互联网dns架构实现&&智能dns实现
互联网dns架构实现&&智能dns实现
实验环境:准备8台虚拟机,具体ip配置如下图
实验目的:互联网DNS工作原理的简单实现(域名解析、只缓存DNS服务器、DNS子域委派和转发、主从复制、CDN智能DNS)
一、互联网dns架构实现
10.35.78.69:web服务搭建:
]# yum install httpd
]# systemctl start httpd
]# systemctl enable httpd
]# echo www.yahu.com on 10.35.78.69 > /var/www/html/index.html
10.35.78.63:管理yahu.com域的主dns服务器搭建
]# vim /etc/named.conf
options {
listen-on port 53 { any; }; #监听在本机所有网口的ip上
……
allow-query { any; }; #允许查询dns的机器
……
};
]# vim /etc/named.rfc1912.zones
zone “yahu.com” IN {
type master;
file “yahu.com.zone”;
};
]# cp -a /var/named/named.empty /var/named/yahu.com.zone
]# vim /var/named/yahu.com.zone
$TTL 3H
@ IN SOA master ljh (
1 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
@ NS master
NS salve
master A 10.35.78.63
salve A 10.35.78.64
www A 10.35.78.69
]# rndc reload
10.35.78.64:管理yahu.com域的(从dns服务器)slave搭建
]# vim /etc/named.conf
options {
listen-on port 53 { any; }; #监听在本机所有网口的ip上
……
allow-query { any; }; #允许查询dns的机器
……
};
]# vim /etc/named.rfc1912.zones
zone “yahu.com” IN {
type slave;
file “slaves/yahu.com.salve.zone”;
masters { 10.35.78.63; };
};
]# rndc reload
]# ll /var/named/slaves/ #从dns服务器数据同步完成
-rw-r–r-- 1 named named 344 Nov 2 03:39 yahu.com.salve.zone
10.35.78.25: #管理com域的主dns服务器搭建
]# vim /etc/named.rfc1912.zones
zone “com” IN {
type master;
file “com.zone”;
};
]# vim /var/named/com.zone
$TTL 3H
@ IN SOA ns admin (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS ns
yahu NS ns1 #子域委派
ns A 10.35.78.25
ns1 A 10.78.78.63 #主从都可以委派
ns1 A 10.35.78.64
]# rndc reload
10.35.78.24:自定义根dns服务器搭建
]# vim /etc/named.conf
zone “.” IN { #修改根区域的区域数据文件
type master;
file “root.zone”;
};
]# vim /var/named/root.zone
$TTL 3H
@ IN SOA ns admin (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS ns
com NS ns1
ns A 10.35.78.24
ns1 A 10.35.78.25
]# rndc reload
10.35.78.26:
]# vim /etc/named.conf
options {
listen-on port 53 { any; };
……
allow-query { any; };
……
dnssec-enable no;
dnssec-validation no;
……
};
]# vim /var/named/named.ca
. 518400 IN NS a.root-servers.net.
a.root-servers.net. 518400 IN A 10.35.78.24
]# rndc reload
10.35.78.29:只缓存DNS服务器(LDNS),dns转发服务器
options {
listen-on port 53 { any; };
……
allow-query { any; };
……
dnssec-enable no; #关键
dnssec-validation no; #关键
forward first; #将dns查询转发给10.35.78.26,不会直接向根dns请求
forwarders {10.35.78.26;};
……
};
]# rndc reload
10.35.78.27:
]# dig www.yahu.com @10.35.78.29
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-16.P2.el7 <<>> www.yahu.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43459
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 3
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION: # 问题:查询www.yahu.com的A记录
;www.yahu.com. IN A
;; ANSWER SECTION: # 答复:www.yahu.com的A记录为10.35.78.69
www.yahu.com. 10788 IN A 10.35.78.69
;; AUTHORITY SECTION:
yahu.com. 10787 IN NS ns1.com.
;; ADDITIONAL SECTION: # 权威dns服务器ip有两个:10.35.78.64和10.35.78.63
ns1.com. 10787 IN A 10.35.78.64
ns1.com. 10787 IN A 10.78.78.63
;; Query time: 1 msec
;; SERVER: 10.35.78.29#53(10.35.78.29)
;; WHEN: Tue Nov 03 10:32:13 CST 2020
;; MSG SIZE rcvd: 107
智能dns实现
10.35.78.63
]# vim /var/named/yahu.com.zone
$TTL 3H
@ IN SOA master lujihui (
7 ; serial #修改版本号,同步slave
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
@ NS master
NS salve
master A 10.35.78.63
salve A 10.35.78.64
www CNAME www.xmj.com. #只添加一条cname,舍弃原来的A记录
]# rndc reload
10.35.78.25
]# vim /var/named/com.zone
添加如下记录
xmj NS ns2
ns2 A 10.35.78.79
10.35.78.79 (智能dns)
]# vim /etc/named.conf
在options前添加
acl beijing { 10.35.78.27;};
acl zhengzhou { 10.35.78.80;};
acl other { any;};
view beijingview {
match-clients {beijing;};
include “/etc/named.beijingview.zones”;
};
view zhengzhouview {
match-clients {zhengzhou;};
include “/etc/named.zhengzhouview.zones”;
};
view otherview {
match-clients {other;};
include “/etc/named.rfc1912.zones”;
};
/include “/etc/named.rfc1912.zones”;/
]# vim /etc/named.beijingview.zones
zone “xmj.com” {
type master;
file “xmj.com.zone.bj”;
};
]# vim /etc/named.zhengzhouview.zones
zone “xmj.com” {
type master;
file “xmj.com.zone.zz”;
};
]# vim /var/named/xmj.com.zone.bj
$TTL 86400 ; 1 day
@ IN SOA dns1 dnsadmin (
3 ; serial
86400 ; refresh (1 day)
3600 ; retry (1 hour)
604800 ; expire (1 week)
10800 ; minimum (3 hours)
)
NS dns1.xmj.com.
dns1 A 10.35.78.79
websrv A 10.35.78.25
www CNAME websrv
]# vim /var/named/xmj.com.zone.zz
$TTL 86400 ; 1 day
@ IN SOA dns1 dnsadmin (
3 ; serial
86400 ; refresh (1 day)
3600 ; retry (1 hour)
604800 ; expire (1 week)
10800 ; minimum (3 hours)
)
NS dns1.xmj.com.
dns1 A 10.35.78.79
websrv A 10.35.78.69
www CNAME websrv
10.35.78.27,10.35.78.80,将dns服务器设置为10.35.78.29
]# curl www.yahu.com # 会得到不同服务器的返回
CDN原理: 我们在地址栏键入一个网址,浏览器发现本地没有关于这个网址的 DNS 缓存,所以向网站的 DNS 服务器发起请求。 网站的 DNS 服务器设置了 CNAME,指向了某个 CDN 服务器,也就是我们常见的阿里云、腾讯云、Cloudflare 之类的,去请求 CDN 中的智能 DNS 均衡负载系统。 均衡负载系统解析域名,把对用户响应最快的节点返回给用户,然后用户向该节点发出请求。 如果是第一次访问该内容,CDN 服务器会向源站请求数据并缓存,否则的话,直接在缓存节点中找到该数据,将请求结果发给用户。 对于最简单的 CDN 系统而言,只要一台 DNS 调度服务器和一个节点服务器即可,但在复杂的应用中,会存在多级缓存,多台 Cache 来协同工作。