Tải bản đầy đủ
[Chapter 8] 8.2 Configuring the Resolver

[Chapter 8] 8.2 Configuring the Resolver

Tải bản đầy đủ

[Chapter 8] 8.2 Configuring the Resolver

[3] Three is the maximum number of servers tried by most BIND implementations.
domain name
The domain entry defines the default domain name. The resolver appends the default domain
name to any hostname that does not contain a dot. [4] It then uses the expanded hostname in
the query it sends to the name server. For example, if the hostname almond (which does not
contain a dot) is received by the resolver, the default domain name is appended to almond to
construct the query. If the value for name in the domain entry is nuts.com, the resolver
queries for almond.nuts.com. If the environment variable LOCALDOMAIN is set, it overrides
the domain entry and the value of LOCALDOMAIN is used to expand hostname.
[4] This is the most common way that default domain names are used, but it is not the
only way. See the section "Domain Names" in Chapter 3 for more details.
search domain ...
The search entry defines a series of domains that are searched when a hostname does not
contain a dot. Assume the entry search essex.nuts.com butler.nuts.com. A query for the
hostname roaster is first tried as roaster.essex.nuts.com. If that fails to provide a successful
match, the resolver queries for roaster.butler.nuts.com. If that query fails, no other attempts are
made to resolve the hostname. This is different from the action of the domain entry. Assume
the entry domain butler.nuts.com. Now a query for roaster is first tried as
roaster.butler.nuts.com and then as roaster.nuts.com if the first query fails. When a search
statement is used, only the domains explicitly mentioned on the command line are searched.
When a domain statement is used, the default domain and its parents are searched. A parent
domain must be at least two fields long to be searched. The resolver would not search for
roaster.com. Use either a search statement or a domain statement. Never use both in the same
configuration. If the environment variable LOCALDOMAIN is set, it overrides the search
entry.
sortlist network ...
Addresses from the networks listed on the sortlist command are preferred over other
addresses. If the resolver receives multiple addresses in response to a query about a multihomed host or a router, it reorders the addresses so that an address from a network listed in the
sortlist statement is placed in front of the other addresses. Normally addresses are returned to
the application by the resolver in the order that they are received. The only exception to this is
that, by default, addresses on a shared network are preferred over other addresses. So if the
computer running the resolver is connected to network 172.16.0.0 and one of the addresses
returned in a multiple address response is from that network, the address from 172.16.0.0 is
placed in front of the other addresses.
The sortlist command is rarely used. To be of any use, it requires that a remote host has
multiple addresses for the same name; that the path to one of those addresses is clearly superior
to the others; and that you know enough about the remote configuration to know which address
file:///C|/mynapster/Downloads/warez/tcpip/ch08_02.htm (2 of 4) [2001-10-15 09:18:23]

[Chapter 8] 8.2 Configuring the Resolver

is preferable.
options option ...
The options entry is used to select optional settings for the resolver. At this writing there are
two valid keywords for option: debug to turn on debugging; and ndots:n to set the
number of dots in a hostname used to determine whether or not the default domain needs to be
applied. The default is 1. Therefore a hostname with one dot in it does not have the default
domain appended before it is passed to the nameserver. If options ndots:2 is specified, a
hostname with one dot in it has the default domain added before the query is sent out, but an
address with two or more dots does not have the default domain added.
The most common resolv.conf configuration defines the default domain name, the local host as the
first nameserver, and two backup nameservers. An example of this configuration is:
# Domain name resolver configuration file
#
domain nuts.com
# try yourself first
nameserver 172.16.12.2
# try almond next
nameserver 172.16.12.1
# finally try filbert
nameserver 172.16.1.2
The example is based on our imaginary network, so the default domain name is nuts.com. The
configuration is for peanut and it specifies itself as the first nameserver. The backup servers are
almond and filbert. The configuration does not contain a sort list or any options, as these are
infrequently used. This is an example of an average resolver configuration.
8.2.1.1 A resolver-only configuration
The resolver-only configuration is very simple. It is identical to the average configuration shown
above except that it does not contain a nameserver entry for the local system. A sample resolv.conf
file for a resolver-only system is shown below:
# Domain name resolver configuration file
#
domain nuts.com
# try almond
nameserver 172.16.12.1
# next try filbert
nameserver 172.16.1.2
The configuration tells the resolver to pass all queries to almond; if that fails, try filbert. Queries are
never resolved locally. This simple resolv.conf file is all that is required for a resolver-only
file:///C|/mynapster/Downloads/warez/tcpip/ch08_02.htm (3 of 4) [2001-10-15 09:18:23]

[Chapter 8] 8.2 Configuring the Resolver

configuration.

Previous: 8.1 BIND: UNIX
Name Service
8.1 BIND: UNIX Name
Service

TCP/IP Network
Administration
Book Index

Next: 8.3 Configuring
named
8.3 Configuring named

[ Library Home | DNS & BIND | TCP/IP | sendmail | sendmail Reference | Firewalls | Practical Security ]

file:///C|/mynapster/Downloads/warez/tcpip/ch08_02.htm (4 of 4) [2001-10-15 09:18:23]

[Chapter 8] 8.3 Configuring named

Previous: 8.2 Configuring
the Resolver

Chapter 8
Configuring DNS Name
Service

Next: 8.4 Using nslookup

8.3 Configuring named
While the resolver configuration requires, at most, one configuration file, several files are used to configure
named. The complete set of named configuration files are:
named.boot
Sets general named parameters and points to the sources of domain database information used by this
server. These sources can be local disk files or remote servers.
named.ca
Points to the root domain servers
named.local
Used to locally resolve the loopback address
named.hosts
The zone file that maps hostnames to IP addresses
named.rev
The zone file for the reverse domain that maps IP addresses to hostnames
The filenames shown here are generic names. We use them to make it easier to discuss the files in this text.
The files can have any names you wish. Use the filenames named.boot and named.local for the boot file and
the loopback address file. Use the name named.ca or one of the well-known alternatives, named.root and
root.ca, for the file that lists the root servers. However, don't use the names named.hosts and named.rev for
your zone files. Use descriptive names. In the following sections, we'll look at how each of these files is
used, starting with named.boot.

8.3.1 The named.boot File
The named.boot file points named to sources of DNS information. Some of these sources are local files;
others are remote servers. You only need to create the files referenced in the primary and cache statements.
We'll look at an example of each type of file you may need to create.
Table 8.1 summarizes the named.boot configuration statements used in this chapter. It provides just enough

file:///C|/mynapster/Downloads/warez/tcpip/ch08_03.htm (1 of 13) [2001-10-15 09:18:25]

[Chapter 8] 8.3 Configuring named

information to help you understand the examples. Not all of the named.boot configuration commands are
used in the examples, and you probably won't use all of the commands in your configuration. The commands
are designed to cover the full spectrum of configurations, even the configurations of root servers. If you
want more details about all of the named.boot configuration statements, Appendix C contains a full
explanation of each command.
Table 8.1: named.boot Configuration Commands
Command Function
directory Defines a directory for all subsequent file references
primary
Declares this server as primary for the specified zone
secondary Declares this server as secondary for the specified zone
cache
Points to the cache file
forwarders Lists servers to which queries are forwarded
options
Enables optional BIND processing
xfrnets
Limits zone transfers to specific addresses
The way in which you configure the named.boot file controls whether the nameserver acts as a primary
server, a secondary server, or a caching-only server. The best way to understand these different
configurations is to look at sample named.boot files. The next sections show examples of each type of
configuration.
8.3.1.1 Configuring a caching-only nameserver
A caching-only server configuration is simple. A named.boot file and a named.ca file are all that you need,
though the named.local file is usually also used. The most common named.boot file for a caching-only
server is:
;
; a caching-only server configuration
;
primary
0.0.127.IN-ADDR.ARPA
cache
.

/etc/named.local
/etc/named.ca

The only line in this sample file required for a caching-only configuration is the cache statement. It tells
named to maintain a cache of nameserver responses, and to initialize the cache with the list of root servers
found in the file named.ca. The name of the file containing the root server list can be any name you wish,
but root.cache, named.root, and named.ca are often used. The presence of a cache statement does not make
this a caching-only configuration; a cache statement is used in every server configuration. It is the absence of
primary and secondary statements that makes this a caching-only configuration.
However, there is one primary statement that is an exception to this rule. You'll see it in our sample
named.boot file, and in almost every caching-only configuration. It defines the local server as the primary
server for its own loopback domain, and it says that the information for the loopback domain is stored in the
file named.local. The loopback domain is an in-addr.arpa domain [5] that maps the address 127.0.0.1 to the
name localhost. The idea of resolving your own loopback address makes sense to most people, so most
named.boot files contain this entry.
file:///C|/mynapster/Downloads/warez/tcpip/ch08_03.htm (2 of 13) [2001-10-15 09:18:25]