asgxe.htm

apache技术手册

<HTML>

<HEAD>

<TITLE>Apache Server Survival Guide asgxe.htm </TITLE>

<LINK REL="ToC" HREF="index.htm" tppabs="http://docs.rinet.ru:8080/Apachu/index.htm">

<LINK REL="Index" HREF="htindex.htm" tppabs="http://docs.rinet.ru:8080/Apachu/htindex.htm">

<LINK REL="Previous" HREF="asgxd.htm" tppabs="http://docs.rinet.ru:8080/Apachu/asgxd.htm"></HEAD>

<BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#800080">
<!--#exec cmd="/www/docs/ssi-bin/restricted_search.ssi"-->





<!--#exec cmd="/www/docs/ssi-bin/inc.ssi"-->






<A NAME="I0"></A>

<H2>Apache Server Survival Guide asgxe.htm</H2>

<P ALIGN=LEFT>

<A HREF="asgxd.htm" tppabs="http://docs.rinet.ru:8080/Apachu/asgxd.htm" TARGET="_self"><IMG SRC="purprev.gif" tppabs="http://docs.rinet.ru:8080/Apachu/purprev.gif" WIDTH = 32 HEIGHT = 32 BORDER = 0 ALT="Previous Page"></A>

<A HREF="index.htm" tppabs="http://docs.rinet.ru:8080/Apachu/index.htm" TARGET="_self"><IMG SRC="purtoc.gif" tppabs="http://docs.rinet.ru:8080/Apachu/purtoc.gif" WIDTH = 32 HEIGHT = 32 BORDER = 0 ALT="TOC"></A>


<HR ALIGN=CENTER>

<P>

<UL>

<UL>

<UL>

<LI>

<A HREF="#E68E279" >DNS: the Domain Name System</A>

<LI>

<A HREF="#E68E280" >What Is DNS?</A>

<UL>

<LI>

<A HREF="#E69E294" >Top-Level Domain Designations in the United States</A>

<LI>

<A HREF="#E69E295" >Geographical Domain Designations</A></UL>

<LI>

<A HREF="#E68E281" >How named Works</A>

<LI>

<A HREF="#E68E282" >Running Your Own Domain Name Server</A>

<LI>

<A HREF="#E68E283" >DNS Configuration Files</A>

<UL>

<LI>

<A HREF="#E69E296" >Reverse Lookups: IP to Hostname, the IN-ADDR.ARPA Domain</A>

<LI>

<A HREF="#E69E297" >SOA Record</A>

<LI>

<A HREF="#E69E298" >NS Records</A>

<LI>

<A HREF="#E69E299" >Address and Alias Records</A></UL>

<LI>

<A HREF="#E68E284" >The db.IP File</A>

<UL>

<LI>

<A HREF="#E69E300" > PTR Records</A>

<LI>

<A HREF="#E69E301" >The Loopback Interface</A>

<LI>

<A HREF="#E69E302" >The named.root File</A>

<LI>

<A HREF="#E69E303" >The /etc/named.boot File</A></UL>

<LI>

<A HREF="#E68E285" >Starting named</A>

<LI>

<A HREF="#E68E286" >Testing Your Name Server</A>

<LI>

<A HREF="#E68E287" >Configuring a Secondary Name Server</A>

<LI>

<A HREF="#E68E288" >Configuring Hosts in Your Network to Use the Name Server</A>

<LI>

<A HREF="#E68E289" >Summary</A></UL></UL></UL>

<HR ALIGN=CENTER>

<A NAME="E66E21"></A>

<H1 ALIGN=CENTER>

<CENTER>

<FONT SIZE=6 COLOR="#FF0000"><B>E</B></FONT></CENTER></H1>

<BR>

<A NAME="E67E28"></A>

<H2 ALIGN=CENTER>

<CENTER>

<FONT SIZE=6 COLOR="#FF0000"><B>DNS and BIND Primer</B></FONT></CENTER></H2>

<BR>

<P>The Internet is a vast collection of networks. Before a computer can talk to another, it needs an address. This address typically takes the form of a name because names are easier for people to remember. Computers, on the other hand, prefer numbers.

<BR>

<P>Without the Domain Name System (DNS), your computer would need to have a huge address book of names and addresses that included every computer on the Internet. If you wanted to send e-mail to a user at host.foo.com, the system would have to figure out that you wanted to talk to the machine at address 1.2.3.4 and do its thing.

<BR>

<P>This approach has several problems, including the following:

<BR>

<UL>

<LI>Your address book would always have to be up-to-date. An old address book would not have entries that were recently added; or worse, if a host changed addresses, you would no longer be able to communicate with that host.

<BR>

<BR>

<LI>Your address book would have to include every address for every system that you wanted to communicate with.

<BR>

<BR>

<LI>No two hosts could share the same name.

<BR>

<BR>

</UL>

<P>What a mess! Believe it or not, this was the way that it was until 1984. A large host table (HOSTS.TXT) was maintained in one server at the Stanford Research Institute Network Information Center (the NIC). With more and more networks going online, it became almost impossible to keep the host list up-to-date. Before the list would be downloaded by all hosts, someone would have introduced a change that would require downloading yet another new list!

<BR>

<P>Vestiges of this address book are still used by your system to look up hosts in your local network&#151; the /etc/hosts file.

<BR>

<BR>

<A NAME="E68E279"></A>

<H3 ALIGN=CENTER>

<CENTER>

<FONT SIZE=5 COLOR="#FF0000"><B>DNS: the Domain Name System</B></FONT></CENTER></H3>

<BR>

<P>A new system developed by Paul Mockapetris of USC's Information Sciences Institute was proposed as a replacement for HOSTS.TXT. Mockapetris's system addressed the network-load and consistency problems that the infamous HOSTS.TXT system had. Mockapetris's system boasted the following capabilities:

<BR>

<OL>

<LI>The elimination of the single repository for host information would eliminate network traffic problems caused by network administrators downloading an updated version of the HOSTS.TXT file.

<BR>

<BR>

<LI>It would also introduce a name-based domain system, where each domain would have its own internal context; thus allowing for hosts in different domains to have the same name.

<BR>

<BR>

<LI>And most importantly, it would allow for delegation of host information management. The responsibility for managing each network and each network's subdomain was handed to the local administrator for the zone in question, which made the task of keeping information up-to-date much more manageable. Local host information could be made available globally through the client/server nature of the system, insuring that each request was answered with reliable data from an authoritative source.

<BR>

<BR>

</OL>

<P>The original DNS system was described in the 1983 Request for Comment (RFC) documents 882 and 883. Both have been updated and superseded in 1987 by RFCs 1034 and 1035, and again in 1990 by RFCs 1101 and 1183, which implement the current specification of the DNS. In software, DNS is implemented on UNIX systems as the Berkeley Internet Name Domain (BIND) system. BIND is shipped in almost every UNIX box.

<BR>

<P>The current BIND release is composed of several programs including: named, named-xfer, named.restart, named.reload, ndc, nslookup, and the resolver libraries. The resolver libraries provide routines for programs to query DNS name servers, so you can design programs that make use of the DNS. Here's a list of the entire distribution and what each does:

<BR>



<TABLE  BORDERCOLOR=#000040 BORDER=1 CELLSPACING=2 WIDTH="80%" CELLPADDING=2 >

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

dig

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

A domain information groper; a command line tool that can be used to gather information from a DNS server. It has zillions of options.

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

dnsquery

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

A program that uses the BIND resolver library calls to query name servers.

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

host

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

A program that does reverse DNS lookups. Instead of specifying a hostname to find its IP address, you supply the IP, and host returns the hostname.

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

named-xfer

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

A tool for doing zone transfers. Usually this program is called by other software. It can also be used to debug a zone transfer problem. But more than likely you won't use it at all.

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

named

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

The Internet domain name server daemon, and the focus of my attention in this appendix.

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

named.reload

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

A convenience program to restart the named daemon and force the server to reload and update its database files, if necessary. This program uses a hangup (SIGHUP) signal.

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

named.restart

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

A convenience program to restart the named daemon and to force the server to reload and update its database files, if necessary. This program kills the name server by using a kill (SIGKILL) signal and then starts a new server.

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

ndc

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

A cool program that allows you to send various signals to the named daemon. This command allows you to monitor the status of the server as well as to force database reloads. It has many other options.</FONT>

</TABLE><BR>

<A NAME="E68E280"></A>

<H3 ALIGN=CENTER>

<CENTER>

<FONT SIZE=5 COLOR="#FF0000"><B>What Is DNS?</B></FONT></CENTER></H3>

<BR>

<P>DNS is a distributed database. By distributed I mean that no single repository contains complete information regarding other domains. A program called <I>name server</I> is responsible for implementing the server portion of the equation. When a machine is configured to use DNS, client programs making calls to the gethostbyname() and gethostbyaddr() library routines use the <I>resolver</I> library. This library allows them to query a name server across a network instead of looking up information in the /etc/host file.

<BR>

<P>The structure of the Internet domain system is similar to that of the UNIX file system. There's a root domain and a series of directories called<I> top-level domains</I>. In turn, top-level domains are composed of other subdirectories or subdomains. Each domain or subdomain is separated by a dot (.). Each second-level domain can have up to 26 characters. Subdomain labels can have up to 63 characters in length. The root domain is null, meaning there's no label, and is usually represented by empty quotes (&quot;&quot;). Unlike a file path, domain names are written and read from the bottom up:

<BR>

<BR>

<PRE>

<FONT COLOR="#000080"><I>host.subdomain.domain.topleveldomain</I></FONT></PRE>

<P>The <I>host</I> label is the name of the machine.

<BR>

<P>The <I>subdomain</I> label is a subdivision of a domain. Typically subdomains are used to create logical groupings of machines to match some internal organization criteria. Don't be surprised if you ever see more than one subdomain. As a matter of fact, subdomains are common under geographical domain designations.

<BR>

<P>The <I>domain</I> is the domain name of the organization, usually matching the organization's name, such as IBM, APPLE, and NEXT.

<BR>

<P>The <I>topleveldomain</I> is a classification of the domain.

<BR>

<BR>

<A NAME="E69E294"></A>

<H4 ALIGN=CENTER>

<CENTER>

<FONT SIZE=4 COLOR="#FF0000"><B>Top-Level Domain Designations in the United States</B></FONT></CENTER></H4>

<BR>



<TABLE  BORDERCOLOR=#000040 BORDER=1 CELLSPACING=2 WIDTH="80%" CELLPADDING=2 >

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

COM

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Reserved for commercial organizations such as Digital Equipment Corporation (digital.com) or Hewlett-Packard Corporation (hp.com).

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

EDU

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Used by educational organizations such as the University of Wisconsin (uw.edu).

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

GOV

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Used by U.S. government organizations and agencies such as NASA (nasa.gov) or the Federal Bureau of Investigation (fbi.gov).

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

MIL

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Reserved for use by the U.S. Armed Forces such as the Air Force (af.mil) or the Navy (navy.mil).

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

NET

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Reserved for networking organizations and leased line providers such as Internet Connect (inc.net), a regional Internet service provider in Wisconsin.

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

ORG

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Reserved for noncommercial organizations such as the popular Electronic Frontier Foundation (eff.org).

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

INT

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

International organizations such as NATO (nato.int)

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

ARPA

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

This is a historical domain that was used during transition from the host tables to the DNS. Organizations and networks originally found under this domain have since migrated to their appropriate locations on one of the previous subdomains.</FONT>

</TABLE>
<P>
<a href="javascript:if(confirm('http://docs.rinet.ru:8080/Apachu/efig01.gif  \n\nThis file was not retrieved by Teleport Pro, because it was redirected to an invalid location.  You should report this problem to the site\'s webmaster.  \n\nDo you want to open it from the server?'))window.location='http://docs.rinet.ru:8080/Apachu/efig01.gif'" tppabs="http://docs.rinet.ru:8080/Apachu/efig01.gif"><B>Fig. E.1. <I>The U.S. Top-Level Domains. Domains are shown in ovals. A machine is shown as a box</I></B></A>
<P>This statement is actually not the full truth. The original classifications originated before the Internet became an international entity. Given its incredible and unexpected success everywhere, additional classifications emerged&#151;geographical designations.

<BR>

<BR>

<A NAME="E69E295"></A>

<H4 ALIGN=CENTER>

<CENTER>

<FONT SIZE=4 COLOR="#FF0000"><B>Geographical Domain Designations</B></FONT></CENTER></H4>

<BR>

<P>Geographical designations follow the ISO 3166 standard, which establishes a two-letter abbreviation for country names. The only inconsistency is Great Britain, which goes by UK instead of GB. The United States also has a geographical designation, US, which is not yet as widely used as the others. The U.S. geographical domain is supposed to accommodate U.S. state and local government agencies, schools, libraries, museums, and individuals.

<BR>

<P>Geographical domains are at the same hierarchical level as the standard U.S. domains and are properly registered with the NIC. However, administration of those domains is handled by different organizations in various countries.

<BR>

<P>The subdomains for the U.S. domain follow postal abbreviation's conventions for the states and territories. Each state can then further subdomain according to an individual city name, locale, plus the hostname.

<BR>

<P>In addition to the state subdomains, there are two other categories: FED for agencies of the federal government and DNI for Distributed National Institutes or organizations that span state, regional, and other organization boundaries that are national in scope.

<BR>

<P>Within each state's subdomain there are <I>locality</I> names. These can be cities, counties, or local names. The locality can be a CI for city or CO for county:

<BR>

<P><I>hostname</I>.CI.<I>locality</I>.<I>state</I>.US -&gt; pear.CI.CEDARBURG.WI.US

<BR>

<P><I>hostname</I>.CO.<I>locality</I>.<I>state</I>.US -&gt; apple.CO.MILWAUKEE.WI.US

<BR>

<P>A state subdomain, groups the following subdomains:

<BR>



<TABLE  BORDERCOLOR=#000040 BORDER=1 CELLSPACING=2 WIDTH="80%" CELLPADDING=2 >

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

K12

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

For public schools. Private schools add the PVT name, <I>schoolname</I>.PVT.K12.<I>state</I>.US.

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

CC

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

For community colleges: <I>collegename</I>.CC.<I>state</I>.US.

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

TEC

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

For technical colleges: <I>collegename</I>.TEC.<I>state</I>.US.

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

LIB

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

For libraries: <I>library</I>.LIB.<I>state</I>.US.

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

STATE

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

For state government agencies: <I>agency</I>.STATE.<I>state.</I>US.

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

GEN

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

For General Independent Entity. For anything that doesn't fit in the other categories.</FONT>

</TABLE>
<P>
<a href="javascript:if(confirm('http://docs.rinet.ru:8080/Apachu/efig02.gif  \n\nThis file was not retrieved by Teleport Pro, because it was redirected to an invalid location.  You should report this problem to the site\'s webmaster.  \n\nDo you want to open it from the server?'))window.location='http://docs.rinet.ru:8080/Apachu/efig02.gif'" tppabs="http://docs.rinet.ru:8080/Apachu/efig02.gif"><B>Fig. E.2. <I>The U.S domain. Notice that other countries and standard U.S top level domains share the same level.</I></B></A>
<P><A NAME="I2"></A>Table E.1 lists all the top-level domains known at the time of this writing. However, this may be outdated by now. This table is a reflection on the dynamics of our world: New countries are formed, and new countries join the Internet community.

<BR>

<BR>

<P ALIGN=CENTER>

<CENTER>

<FONT COLOR="#000080"><A NAME="I3"></A><A NAME="I4"></A><A NAME="I5"></A><A NAME="I6"></A><A NAME="I7"></A><A NAME="I8"></A><A NAME="I9"></A><A NAME="I10"></A><A NAME="I11"></A><A NAME="I12"></A><A NAME="I13"></A><B>Table E.1. Geographical domains.</B></FONT></CENTER>

<BR>



<TABLE  BORDERCOLOR=#000040 BORDER=1 CELLSPACING=2 WIDTH="80%" CELLPADDING=2 >

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

<I>Domain</I>

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

<I>Country or Organization</I>

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

AD

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Andorra

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

AE

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

United Arab Emirates

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

AF

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Afghanistan

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

AG

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Antigua and Barbuda

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

AI

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Anguilla

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

AL

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Albania

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

AM

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Armenia

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

AN

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Netherlands Antilles

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

AO

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Angola

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

AQ

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Antarctica

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

AR

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

Argentina

</FONT>

<TR>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

AS

</FONT>

<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>

American Samoa