0260-0262.html

来自「linux-unix130.linux.and.unix.ebooks130 l」· HTML 代码 · 共 379 行

<HTML>
<HEAD>
<TITLE>Developer.com - Online Reference Library - 0672311739:RED HAT LINUX 2ND EDITION:TCP/IP Network Management</TITLE>
<META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW">
<SCRIPT>
<!--
function displayWindow(url, width, height) {
        var Win = window.open(url,"displayWindow",'width=' + width +
',height=' + height + ',resizable=1,scrollbars=yes');
}
//-->
</SCRIPT>
</HEAD>

 -->


<!-- ISBN=0672311739 //-->
<!-- TITLE=RED HAT LINUX 2ND EDITION //-->
<!-- AUTHOR=DAVID PITTS ET AL //-->
<!-- PUBLISHER=MACMILLAN //-->
<!-- IMPRINT=SAMS PUBLISHING //-->
<!-- PUBLICATION DATE=1998 //-->
<!-- CHAPTER=13 //-->
<!-- PAGES=0243-0298 //-->
<!-- UNASSIGNED1 //-->
<!-- UNASSIGNED2 //-->




<P><CENTER>
<a href="0257-0259.html">Previous</A> | <a href="../ewtoc.html">Table of Contents</A> | <a href="0263-0265.html">Next</A>
</CENTER></P>

<A NAME="PAGENUM-260"><P>Page 260</P></A>






<P>The resolver library enables client programs to perform DNS queries. This library is built
into the standard library under Linux.
</P>




<P>nslookup is a utility invoked from the command line to ensure both the resolver and the
DNS server being queried are configured correctly.
nslookup does this by resolving either a hostname into an IP address or an IP address into a domain name. To use
nslookup, simply provide the address you want to resolve as the parameter to
nslookup&#151;for example,
</P>


<!-- CODE SNIP //-->
<PRE>
nslookup rane.domain.com
</PRE>
<!-- END CODE SNIP //-->





<P>The result should look something like this:</P>


<!-- CODE //-->
<PRE>
[root@vestax /root]# nslookup rane.domain.com
Server: numark.domain.com
Address: 192.168.42.1

Non-authoritative answer:
Name: rane.domain.com
Address: 192.168.42.8
</PRE>
<!-- END CODE //-->





<P>The traceroute utility allows you to determine the path a packet is taking across your
network and into other networks. This is very useful for debugging network connection problems,
especially when you suspect the trouble is located in someone else's network.
</P>




<P>Using the ICMP protocol (same as ping),
traceroute looks up each machine along the path to a destination host and displays the corresponding name and IP address for that site. With
each name is the number of milliseconds each of the three tiers took to get to the destination.
</P>




<P>To use traceroute, use the destination hostname or
IP address as the parameter&#151;for example,
</P>


<!-- CODE SNIP //-->
<PRE>
traceroute www.hyperreal.org
</PRE>
<!-- END CODE SNIP //-->





<P>would return something similar to the following:</P>


<!-- CODE //-->
<PRE>
traceroute to hyperreal.org (204.62.130.147), 30 hops max, 40 byte packets
 1  fe0-0.cr1.NUQ.globalcenter.net (205.216.146.77)  0.829 ms  0.764 ms  0.519 ms
 2  pos6-0.cr2.SNV.globalcenter.net (206.251.0.30)  1.930 ms  1.839 ms  1.887 ms
 3  fe1-0.br2.SNV.globalcenter.net (206.251.5.2)  2.760 ms  2.779 ms  2.517 ms
 4  sl-stk-17-H10/0-T3.sprintlink.net (144.228.147.9)  5.117 ms  6.160 ms  6.109 ms
 5  sl-stk-14-F0/0.sprintlink.net (144.228.40.14)  5.453 ms  5.985 ms  6.157 ms
 6  sl-wired-2-S0-T1.sprintlink.net (144.228.144.138)  10.987 ms  25.130 ms  11.831
         &Acirc;ms
 7  sf2-s0.wired.net (205.227.206.22)  30.453 ms  15.800 ms  21.220 ms
 8  taz.hyperreal.org (204.62.130.147)  16.745 ms  14.914 ms  13.018 ms
</PRE>
<!-- END CODE //-->





<P>If you see any start characters (such as *) instead of a hostname, that machine may likely
be unavailable for a variety of reasons (network failure and firewall protection being the
most common). Also be sure to note the time it takes to get from one site to another. If you feel
your connection is going excessively slow, it might just be one connection in the middle that is
slowing you down and not the site itself.
</P>




<P>traceroute is also a good way to measure the connectivity of a site.
If you are in the process of evaluating an ISP, try doing a traceroute
from its site to a number of other sites, especially to
</P>

<A NAME="PAGENUM-261"><P>Page 261</P></A>



<P>large communications companies such as Sprint
(www.sprint.net) and MCI. Count how many hops as well as how much time per hop it takes to reach its network. This is often
reasonable grounds for comparing one ISP to another.
</P>




<H4><A NAME="ch13_ 19">
Configuring DNS Servers
</A></H4>




<P>As mentioned earlier, DNS comes in three flavors: primary,
secondary, and caching.
</P>




<P>Primary DNS is the most authoritative of the three. When a DNS server is primary for a
domain, it is considered to have the most up-to-date records for all the hosts in that site.
</P>




<P>Secondary DNS is not quite as authoritative as primary, but it is considered
authoritative. Typically, backup or offsite DNS servers for a domain are configured as secondary; hence,
they don't receive the updates as quickly as the primary servers do. For all practical purposes
though, they are considered authoritative.
</P>




<P>Caching DNS servers are not authoritative at all. When a query is made to a caching server
for the first time, the query is forwarded to an authoritative server. If that server is not
authoritative over the domain being queried, the request is forwarded until the authoritative server
answers the query and returns it back to the caching server. The caching server keeps the entry
in its local cache and continues to return that answer until the entry expires.
</P>




<P>All DNS servers should be configured to perform caching functions.
</P>




<P>Depending on your site's configuration, you might not even need a nameserver of your
own. For instance, if you are connecting to an already existing network, there might already be
a nameserver for you to use. On the other hand, if you are setting up a new department,
you might want to set up a caching server for your local machines to reduce load on your
site's primary server.
</P>

<CENTER>
<TABLE BGCOLOR="#FFFF99">
<TR><TD><B>
TIP
</B></TD></TR>
<TR><TD>
<BLOCKQUOTE>
If you plan on setting up and using a PPP connection, you should definitely set up your
own caching DNS server. This will reduce the load on your PPP
connection.
</BLOCKQUOTE></TD></TR>
</TABLE></CENTER>
<BR>

<H4>The /etc/named.boot File
</H4>




<P>This is the file that is read in when named is started. Each line in the
named.boot file begins with a keyword or a semicolon indicating that line to be a comment. The format of the file is
</P>


<!-- CODE //-->
<PRE>
; Comments begin with the semicolon
directory   directory_name
cache    .            filename
primary     domain    filename
secondary   domain    ip_addr filename
forwarders  ip_addr   [...]
</PRE>
<!-- END CODE //-->


<A NAME="PAGENUM-262"><P>Page 262</P></A>




<P>The directory keyword tells named where any filenames mentioned in the configuration
are located in the system.
</P>




<P>The cache keyword makes named perform caching functions. The file listed at the end of
the cache line contains a list of all the root DNS servers on the Internet. These root servers
are needed to prime named's cache. You can get the latest list of root servers from the InterNIC
at ftp://rs.internic.net/domain/named.cache.
</P>




<P>Lines beginning with primary indicate that the server is a primary DNS server for the
listed domain. The entries for that server are listed in the file noted at the end of the line.
</P>




<P>As you can predict, lines beginning with
secondary make named behave as a secondary DNS server for the specified
domain. This entry requires two parameters for a given domain: the
IP address of the primary server and the file into which it should cache the entries pulled from
the primary server. Depending on how the primary server is configured, the cached data is
updated periodically via a zone transfer.
</P>




<P>The forwarders line tells named to whom DNS queries should be forwarded if it cannot
resolve queries on its own. If you are running a caching-only server, this should be your secondary
or primary server for your site. If you are primary for your site, this should forward to your
ISP's DNS server.
</P>




<H4><A NAME="ch13_ 20">
Primary Nameserver Configuration Files
</A></H4>




<P>As shown in the preceding section, the primary line in the
/etc/named.boot file points to a file that contains the information needed by
named in order to be primary for the specified
domain. The file format for these configuration files are unfortunately a bit tricky and require care
when setting up. Be especially careful with periods. A misplaced period can quickly become
difficult to track down.
</P>




<P>The format of each line in the configuration file is as follows:</P>


<!-- CODE SNIP //-->
<PRE>
name    IN    record_type    data
</PRE>
<!-- END CODE SNIP //-->





<P>name is the hostname you are dealing with. Any hostnames that do not end in a period
automatically get the domain name appended to them. The second column,
IN, is actually a parameter telling named to use the Internet class of records. Two other classes exist:
CH for ChaosNet and HS for Hesiod. ChaosNet has been long obsolete and HS was meant to be a
replacement for NIS but has been overshadowed by NIS+.
</P>




<P>The third and fourth columns, record_type and
data, respectively, indicate what kind of record you are dealing with and the parameters associated with it. There are eight possible records:
</P>




<UL>
<LI>     SOA&#151;Start of authority

<LI>     NS&#151;Nameserver

<LI>     A&#151;Address record

<LI>     PTR&#151;Pointer record
</UL>


<P><CENTER>
<a href="0257-0259.html">Previous</A> | <a href="../ewtoc.html">Table of Contents</A> | <a href="0263-0265.html">Next</A>
</CENTER></P>




</td>
</tr>
</table>
<!-- begin footer information -->



</body></html>