴趣的:(continue)