< Day Day Up > |
A DNS server uses several zone files covering different components of the DNS. Each zone uses two zone files: the principal zone file and a reverse mapping zone file. The zone file contains the resource records for hosts in the zone. A reverse mapping file contains records that provide reverse mapping of your domain name entries, enabling you to map from IP addresses to domain names. The name of the file used for the zone file can be any name. The name of the file is specified in the zone statement's file entry in the named.conf file. If your server supports several zones, you may want to use a name that denotes the specific zone. Most systems use the domain name as the name of the zone file. For example, the zone mytrek.com would have a zone file also called mytrek.com. These could be placed in a subdirectory called zones or master. The zone file used in the following example is called mytrek.com. The reverse mapping file can also be any name, though it is usually the reverse IP address domain specified in its corresponding zone file. For example, in the case of mytrek.com zone file, the reverse mapping file might be called 192.168.0, the IP address of the mytrek.com domain defined in the mytrek.com zone file. This file would contain reverse mapping of all the host addresses in the domain, allowing their hostname addresses to be mapped to their corresponding IP addresses. In addition, BIND sets up a cache file and a reverse mapping file for the localhost. The cache file holds the resource records for the root name servers to which your name server connects. The cache file can be any name, although it is usually called named.ca. The localhost reverse mapping file holds reverse IP resource records for the local loopback interface, localhost. Although localhost can be any name, it usually has the name named.local.
A zone file holds resource records that follow a certain format. The file begins with general directives to define default domains or to include other resource record files. These are followed by a single SOA record, name server and domain resource records, and then resource records for the different hosts. Comments begin with a semicolon and can be placed throughout the file. The @ symbol operates like a special macro, representing the domain name of the zone to which the records apply. The @ symbol is used in the first field of a resource or SOA record as the zone's domain name. Multiple names can be specified using the * matching character. The first field in a resource record is the name of the domain to which it applies. If the name is left blank, the previous explicit name entry in another resource record is automatically used. This way, you can list several entries that apply to the same host without having to repeat the hostname. Any host or domain name used throughout this file that is not terminated with a period has the zone's domain appended to it. For example, if the zone's domain is mytrek.com and a resource record has only the name rabbit with no trailing period, the zone's domain is automatically appended to it, giving you rabbit.mytrek.com. Be sure to include the trailing period whenever you enter the complete fully qualified domain name as in turtle.mytrek.com..
You can also use several directives to set global attributes. $ORIGIN sets a default domain name to append to address names that do not end in a period. $INCLUDE includes a file. $GENERATE can generate records whose domain or IP addresses differ only by an iterated number. The $ORIGIN directive is often used to specify the root domain to use in address records. Be sure to include the trailing period. The following example sets the domain origin to mytrek.com and will be automatically appended to the lizard host name that follows.
$ORIGIN mytrek.com. lizard IN A 192.168.0.2
A zone file begins with an SOA record specifying the machine the name server is running on, among other specifications. The @ symbol is used for the name of the SOA record, denoting the zone's domain name. After the SOA, the name server resource records (NS) are listed. Just below the name server records are resource records for the domain itself. Resource records for host addresses (A), aliases (CNAME), and mail exchangers (MX) follow. The next example shows a sample zone file, which begins with an SOA record and is followed by an NS record, resource records for the domain, and then resource records for individual hosts:
; Authoritative data for turle.mytrek.com ; @ IN SOA turtle.mytrek.com. hostmaster.turtle.mytrek.com.( 93071200 ; Serial number 10800 ; Refresh 3 hours 3600 ; Retry 1 hour 3600000 ; Expire 1000 hours 86400 ) ; Minimum 24 hours IN NS turtle.mytrek.com. IN A 192.168.0.1 IN MX 10 turtle.mytrek.com. IN MX 15 rabbit.mytrek.com. turtle IN A 192.168.0.1 IN HINFO PC-686 LINUX gopher IN CNAME turtle.mytrek.com. ftp IN CNAME turtle.mytrek.com. www IN A 192.168.0.1 rabbit IN A 192.168.0.2 lizard IN A 192.168.0.3 IN HINFO MAC MACOS localhost IN A 127.0.0.1
The first two lines are comments about the server for which this zone file is used. Notice that the first two lines begin with a semicolon. The class for each of the resource records in this file is IN, indicating these are Internet records. The SOA record begins with an @ symbol that stands for the zone's domain. In this example, it is mytrek.com. Any host or domain name used throughout this file that is not terminated with a period has this domain appended to it. For example, in the following resource record, turtle has no period, so it automatically expands to turtle.mytrek.com. The same happens for rabbit and lizard. These are read as rabbit.mytrek.com and lizard.mytrek.com. Also, in the SOA, notice that the e-mail address for hostmaster uses a period instead of an @ symbol; @ is a special symbol in zone files and cannot be used for any other purpose.
The next resource record specifies the name server for this zone. Here, it is mytrek.com. Notice the name for this resource record is blank. If the name is blank, a resource record inherits the name from the previous record. In this case, the NS record inherits the value of @ in the SOA record, its previous record. This is the zone's domain, and the NS record specifies turtle.mytrek.com as the name server for this zone.
IN NS turtle.mytrek.com.
Here the domain name is inherited. The entry can be read as the following. Notice the trailing period at the end of the domain name:
mytrek.com. IN NS turtle.mytrek.com.
The following address records set up an address for the domain itself. This is often the same as the name server, in this case 192.168.0.1 (the IP address of turtle.mytrek.com). This enables users to reference the domain itself, rather than a particular host in it. A mail exchanger record follows that routes mail for the domain to the name server. Users can send mail to the mytrek.com domain and it will be routed to turtle.mytrek.com.
IN A 192.168.0.1
Here the domain name is inherited. The entry can be read as the following:
mytrek.com. IN A 192.168.0.1
The next records are mail exchanger (MX) records listing turtle.mytrek.com and fast.mytrek.com as holding the mail servers for this zone. You can have more than one mail exchanger record for a host. More than one host may exist through which mail can be routed. These can be listed in mail exchanger records for which you can set priority rankings (a smaller number ranks higher). In this example, if turtle.mytrek.com cannot be reached, its mail is routed through rabbit.mytrek.com, which has been set up also to handle mail for the mytrek.com domain:
IN MX 100 turtle.mytrek.com. IN MX 150 rabbit.mytrek.com.
Again the domain name is inherited. The entries can be read as the following:
mytrek.com. IN MX 100 turtle.mytrek.com. mytrek.com. IN MX 150 rabbit.mytrek.com.
The following resource record is an address record (A) that associates an IP address with the fully qualified domain name turtle.mytrek.com. The resource record name holds only turtle with no trailing period, so it is automatically expanded to turtle.mytrek.com. This record provides the IP address to which turtle.mytrek.com can be mapped.
turtle IN A 192.168.0.1
Several resource records immediately follow that have blank names. These inherit their names from the preceding full record—in this case, turtle.mytrek.com. In effect, these records also apply to that host. Using blank names is an easy way to list additional resource records for the same host (notice that an apparent indent occurs). The first record is an information record, providing the hardware and operating system for the machine.
IN HINFO PC-686 LINUX
If you are using the same machine to run several different servers, such as Web, FTP, and Gopher servers, you may want to assign aliases to these servers to make accessing them easier for users. Instead of using the actual domain name, such as turtle.mytrek.com, to access the Web server running on it, users may find using the following is easier: for the Web server, www.mytrek.com; for the Gopher server, gopher.mytrek.com; and for the FTP server, ftp.mytrek.com. In the DNS, you can implement such a feature using alias records. In the example zone file, two CNAME alias records exist for the turtle.mytrek.com machine: FTP and Gopher. The next record implements an alias for www using another address record for the same machine. None of the name entries ends in a period, so they are appended automatically with the domain name mytrek.com. www.mytrek.com, ftp.mytrek.com, and gopher.mytrek.com are all aliases for turtle.mytrek.com. Users entering those URLs automatically access the respective servers on the turtle.mytrek.com machine.
Address and mail exchanger records are then listed for the two other machines in this zone: rabbit.mytrek.com and lizard.mytrek.com. You could add HINFO, TXT, MINFO, or alias records for these entries. The file ends with an entry for localhost, the special loopback interface that allows your system to address itself.
This is the same file using IPv6 addresses. The addresses are site-local (FEC0), instead of global (3), providing private network addressing. The loopback device is represented by the IPv6 address ::1. The A6 IPv6 address records are used.
; Authoritative data for turle.mytrek.com, IPv6 version ; @ IN SOA turtle.mytrek.com. hostmaster.turtle.mytrek.com.( 93071200 ; Serial number 10800 ; Refresh 3 hours 3600 ; Retry 1 hour 3600000 ; Expire 1000 hours 86400 ) ; Minimum 24 hours IN NS turtle.mytrek.com. IN A6 FEC0::8:800:200C:417A IN MX 10 turtle.mytrek.com. IN MX 15 rabbit.mytrek.com. turtle IN A6 FEC0::8:800:200C:417A IN HINFO PC-686 LINUX gopher IN CNAME turtle.mytrek.com. ftp IN CNAME turtle.mytrek.com. www IN A6 FEC0::8:800:200C:417A rabbit IN A6 FEC0::FEDC:BA98:7654:3210 lizard IN A6 FEC0::E0:18F7:3466:7D IN HINFO MAC MACOS localhost IN A6 ::1
Reverse name lookups are enabled using a reverse mapping file. Reverse mapping files map fully qualified domain names to IP addresses. This reverse lookup capability is unnecessary, but it is convenient to have. With reverse mapping, when users access remote hosts, their domain name addresses can be used to identify their own host, instead of only the IP address. The name of the file can be anything you want. On most current distributions, it is the zone's domain address (the network part of a zone's IP address). For example, the reverse mapping file for a zone with the IP address of 192.168.0.1 is 192.168.0. Its full pathname would be something like /var/named/192.168.0. On some systems using older implementations of BIND, the reverse mapping filename may consist of the root name of the zone file with the extension .rev. For example, if the zone file is called mytrek.com, the reverse mapping file would be called something like mytrek.rev.
In IPv4, the zone entry for a reverse mapping in the named.conf file uses a special domain name consisting of the IP address in reverse, with an IN-ADDR.ARPA extension. This reverse IP address becomes the zone domain referenced by the @ symbol in the reverse mapping file. For example, the reverse mapping zone name for a domain with the IP address of 192.168.43 would be 43.168.192.IN-ADDR.ARPA. In the following example, the reverse domain name for the domain address 192.168.0 is 1.168.192.IN-ADDR.ARPA:
zone "1.168.192.IN-ADDR.ARPA" in { type master; file "192.168.0"; };
A reverse mapping file begins with an SOA record, which is the same as that used in a forward mapping file. Resource records for each machine defined in the forward mapping file then follow. These resource records are PTR records that point to hosts in the zone. These must be actual hosts, not aliases defined with CNAME records. Records for reverse mapping begin with a reversed IP address. Each segment in the IP address is sequentially reversed. Each segment begins with the host ID, followed by reversed network numbers. If you list only the host ID with no trailing period, the zone domain is automatically attached. In the case of a reverse mapping file, the zone domain as specified in the zone statement is the domain IP address backward. The 1 expands to 1.1.168.192. In the following example, turtle and lizard inherit the domain IP address, whereas rabbit has its address explicitly entered:
; reverse mapping of domain names 1.168.192.IN-ADDR.ARPA ; @ IN SOA turtle.mytrek.com. hostmaster.turtle.mytrek.com.( 92050300 ; Serial (yymmddxx format) 10800 ; Refresh 3hHours 3600 ; Retry 1 hour 3600000 ; Expire 1000 hours 86400 ) ; Minimum 24 hours @ IN NS turtle.mytrek.com. 1 IN PTR turtle.mytrek.com. 2.1.168.192 IN PTR rabbit.mytrek.com. 3 IN PTR lizard.mytrek.com.
In IPv6, reverse mapping can be handled either with the current IP6.ARPA domain format or with the older IP6.INT format. With IP6.ARPA, the address is represented by a bit level representation that places the hexadecimal address within brackets. The first bracket is preceded by a backslash. The address must be preceded by an x indicating that it is a hexadecimal address. Following the address is a number indicating the number of bits referenced. In a 128-bit address, usually the first 64 bits reference the network address and the last 64 bits are for the interface address. The following example shows the network and interface addresses for lizard.
FEC0:0000:0000:0000:00E0:18F7:3466:007D lizard IPv6 address \[xFEC0000000000000/64] lizard network address \[x00E018F73466007D/64] lizard interface address
The zone entry for a reverse mapping in the named.conf file with an IP6.ARPA extension would use the bit-level representation for the network address.
zone "\[xfec0000000000000/64].IP6.ARPA" in { type master; file "fec.ip6.arpa"; };
A reverse mapping file then uses the same bit level format for the interface addresses.
@ IN SOA turtle.mytrek.com. hostmaster.turtle.mytrek.com.( 92050300 ; Serial (yymmddxx format) 10800 ; Refresh 3hHours 3600 ; Retry 1 hour 3600000 ; Expire 1000 hours 86400 ) ; Minimum 24 hours @ IN NS turtle.mytrek.com. \[x00080800200C417A/64] IN PTR turtle.mytrek.com. \[xFEDCBA9876543210/64] IN PTR rabbit.mytrek.com. \[x00E018F73466007D/64] IN PTR lizard.mytrek.com.
The older IP6.INT format uses a nibble format for the IPv6 address. The hexadecimal address is segmented into each hex number, separated by a period and written in reverse. This gives you 32 hex numbers in reverse order. The IP6.INT version for the lizard address is shown here.
FEC0:0000:0000:0000:00E0:18F7:3466:007D lizard IPv6 address 0.0.0.0.0.0.0.0.0.0.0.0.0.c.e.f lizard network address D.7.0.0.6.6.4.3.7.F.8.1.0.E.0.0 lizard interface address
The zone entry for a reverse mapping in the named.conf file with an IP6.INT extension would use the reverse nibble format for the network address.
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.c.e.f.IP6.INT" in { type master; file "fec.ip6.int"; };
The reverse zone file then uses the reverse nibble format for each interface address.
@ IN SOA turtle.mytrek.com. hostmaster.turtle.mytrek.com.( 92050300 ; Serial (yymmddxx format) 10800 ; Refresh 3hHours 3600 ; Retry 1 hour 3600000 ; Expire 1000 hours 86400 ) ; Minimum 24 hours $ORIGIN 0.0.0.0.0.0.0.0.0.0.0.0.0.c.e.f IN NS turtle.mytrek.com. A.7.1.4.C.0.0.2.0.0.8.0.8.0.0.0 IN PTR turtle.mytrek.com. 0.1.2.3.4.5.6.7.8.9.A.B.C.D.E.F IN PTR rabbit.mytrek.com. D.7.0.0.6.6.4.3.7.F.8.1.0.E.0.0 IN PTR lizard.mytrek.com.
A localhost reverse mapping file implements reverse mapping for the local loopback interface known as localhost, whose network address is 127.0.0.1. This file can be any name. On most systems, localhost is given the name named.local. On other systems, localhost may use the network part of the IP address, 127.0.0. This file allows mapping the domain name localhost to the localhost IP address, which is always 127.0.0.1 on every machine. The address 127.0.0.1 is a special address that functions as the local address for your machine. It allows a machine to address itself. In the zone statement for this file, the name of the zone is 0.0.127.IN-ADDR.ARPA. The domain part of the IP address is entered in reverse order, with IN-ADDR.ARPA appended to it, 0.0.127.IN-ADDR.ARPA. The named.conf entry is shown here:
zone "0.0.127.IN-ADDR.ARPA" { type master; file "named.local"; };
The name of the file used for the localhost reverse mapping file is usually named.local, though it can be any name. The NS record specifies the name server the localhost should use. This file has a PTR record that maps the IP address to the localhost. The 1 used as the name expands to append the zone domain—in this case, giving you 1.0.0.127, a reverse IP address. The contents of the named.local file are shown here. Notice the trailing periods for localhost:
@ IN SOA localhost. root.localhost. ( 1997022700 ; Serial 28800 ; Refresh 14400 ; Retry 3600000 ; Expire 86400 ) ; Minimum IN NS turtle.mytrek.com. 1 IN PTR localhost.
In IPv6, local host reverse mapping is specified using the reverse of the IPv6 localhost address. This address consists of 31 zeros and a 1, which can be written in shorthand as ::1, where :: represents the sequence of 31 zeros. With IPv6 IP6.ARPA format, these can be written in a bit level format, where the first 64 bits consist of a network address of all zeros, and the interface address has the value 1.
0000:0000:0000:0000:0000:0000:0000:0001 locahost IPv6 address \[x00000000000000000000000000000001/128] localhost address
In the named.conf file, the IP6.ARPA localhost entry would look like this.
zone "\[x00000000000000000000000000000001/64].IP6.ARPA" in { type master; file "192.168.0"; };
In the localhost reverse mapping file, the localhost entry would appear like this.
\[x0000000000000001/64] IN PTR localhost.
For the older IP6.INT format, the localhost entry would use the same network address of zeros, but the localhost reverse mapping file would use a nibble format for the address, as shown here.
1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 IN PTR localhost.
< Day Day Up > |
This HTML Help has been published using the chm2web software. |