All notes
Dns

Basics

At sign @.
RFC 1035 defines the format of a DNS zone file, on page 34 of which you'll find: "A free standing @ is used to denote the current origin." This means that @ is a shortcut for the name defined with $ORIGIN, which denotes root, e.g. it's mydomain.com. StackOverflow: what's the meaning of @.
NS record
如果需要把子域名交给其他DNS服务商解析,就需要添加NS记录。比如需要将www.123.com的解析授权给其他DNS服务器,只需要在主机记录处填写www即可。
主机记录“@”不能做NS记录,授权出去的子域名不会影响其他子域名的正常解析。
A
Used to record IPv4 address.
AAAA
Used to record IPv6 address.
MX Record
一般情况下是要做[email protected]的邮箱,所以主机记录一般是留空的;如果主机记录填mail,邮箱地址会变为[email protected]
TXT record
如果希望对域名进行标识和说明,可以使用TXT记录,绝大多数的TXT记录是用来做SPF记录(反垃圾邮件)。SPF: sender policy framework. GoogleSupport: SPF.
比如需要添加www.123.com的TXT记录,只需要在主机记录处填写www即可;如果只是想添加123.com的TXT记录,主机记录直接留空,系统会自动填一个“@”到输入框内)。
记录值并没有固定的格式,不过大部分时间,TXT记录是用来做SPF反垃圾邮件的。最典型的spf格式的txt记录例子为“v=spf1 a mx ~all”,表示只有这个域名的a记录和mx记录中的ip地址有权限使用这个域名发送邮件。 DNSPodKB.

隐性转发:用的是iframe框架技术,非重定向技术;效果为浏览器地址栏输入http://a.com 回车,打开网站内容是目标地址http://www.dnspod.cn 的网站内容,但地址栏显示当前地址http://a.com 。注:目标地址不允许被嵌套时,则不能使用隐性转发(如QQ空间,不能使用隐性转发)。
显性转发:用的是301重定向技术;效果为浏览器地址栏输入http://a.com 回车,打开网站内容是目标地址http://www.dnspod.cn 的网站内容,且地址栏显示目标地址http://www.dnspod.cn 。DNSPod.

Installation

Bind on CentOS

Ref.
Scenario:

  1. Install: yum install bind* -y
  2. Edit /etc/named.conf.
    • In options, add server IP as "listen-on port 53 {127.0.0.1; serverIP}".
    • Add subnet mask as "allow-query { localhost; 192.168.1.0/24; }"
    • Add another DNS server. For primary server, and secondarydns's IP here: "allow-transfer { localhost; 192.168.10.101; }"
    • Add zone file path in options:
      	zone"unixmen.local" IN {
      	type master;
      	file "forward.unixmen";
      	allow-update { none; };
      	};
      	zone"1.168.192.in-addr.arpa" IN {
      	type master;
      	file "reverse.unixmen";
      	allow-update { none; };
      	};
      	
  3. Create Zone files in /var/named directory. For example:

    /var/named/forward.unixmen:
    $TTL 86400
    @   IN  SOA     masterdns.unixmen.local. root.unixmen.local. (
            2011071001  ;Serial
            3600        ;Refresh
            1800        ;Retry
            604800      ;Expire
            86400       ;Minimum TTL
    )
    @       IN  NS          masterdns.unixmen.local.
    @       IN  NS          secondarydns.unixmen.local.
    @       IN  A           192.168.1.100
    @       IN  A           192.168.1.101
    @       IN  A           192.168.1.102
    masterdns       IN  A   192.168.1.100
    secondarydns    IN  A   192.168.1.101
    client          IN  A   192.168.1.102
    
    /var/named/reverse.unixmen
    $TTL 86400
    @   IN  SOA     masterdns.unixmen.local. root.unixmen.local. (
            2011071001  ;Serial
            3600        ;Refresh
            1800        ;Retry
            604800      ;Expire
            86400       ;Minimum TTL
    )
    @       IN  NS          masterdns.unixmen.local.
    @       IN  NS          secondarydns.unixmen.local.
    @       IN  PTR         unixmen.local.
    masterdns       IN  A   192.168.1.100
    secondarydns    IN  A   192.168.1.101
    client          IN  A   192.168.1.102
    100     IN  PTR         masterdns.unixmen.local.
    101     IN  PTR         secondarydns.unixmen.local.
    102     IN  PTR         client.unixmen.local.
    
  4. Start DNS service: service named start; chkconfig named on
  5. Adjust iptables:
    -A INPUT -p udp -m state --state NEW --dport 53 -j ACCEPT
    -A INPUT -p tcp -m state --state NEW --dport 53 -j ACCEPT
    
  6. Test:
    named-checkconf /etc/named.conf
    named-checkzone unixmen.local /var/named/forward.unixmen 
    named-checkzone unixmen.local /var/named/reverse.unixmen 
    
  7. Test DNS server
    dig masterdns.unixmen.local
    nslookup unixmen.local