- Linux Networking Cookbook
- Gregory Boyce
- 494字
- 2021-07-02 16:32:45
Setting up your system to talk to a nameserver
In the previous chapter, we did some basic testing of your network connection by pinging other hosts by IP address directly. However, I'm sure you'd rather not visit web pages by requesting them by IP address, rather than by the domain name. This problem is solved using a recursive DNS server to resolve the hostnames into IP addresses, which your computer can then connect to.
How to do it…
Let's set up a DNS server to resolve the hostnames into IP addresses:
- Configuring Linux to use a DNS server is very easy. Just add a single line to
/etc/resolv.conf:nameserver 8.8.8.8
- You may also want to add a domain line, which will allow you to access things by their hostname rather than by their fully qualified domain name (FQDN). For example, domain
example.orginresolv.confwill allow you to pingmail.example.orgas just mail.
If your system uses DHCP for receiving its IP address, then the content of this file can be managed through the configuration of the DHCP server. This makes easier management of nameserver IPs and domains on your network possible.
How it works…
The nameserver line in /etc/resolv.conf provides the IP address of a nameserver that your system is allowed to query against. In this particular example, we're using 8.8.8.8, which is a publicly available recursive DNS server owned and operated by Google. You may also want to consider using a nameserver provided by OpenDNS or one provided by your ISP. A properly configured recursive nameserver is restricted to only allow queries from the intended users, so you'll want to make sure that you're either using one intended for the general public or one intended specifically for you.
When your system attempts to contact a site, such as www.example.org, the browser will attempt to see if the matching IP address already exists in the browser's hostname cache.
If it does not, it issues a gethostbyname request to the local C library, which then checks its local configuration in /etc/nsswitch.conf to determine how lookups should be performed. You may find something similar to hosts: files dns in that file, which indicates that for finding host information, you should first look at local files, such as /etc/hosts, and you should check DNS if that fails.
Assuming that you didn't have a matching entry in /etc/hosts, your C library's stub DNS resolver will look in /etc/resolv.conf for the IP address of your DNS server and will then send a DNS query with recursion enabled over UDP port 53 to the listed DNS server. The server will check its local cache for an answer and will issue queries to the various authoritative nameservers, starting with the nameservers of the DNS root (.), followed by org, and then finally, example. The nameservers, for example, will pass back the IP address associated with www.example.org to your recursive nameserver, which will then pass it back to you.