13.5 Deploy the cache server
May 24, 2021 That's what Linux should learn
The DNS Cache Server is a DNS server that is not responsible for domain name data maintenance. S imply put, a caching server is a server that keeps the parsing records of domain names and IP addresses that users often use locally on the host, thereby increasing the efficiency of the next resolution. D NS cache servers are typically used in enterprise intranets that frequently visit certain fixed sites and have high speeds of access to those sites, but are not widely used. Also, whether the cache server can be successfully resolved is related to the allowing policy of the specified parent DNS server, so you only need to know at this time.
Step 1: Configure the system's dual network card parameters. A s mentioned earlier, cache servers are generally used on the enterprise intranet to reduce the time it takes for intranet users to query DNS. T herefore, in order to be closer to the real network environment and realize the extranet query function, we need to add another network card to the cache server and configure two Linux virtual machine systems according to the information shown in Table 13-4. In addition, the newly added network card needs to be set to "bridge mode" in the virtual machine software, and then set to the same network parameters as the physical device (here we need to follow the real network parameters of the physical device to configure, Figure 13-6 shows the DHCP way to obtain IP address and gateway and other information, the effect of restarting the network service is shown in Figure 13-7).
Table 13-4 is used to configure the parameter information required for a Linux virtual machine system
Host Name Operating System IP Address Cache Server RHEL 7 Network Card (External): Configured according to the network parameters of the physical device (information such as IP address and gateway specified by DHCP or manual): 192.168.10.10 Client RHEL 7 192.168.10.20
Figure 13-6 obtains network parameters as DHCP
Figure 13-7 shows the working status of the network card
Step 2: Add cache forwarding parameters to the main profile of the bind service provider. A dd a line of parameters at approximately line 17, "forwarders" and the parent DNS server address; } ; T he parent DNS server address refers to the server that gets the data profile. T aking into account the query speed, stability, security and other factors, Mr. Liu Wei is here to use the address of the Beijing public DNS server 210.73.64.1. If you also use the address, first test whether you can ping it so as not to cause DNS domain name resolution to fail.
[root@linuxprobe ~]# vim /etc/named.conf 1 // 2 // named.conf 3 // 4 // Provided by Red Hat bind package to configure the ISC BIND named(8) DNS 5 // server as a caching only nameserver (as a localhost DNS resolver only). 6 // 7 // See /usr/share/doc/bind*/sample/ for example named configuration files. 8 // 9 options { 10 listen-on port 53 { any; } ; 1 1 listen-on-v6 port 53 { ::1; } ; 1 2 directory "/var/named"; 1 3 dump-file "/var/named/data/cache_dump.db"; 1 4 statistics-file "/var/named/data/named_stats.txt"; 1 5 memstatistics-file "/var/named/data/named_mem_stats.txt"; 1 6 allow-query { any; } ; 1 7 forwarders { 210.73.64.1; } ; . ................. O mit some of the output information... S tep root@linuxprobe 3: Restart the DNS service and verify the results. T he DNS server address parameter of the client host is modified to the IP address 192.168.10.10 of the DNS cache server, as shown in Figure 13-8. This allows the client to use the domain name query resolution service provided by the local DNS cache server.
Figure 13-8 sets the DNS server address parameters for the client host
After the network parameters of the client host have been set properly and the network service is restarted, the nslookup command can be used to verify the results of the experiment (if parsing fails, ask the reader to be aware of the problem selected by the parent DNS server). Where the Server parameter provides the server address for the domain name resolution record, it is visible that the resolution is provided by the local DNS cache server.
[root@linuxprobe ~]# nslookup
www.linuxprobe.com Server: 192.168.10.10 Address: 192.168.10.10#53
Non-authoritative answer: Name: www.linuxprobe.com Address: 113.207.76.73 Name: www.linuxprobe.com Address: 116.211.121.154
8.8.8.8 Server: 192.168.10.10 Address: 192.168.10.10#53
Non-authoritative answer: 8.8.8.8.in-addr.arpa name = google-public-dns-a.google.com. A uthoritative answers can be found from: in-addr.arpa nameserver = f.in-addr-servers.arpa. i n-addr.arpa nameserver = b.in-addr-servers.arpa. i n-addr.arpa nameserver = a.in-addr-servers.arpa. i n-addr.arpa nameserver = e.in-addr-servers.arpa. i n-addr.arpa nameserver = d.in-addr-servers.arpa. i n-addr.arpa nameserver = c.in-addr-servers.arpa. a .in-addr-servers.arpa internet address = 199.212.0.73 a.in-addr-servers.arpa has AAAA address 2001:500:13::73 b.in-addr-servers.arpa internet address = 199.253.183.183 b .in-addr-servers.arpa has AAAA address 2001:500:87::87 c.in-addr-servers.arpa internet address = 196.216.169.10 c.in-addr-servers.arpa has AAAA address 2001:43f8:110::10 d .in-addr-servers.arpa internet address = 200.10.60.53 d.in-addr-servers.arpa has AAAA address 2001:13c7:7010::53 e.in-addr-servers.arpa internet address = 203.119.86.101 e.in-addr-servers.arpa has AAAA address 2001:dd8:6::