DOCUMENTATION |
Different computer documentationNames the InternetIntroductionFor the person who has worked even small time in a network, becomes absolutely natural that each computer connected to the Internet, has a title, a name which is easy for remembering. System which allows us to use these customary names for the person, avoiding other inconvenient methods of "marking" of computers, is called DNS (Domain Name System, domain system of names). On the Internet exists, generally speaking, two main addressing modes of computers. The first - numerical (or an IP address; for example, 193.124.134.101), the second - character (noc.radio-msu.net). DNS is created to deliver in correspondence one method to another. To facilitate ordering of the names, all structure of computer names is arranged such образом:есть separate levels (domains) which can include both other subdomains, and names of computers. All titles should consist only of Latin letters, digits and, maybe, minus sign. Separate levels of domains are divided by a point. The typical full domain computer name can look so: computer3.otdel-5.firma.msk.ru In this example such address we assigned to the computer number three which costs in department (number think) firms with a refined English title "firma" which is in Moscow ("Moscow time"), in Russia ("ru"). Local computer name (hostname) here is "computer3", and ".ru" normally is called as the top level domain. The domain msk.ru, accordingly, is the domain of the second level; firma.msk.ru - the third... Within the domain of each level there is a group of people which are responsible for this domain. They can add names of again appeared computers, to change them or to delete. And as a matter of fact, how that machine on which you work in the firm will be called, depends that they will be prompted by imagination to write in configuration file DNS. The one who has the right to administer the domain, can do changes only within this domain. For example, the system administrator of department N5 can change, say, a name "computer3" on "computer4" or to something more human, for example, to name this computer "julia" (Then its full address becomes julia.otdel-5.firma.msk.ru). But to change a name of the domain of 4th level "otdel-5", the manager should ask about it from the system administrator of firm (if, of course, it not one and too the person). Procedure of obtaining of a name, for example, in a zone.ru or.com is called as domain registration. Certainly, each company connected to the Internet, aspires to register as more as possible natural and easy name for storage. So, for "Microsoft inc." It is logical to reserve the domain microsoft.com It is a little domains of top level - all nearby 250. The Most part from them - so-called, geographical domains. For example.de (Deutschland, Germany).ru (Russia, Russia).iq (Iraq, Iraq). The remained not geographical domains of top level-.com (for the commercial companies).net (for network resources).edu (educational institutions).mil (the military organizations).org (the noncommercial organizations).gov (the governmental departments).int (international corporations). If it would want to you to register one more domain of top level it was required to give for this purpose such serious substantiations that would be much easier to organize the small state and for it already to receive the geographical domain. To the beginning of 1998 on all Internet it is registered about 30 million hosts. Allocation on top level domains is resulted in the table: The domain number of hosts the description com 8201511 Commercial net 5283568 Networks edu 3944967 Educational jp 1168956 Japan mil 1099186 US Military us 1076583 United States de 994926 Germany uk 987733 United Kingdom ca 839141 Canada au 665403 Australia org 519862 Organizations gov 497646 Government Russia is in this list on 28th place. Under the domain.ru it is registered about 100 thousand computers. And in Antarctic (.aq) as it appears, there is no computer connected to the Internet. DNS your companyAt a current level of development of communications in Russia, more and more the companies rise before necessity of connection of the local networks to the Internet. If to lower all organizational and commercial questions of connection technically this process will be reduced to the following sequence of actions: - Connection to the provider. Physical connection can be fulfilled very many various methods: from the normal modem to radio networks and an optical fiber. The method of connection and, accordingly, payment make a reservation immediately with the provider. - Obtaining numerical (IP) addresses. That your computers connected to the Internet, became accessible, it is necessary to select for them unique numerical addresses. Normally in the contract to the Internet it is underlined connection, how many and what addresses it is given to use of your company. A format of IP addresses the such: four numbers from 1 to 255, separated by points. For example, 193.124.134.101 - an IP address of any computer in a network. - Adjustment DNS. We admit, you received the unit of IP addresses. Now it is necessary to configure correctly system of names and it is correct to adjust operation of servers with these names. - Procedure of registration of a domain name. It strongly differs for various domains of top level, and can be as free, and on payment. - The further setting of the software on the computers, demanding explicit instructions of a domain name (for example, a Web server). Generally speaking, the majority of Internet providers services in registration of domains by their forces render, but it can be useful for you to represent, how this procedure happens and that for this purpose is required. We will consider the systems working under control of FreeBSD UNIX though the same calculations are without effort transferred and on any other system in specific examples. First of all, for high-grade operation DNS it is necessary for you two or more computers, so-called, name-servers which it is independent from each other подключенны to the Internet (better if they are in different networks or even the different countries). Such structure provides invariable system operation of conversion of the character address in numerical and is reverse, even if any time some of these computers will be inaccessible on a network. On such computers the special program-demon named which processes requests about address translation is launched and answers them. To adjust DNS - means correctly to write configuration files named. The Name-server happen primary and secondary. Sometimes them name primary and secondary, and also master and slave. Primary the name-server can be only one. On it all information on domains and if there are changes the configuration is corrected only on it is stored. Secondary name-servers there can be a little, but a normal practice - one secondary nameserver. Additional secondary the name-server serve for fall forward of deciphering of your address and for increase of stability of such conversion. For small networks three and more secondary name-servers is already an excess. Secondary the name-server with the given periodicity in an automatic mode read out a current configuration from the primary-server. We note that the same computer can be simultaneously the primary-server for one domains and secondary nameserver'ом for several others. We consider specific implementation of such DNS-servers in following sections. If you have some experience in the Internet to you examples of domain names of the various organizations and firms, most likely, are known. As an example we result casually taken addresses of servers: How to adjust DNSThe program named in most cases is included into a standard dial-up of means of operating systems UNIX. If in its your case it did not appear, try to make program search named for your system in Internet search servers (AltaVista, Lycos etc.). Normally principal file with adjustments named is called named.boot and lies in a directory/etc. To launch a demon named it is mandatory with privileges of the user root. In this case it is considered FreeBSD versions 2.2.2 with standard named. The program lies in/usr/sbin/named, and preparations for a configuration in a directory/etc/namedb. First of all, before any change of a configuration save the previous files of adjustments that always it was possible to return to an initial state. Let's copy named.boot in the necessary directory: % cp/etc/namedb/named.boot/etc Comments in named.boot begin with ";" on the first place in line. Let's consider various directives in named.boot: directory/etc/namedb It is that directory in which configuration files for each of domains which this name-server will hold will be stored. cache. named.root This special option sets a file name named.root in a directory/etc/namedb in which IP addresses of computers which "know all" about domain names contain, that is, contain the domain "point". The information on all domains of top level and if on DNS-inquiry the answer has not been given at earlier stage is stored In these servers, that, reaching one of such top-level servers, the request goes on a necessary branch downwards. Here a piece of this file: ; formerly NS.INTERNIC.NET . 3600000 IN NS A.ROOT-SERVERS.NET. A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4 ; formerly NS1.ISI.EDU The file named.root впоследствие needs to be taken away periodically with FTP.RS.INTERNIC.NET as IP addresses top-level servers in some months can and exchange. The following directive in a configuration file says that our name-server is primary the name-server for any zone, that is, contains all information on it. Its syntax is that: primary [имя.домена] [имя_файла] Example: primary radio-msu.net db.radio-msu.net primary math.msu.su db.math.msu.su It means that we installed primary nameserver for domains radio-msu.net (the domain of the second level) and math.msu.su (the third level), but we did only a small part of operation. After that it will be necessary to describe these domains in the text files which are called db.radio-msu.net and db.msu.su in a directory/etc/namedb. We specially selected names of files similar to names of domains corresponding to them from convenience reasons. Names of configuration files it is more anywhere than a role do not play, and you have the right to name them somehow. To create and edit them it is possible by means of the normal text editor, being in a directory/etc/namedb. The detailed description db.* files will be given hardly more low. To become secondary nameserver'ом for other domains, in named.boot it is necessary to write a line of such plan: secondary npi.msu.su 158.250.2.232 db.npi.msu.su secondary rector.msu.su 193.232.112.1 db.rector.msu.su The directive general view is that: secondary [имя.домена] [an IP address primary nameserver'а] [имя_файла] The first parameter here - a domain name for which we install secondary. For it is mandatory there should be a primary name-server from which the demon will periodically read out the data about this domain. Instead of one IP address primary nameserver'а can go and the address list, whence still it is possible to learn the information on the domain. It is used in the event that we create multilayer system nameserver'ов with various priorities, etc. In most cases in this field primary address is brought only. The last parameter - the name of a temporal file selected by us arbitrarily in which the demon named will store the information on the domain, received from primary the name-server. As well as in the first case, names of files are better for assigning conformable with a domain name. By the way, to install secondary nameserver for the domain, it is necessary to add only one such line named.boot, and all. Correctly to adjust primary the name-server, we needed to consider configuration files db.* (these files also are called as zone files). A record General view in this file: [domain] [opt_ttl] [opt_class] [type] [resource_record_data] Where domain is "." For the description of the domain of top level, for the current domain or a normal domain name (in particular, it is simple the machine name (hostname)). opt_ttl - An optional field, an integer number which means lifetime (time-to-live) this record in seconds. After this period record contents should be updated automatically. opt_class - Type of the address of object. Such type exists only one which, actually, and is underlined ("IN"). type - record type (рассмариваются more low) resource_record_data - The data of this type Let's consider an example primary nameserver'а and corresponding to it to a file of a zone for the domain radio-msu.net. In case you will use these examples as a manual, do not forget, пожайлуста to change all records according to structure of your network. In named.boot we should register such line: primary radio-msu.net db.radio-msu.net And in a directory/etc/namedb we create a file with a title db.radio-msu.net about such contents:
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; BIND configuration for the primary nameserver
; Radio-MSU.NET host table
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
@ IN SOA ns.radio-msu.net. art.radio-msu.net. (
1998022300; Serial
28800; Refresh
7200; Retry
604800; Expire
86400); Minimum ttl
;----------------------------------------------------------------
IN NS ns.radio-msu.net.
NS mskws.desy.de.
localhost IN A 127.0.0.1
;----------------------------------------------------------------
@ IN MX 20 mpr
MX 40 mskws.desy.de.
;----------------------------------------------------------------
ns IN A 193.124.134.1
IN MX 10 ns
IN MX 50 relay
;----------------------------------------------------------------
telion IN A 193.124.134.2
MX 10 telion
MX 20 relay.radio-msu.net.
MX 50 mskws.desy.de.
www IN CNAME telion
;----------------------------------------------------------------
noc IN A 193.124.134.101
IN MX 10 noc
IN MX 20 relay
;----------------------------------------------------------------
mpr IN A 193.124.134.3
MX 10 mpr
MX 50 mskws.desy.de.
pop IN A 193.124.134.3
uucp IN A 193.124.134.3
relay IN A 193.124.134.3
mail IN A 193.124.134.3
vika IN A 193.124.134.5
MX 10 vika
MX 50 relay
;----------------------------------------------------------------
brusun IN A 193.124.134.20
diana IN A 193.124.134.7
sftgames IN CNAME telion
chat IN CNAME brusun
;------------------------ THE END----------------------------
Let's note that all the line long, beginning with ";", are comments and are used for improving читабельности the text. Now we consider the types of records meeting in our configuration: The very first record in any such file looks as follows: @ IN SOA ns.radio-msu.net. art.radio-msu.net. ( Character means that the further directives concern the current domain (that is, to the domain radio-msu.net). A field "IN" можнно to consider несущественым, and after it there is a record type declaration: SOA - (Start of authorizing) - a responsibility zone. The further parameters define, who is responsible for this domain how often to update the information on this zone on secondary-servers, and also other auxiliary information. The first field of parameters of this record - a name primary the name-server containing a zone. After it the address of the technical contact person who are responsible for the domain follows. Pay special attention on points in the end of these addresses! The point means in the end that this address is a normal domain name, and it does not need to be added on the right the domain to which there corresponds our configuration file. That is, if instead of ns.radio-msu.net. To write ns.serv the computer ns.serv.radio-msu.net will mean The point in the end of character names needs not to forget to be put and in other fields of a zone. It is one of the most widespread errors. To write "ns.radio-msu.net" - means, to mean server "ns.radio-msu.net.radio-msu.net" which simply does not exist. Remained in parentheses after the contact person of record SOA of five parameters - the integer numbers defining временые intervals of information interchange about this domain between primary and secondary. The first ("1998022300" at us) - serial number (serial number) records. On change of serial number secondary the name-server define, whether contents of the domain or not, and accordingly have been changed, whether it is necessary to read out all domain from the primary-server. Serial number should consist of ten digits and mandatory should be replaced manually on any больший at any измеении any record in a domain file. Such variant is ideally suited for these purposes: first four digits serial'а - year, then two for month and number. Last two - serial number (since 00) editions during the day. If we change a domain configuration at the same time we should increase and serial number. And at such job serial'а the magnification happens the automatic machine. After serial number there is field Refresh which specifies time in seconds, whether after which secondary the name-server checks the given zone on the primary-server and if changes were there is a transmission of a file to a zone changed. If thus at it it did not turn out to incorporate for any reasons to the server the following attempt secondary makes after Retry seconds (the third parameter). In the event that also the subsequent attempts to be connected to primary and to learn the information on a zone terminate in failure, the secondary name-server after the lapse of Expire forgets seconds all information on this zone. The last field (' Minimum TTL ') specifies in minimum lifetime (Time To Live) records in a zone file if only in any record other value in an optional field opt_ttl is not specified. Recommended values for these values are that: 28800; Refresh 8 hours 7200; Retry 2 hours 604800; Expire 7 days 86400; Minimum TTL 1 day However nobody has the right to prevent to deliver you the values. Only do not put too small values (less hour) - differently you simply hammer in a network the useless information continuously sent from primary to secondary. Now consider records of following type: NS - (Name Server) - enumerates the name-server (both primary, and secondary) which hold this zone. Do not forget about a point in the end of a name!
IN NS ns.radio-msu.net.
NS mskws.desy.de.
Here we for a zone.radio-msu.net specified two name-servers (the first of them - primary, the second - secondary) on which all information on the domain contains. Further there is one of most often meeting records DNS: A - (Address) - the host address. On the first place in such line there will be a character computer name in the current domain, after that "IN A", and then - the numerical IP address corresponding to this machine. It is recommended to import, for example, such line to a zone file: localhost IN A 127.0.0.1 It allows to address from any computer in a network to itself, using the reserved name localhost. Somehow to name the new computer in a network, you need to add simply such line in a zone file (do not forget after that to correct only serial number in record SOA and after all changes to restart a demon named (to make to it kill-1)). In the considered example we see such lines: ns IN A 193.124.134.1 telion IN A 193.124.134.2 diana IN A 193.124.134.7 Means, we named computers with appropriate IP addresses names ns, telion and diana. The name www which allows to address to a domain Web server is very often used. If we changed here a word ' telion ' on ' www ' to the address the machine with an IP address 193.124.134.2 http://www.radio-msu.net/ responded. In our case, it is possible to arrive in more artful image, using record of type CNAME. CNAME - (Canonical name) - in a transliteration with Latin, on a computer slang such record is called алиас (alias). You as though add to the computer one more name which at resolution turns to the same IP address, as the main name. www IN CNAME telion Now the name www.radio-msu.net will be similarly telion.radio-msu.net. Алиасов for one IP address can be as much as necessary, but on them the only stipulation is superimposed: that name (canonical) which costs after CNAME, should be described somewhere also. Is admitted to use as a canonical name and alias if only such chain алиасов was not shorted. In quality cname any nominal address in a network can appear, is not mandatory from the current domain, for example: other IN CNAME www.sun.com. And going now to the address other.radio-msu.net, we get on the Sun Microsystems server. Let's note one more moment. The computer can give the second name and so: mail IN A 193.124.134.3 relay IN A 193.124.134.3 Thus we will have some records of type ' A ', corresponding to one IP address. It contradicts nothing but so to do - the bad style. The following important type of records - records of type MX. MX - (Mail eXchange) - transfer of mail messages. They normally follow type records ' A ' or ' SOA '. They are used normally so: [domain] IN MX [pref_value] [mail_server] Where domain - an optional field. If it is, record онтосится to this domain if is not present - that to previous with type ' A '. In the event that on a place [domain] there is ' ' character or this field misses, but record is in the beginning of a file of a zone (at once after SOA) such field MX will concern the domain to which there corresponds a current db-file. ' IN ' also it is possible to specify, and it is possible to lower. mail_server - a domain name of an email server to which will manage all mail coming on this domain. On this server there should be the programs supporting mail SMTP protocol. For reliability augmentation of transfer of mail, you can specify successively some email servers. In the event that one of them ceases to work, all mail on the domain will go on these "spare" mails-servers which at the first possibility send all electronic letters which have been collected at them on the main email server. To regulate such system, and the parameter pref_value (a priority of an appropriate email server) which can change from 0 (the biggest priority) to 32767 (mail on a mail-server with such value pref_value will come in absolutely extreme case) is entered. If at you record MX unique for any domain value of this field does not play a role. But at usage only one mail-server during those moments when it for any reasons is inaccessible, mail will be lost. Therefore ordinary put two-three MX-records, and priorities at them install round numbers from 10 to 100. An example:
mpr IN A 193.124.134.3
MX 10 mpr
MX 50 mskws.desy.de.
So, mail going on mpr (for example, on john@mpr.radio-msu.net), first of all tries to lay down on itself mpr, and in the event that at it it does not turn out, the second variant (50 more than 10) - mskws.desy.de where mail lies until while mpr again does not earn will be used. Frequently it is necessary to use shorter mailing addresses, like alla@radio-msu.net. It becomes thus:
@ IN MX 20 mpr
MX 40 mskws.desy.de.
Situation in accuracy the same. Mail on somebody@radio-msu.net перенаправляется on mpr (or on mskws), and on these computers should be already correctly adjusted the mail programs understanding, on what domain mail comes and that with it it is necessary to do further. For this purpose you, unfortunately, should familiarize with the appropriate documentation to an email server. Following types of records are used less often, nevertheless, we result them here: NULL - empty record. Most likely, it should be used for reservation of a domain name, but in practice it is applied only in the event that it is necessary to remove for some time from DNS'а record about any machine. Though such lines simply закомментарить are easier. RP - (Responsible Person) - the person responsible for this domain: xerox IN RP Ivanov Ivan HINFO - (Host Information) - the information on the computer (processor type, an operating system etc.). It is used extremely rarely. We needed to consider the last special type of record ' PTR ' (domain name pointer), this record is used in db.* files so-called "a reverse zone" (reverse-dns). In examples considered before we saw how to install correlation between character names and numerical IP addresses, but only in one side: from character names to the numerical. The domain system of names should provide reverse conversion also: from the numerical address in the string. For these purposes, actually files of a reverse zone (Reverse-DNS) which structure in many respects reminds files of zones which we considered above also serve. Servers also are necessary for reverse zones primary and secondary. In a configuration file named.boot for setting primary the name-server such line can be written approximately: primary 134.124.193.in-addr.arpa db.193.124.134 The domain ' in-addr.arpa ' - auxiliary. It is used for a designation of numerical IP addresses. Be attentive: at such method of record from your full IP addresses from 4 numbers remain only first three, the general for computers in your local network (or its any section). And, these numbers are interchanged the position: so the domain 80.67.194.in-addr.arpa will correspond to addresses of a grid 194.67.80.*. Secondary the name-server of reverse zones are installed to similarly direct zones - in named.boot the line is written secondary 100.250.158.in-addr.arpa 158.250.100.1 db.158.250.100 This line we installed secondary the name-server for a reverse-zone of IP addresses of a network 158.250.100, and primary the computer of this network with 158.250.100.1 address will be the name-server. Mandatory line in named.boot is the reverse zone of a grid 127.0.0, as in it there is an IP address 127.0.0.1 (localhost, loopback) is a special address, at reversal on which from any computer, we get on it. So, in named.boot there should be a line: primary 0.0.127.IN-ADDR.ARPA db.local The big and small letters here do not differ. And in a directory/etc/namedb we create a file db.local about such contents (names of domains to you, naturally, it is necessary to change for the):
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; db.local - Local domain configuration
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
@ IN SOA ns.radio-msu.net. art.radio-msu.net. (
1995101500; Serial
14400; Refresh
3600; Retry
3600000; Expire
259200); Minimum ttl
IN NS ns.radio-msu.net.
1 IN PTR localhost.
;-----------------------------------------------
So, you installed Reverse-DNS for 127.0.0.1. We consider now an example of setting of a reverse zone for the same domain (' radio-msu.net '). In named.boot primary the name-server the line registers: primary 134.124.193.in-addr.arpa db.193.124.134 In a directory/etc/namedb we create a file with a name db.193.124.134 for a reverse zone. Here, as well as in the previous situations, the in itself name of the big role does not play, therefore it is possible to select its lung for storage. Now we look at that can contain in this file:
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; BIND configuration for the primary nameserver
; Radio-MSU.NET reverse DNS
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
@ IN SOA ns.radio-msu.net. art.radio-msu.net. (
1998022300; Serial
14400; Refresh
3600; Retry
1209600; Expire
345600); Minimum ttl
IN NS ns.radio-msu.net.
NS mskws.desy.de.
0 IN PTR Radio-MSU-Ether.Radio-MSU.net.
A 255.255.255.0
1 IN PTR ns.radio-msu.net.
2 IN PTR telion.radio-msu.net.
3 IN PTR mpr.radio-msu.net.
5 IN PTR vika.radio-msu.net.
7 IN PTR diana.radio-msu.net.
20 IN PTR brusun.radio-msu.net.
101 IN PTR noc.radio-msu.net.
;----------------------------------------------------------------
As we see, in a reverse zone in the core records of type PTR are used. The record structure is that: [ip_address #4] IN PTR [имя.домена] Where ip_address #4 - last from 4 numbers of an IP address (its values can be from 0 to 255). First three components are set for the given file of a reverse zone from named.boot. Record PTR sets correspondence between an IP address and a domain name. It is important to mark that for the correct operation correspondence of numerical and character addresses in direct and reverse zones is necessary, differently the result will be unpredictable. In a file of a reverse zone the record of type SOA completely similar SOA of a direct zone costs the first record. After that there is a listing of name-servers (record of type NS). And independently there is a line for 193.124.134.0 address which designates all Ethernet-section of a network. To register the zero address optionally. |