´ÙÀ½ ÀÌÀü Â÷·Ê

3. ij½Ã Àü¿ë ³×ÀÓ ¼­¹ö(Caching only name server)

DNS ¼³Á¤ÀÇ Ã¹ ´Ü°è·Î ´ÙÀ̾ó¾÷ »ç¿ëÀÚ¿¡°Ô ¸Å¿ì À¯¿ëÇÏ´Ù.

ij½Ã Àü¿ë ³×ÀÓ ¼­¹ö(Caching only name server)´Â ³×ÀÓ Äõ¸®ÀÇ ÀÀ´äÀ» ãÀº ÈÄ ±â¾ïÇØ µÎ¾ú´Ù°¡ ´ÙÀ½ ¹ø¿¡ ÇÊ¿äÇÒ ¶§ °ð ¹Ù·Î ÀÀ´äÇÑ´Ù. ƯÈ÷, Á¢¼Ó ȸ¼±ÀÌ ´À¸° °æ¿ì¿¡´Â ±â´Ù¸®´Â ½Ã°£À» »ó´çÈ÷ ÁÙ¿© ÁÙ °ÍÀÌ´Ù.

¿ì¼± /etc/named.conf ÆÄÀÏÀÌ ÇÊ¿äÇÏ´Ù. named°¡ ½ÃÀÛÇϸ鼭 ÀÌ ÆÄÀÏÀ» ÀÐ¾î µéÀδÙ. ´çÀåÀº ´Ü¼øÈ÷ ¾Æ·¡¿Í °°ÀÌ ÆíÁýÇϵµ·Ï ÇÏÀÚ.


// Config file for caching only name server

options {
        directory "/var/named";

        // Uncommenting this might help if you have to go through a
        // firewall and things are not working out:

        // query-source port 53;
};

zone "." {
        type hint;
        file "root.hints";
};

zone "0.0.127.in-addr.arpa" {
        type master;
        file "pz/127.0.0";
};

`directory'´Â ÆÄÀÏÀ» ¾îµð¿¡¼­ ã¾Æ¾ß ÇÏ´ÂÁö named¿¡°Ô ¾Ë·Á ÁØ´Ù. ÀÌÈÄ ³ª¿À´Â ÆÄÀϵéÀº ¸ðµÎ ÀÌ µð·ºÅ丮¿¡ ´ëÇÑ »ó´ë °æ·ÎÀÌ´Ù. ±×·¯¹Ç·Î pz´Â /var/named µð·ºÅ丮ÀÇ ÇÏÀ§ µð·ºÅ丮ÀÌ´Ù. Áï, /var/named/pzÀÌ´Ù. /var/named´Â Linux File system Standard¿¡ ¸í½ÃµÈ µð·ºÅ丮ÀÌ´Ù.

/var/named/root.hints¶ó´Â ÆÄÀÏÀÇ À̸§À» ¿©±â¿¡ Àû¾î ÁØ´Ù. /var/named/root.hints ÆÄÀÏÀÇ ³»¿ëÀº ´ÙÀ½°ú °°´Ù.


.                       6D IN NS        G.ROOT-SERVERS.NET.
.                       6D IN NS        J.ROOT-SERVERS.NET.
.                       6D IN NS        K.ROOT-SERVERS.NET.
.                       6D IN NS        L.ROOT-SERVERS.NET.
.                       6D IN NS        M.ROOT-SERVERS.NET.
.                       6D IN NS        A.ROOT-SERVERS.NET.
.                       6D IN NS        H.ROOT-SERVERS.NET.
.                       6D IN NS        B.ROOT-SERVERS.NET.
.                       6D IN NS        C.ROOT-SERVERS.NET.
.                       6D IN NS        D.ROOT-SERVERS.NET.
.                       6D IN NS        E.ROOT-SERVERS.NET.
.                       6D IN NS        I.ROOT-SERVERS.NET.
.                       6D IN NS        F.ROOT-SERVERS.NET.

G.ROOT-SERVERS.NET.     5w6d16h IN A    192.112.36.4
J.ROOT-SERVERS.NET.     5w6d16h IN A    198.41.0.10
K.ROOT-SERVERS.NET.     5w6d16h IN A    193.0.14.129
L.ROOT-SERVERS.NET.     5w6d16h IN A    198.32.64.12
M.ROOT-SERVERS.NET.     5w6d16h IN A    202.12.27.33
A.ROOT-SERVERS.NET.     5w6d16h IN A    198.41.0.4
H.ROOT-SERVERS.NET.     5w6d16h IN A    128.63.2.53
B.ROOT-SERVERS.NET.     5w6d16h IN A    128.9.0.107
C.ROOT-SERVERS.NET.     5w6d16h IN A    192.33.4.12
D.ROOT-SERVERS.NET.     5w6d16h IN A    128.8.10.90
E.ROOT-SERVERS.NET.     5w6d16h IN A    192.203.230.10
I.ROOT-SERVERS.NET.     5w6d16h IN A    192.36.148.17
F.ROOT-SERVERS.NET.     5w6d16h IN A    192.5.5.241

ÀÌ ÆÄÀÏÀº ÀÎÅͳÝÀÇ ·çÆ® ³×ÀÓ ¼­¹öµéÀ» ÁöÁ¤ÇÏ°í ÀÖ´Ù. ¹Ù²î´Â °æ¿ì°¡ ÀÖÀ¸¹Ç·Î Àß °ü¸®ÇÏ¿©¾ß ÇÑ´Ù. ÃÖ½ÅÀ¸·Î À¯ÁöÇÏ´Â ¹æ¹ýÀº À¯Áö º¸¼ö Àý¸¦ Âü°íÇÑ´Ù.

±× ´ÙÀ½Àº ÀÌ ÆÄÀÏÀÇ ¸¶Áö¸· Á¸(zone)ÀÌ´Ù. »ç¿ë¹ýÀº ´ÙÀ½ Àå¿¡¼­ ¼³¸íÇϱâ·Î ÇÏ°í Áö±ÝÀº ±×³É pz µð·ºÅ丮¿¡ 127.0.0 ÆÄÀÏÀ» ¸¸µç´Ù.


@               IN      SOA     ns.linux.bogus. hostmaster.linux.bogus. (
                                1       ; Serial
                                8H      ; Refresh
                                2H      ; Retry
                                1W      ; Expire
                                1D)     ; Minimum TTL
                        NS      ns.linux.bogus.
1                       PTR     localhost.

/etc/resolv.conf ÆÄÀÏÀ» ´ÙÀ½°ú °°ÀÌ ÆíÁýÇÑ´Ù.


search subdomain.your-domain.edu your-domain.edu
nameserver 127.0.0.1

`search'´Â »ç¿ëÀÚ°¡ È£½ºÆ® ¸í¸¸ ÀÔ·ÂÇÑ °æ¿ì¿¡ °Ë»öÇÒ µµ¸ÞÀÎÀ» ÁöÁ¤ÇÑ´Ù. `nameserver'´Â »ç¿ëÇÒ ³×ÀÓ ¼­¹ö¸¦ ³ªÅ¸³½´Ù. ÀÌ °æ¿ì¿¡´Â ³×ÀÓ¼­¹ö¸¦ Á÷Á¢ ¿î¿µÇϹǷΠ»ç¿ëÀÚ ÄÄÇ»ÅÍÀÇ IP ÁÖ¼Ò¸¦ Àû´Â´Ù. (127.0.0.1À» Àû¾î ÁÖ¸é ¹®Á¦°¡ ¾ø´Ù. »ç¿ëÀÚ ÄÄÇ»ÅÍ¿¡ ´Ù¸¥ IP ÁÖ¼Ò°¡ ¾ø´Â °æ¿ì¿¡µµ ¹®Á¦¾øÀÌ ÀÛµ¿ÇÑ´Ù.) ³×ÀÓ ¼­¹ö¸¦ ¿©·¯ °³ »ç¿ëÇÏ·Á´Â °æ¿ì¿¡´Â `nameserver' ¶óÀÎÀ» ¿©·¯ ¶óÀÎ µÎ¸é µÈ´Ù. (Âü°í:Named´Â ÀÌ ÆÄÀÏÀ» ÀÐÁö ¾Ê´Â´Ù. named¸¦ ÀÌ¿ëÇÏ´Â resolver°¡ ÀÌ ÆÄÀÏÀ» »ç¿ëÇÑ´Ù.)

ÀÌ ÆÄÀÏÀÇ ÀÛµ¿ ¹æ½Ä: Ŭ¶óÀ̾ðÆ®°¡ foo¸¦ Á¶È¸ÇÏ´Â °æ¿ì ¸ÕÀú foo.subdomain.your-domain.edu¸¦ ã´Â´Ù. ´ÙÀ½À¸·Î foo.your-fomain.edu¸¦ ã°í ¸¶Áö¸·À¸·Î foo¸¦ ã´Â´Ù. Ŭ¶óÀ̾ðÆ®°¡ sunsite.unc.edu¸¦ Á¶È¸ÇÏ´Â °æ¿ì¿¡´Â ¸ÕÀú sunsite.unc.edu.subdomain.your-domain.eduÀ» ã´Â´Ù. (¹°·Ð ¸ÛûÇϱä ÇÏÁö¸¸ ÀÌ·¸°Ô µ¿ÀÛÇÑ´Ù.) ´ÙÀ½À¸·Î sunsite.unc.edu.your-domain.edu¸¦ ã°í ¸¶Áö¸·À¸·Î sunsite.unc.edu¸¦ ã´Â´Ù. search ¶óÀο¡ µµ¸ÞÀÎÀÌ ³Ê¹« ¸¹Àº¸é °Ë»ö ½Ã°£ÀÌ ²Ï ±æ¾îÁö°Ô µÇ¹Ç·Î search¿¡ µµ¸ÞÀÎÀ» ¸¹ÀÌ µÎÁö ¾Ê´Â °ÍÀÌ ÁÁ´Ù.

ÀÌ ¿¹¿¡¼­ »ç¿ëÀÚ°¡ ¼ÓÇÑ µµ¸ÞÀÎÀÌ subdomain.your-domain.edu¶ó°í °¡Á¤ÇÑ´Ù. ±×·¯¸é »ç¿ëÀÚÀÇ ÄÄÇ»ÅÍ´Â your-machine.subdomain.your-domain.edu°¡ µÉ °ÍÀÌ´Ù. `search' ¶óÀο¡ ÀÚ½ÅÀÌ ¼ÓÇÑ µµ¸ÞÀÎÀÇ TLD(Top Level Domain, ¿©±â¼­´Â `edu')ÀÌ Æ÷ÇÔµÇÁö ¾Êµµ·Ï ÁÖÀÇÇÑ´Ù. ´Ù¸¥ µµ¸ÞÀο¡ ¼ÓÇÑ È£½ºÆ®¿¡ ÀÚÁÖ Á¢¼ÓÀ» ÇÑ´Ù¸é ´ÙÀ½Ã³·³ `search'¿¡ °è¼ÓÇؼ­ Ãß°¡ÇÏ´Â °Íµµ ³ª»ÚÁö´Â ¾Ê´Ù.


search subdomain.your-domain.edu your-domain.edu other-domain.com

¿¹¿Í ¶È°°ÀÌ ¼³Á¤ÇÏÁö ¸»°í °¢ÀÚ ½ÇÁ¦·Î »ç¿ëÇÏ´Â µµ¸ÞÀÎ ¸íÀ» ¸í½ÃÇÑ´Ù. µµ¸ÞÀÎ ¸íÀÇ ³¡¿¡ Á¡(period)ÀÌ ¾ø´Ù´Â °Í¿¡µµ À¯ÀÇÇÑ´Ù.

´ÙÀ½ ´Ü°è´Â libcÀÇ ¹öÀü¿¡ µû¶ó ¾à°£ ´Þ¶óÁö´Âµ¥, /etc/nsswitch.conf ¶Ç´Â /etc/host.conf ÆÄÀÏÀ» ÆíÁýÇÑ´Ù. º¹ÀâÇÏ°Ô »ý°¢ÇÒ °Í ¾øÀÌ ÇöÀç ÄÄÇ»ÅÍ¿¡ nsswitch.conf¶ó´Â ÆÄÀÏÀÌ ÀÖÀ¸¸é ±× ÆÄÀÏÀ» ÆíÁýÇÏ°í, ¾øÀ¸¸é host.conf ÆÄÀÏÀ» ÆíÁýÇÑ´Ù.

/etc/nsswitch.conf

ÀÌ ÆÄÀÏÀº ¾à°£ ±ä ÆÄÀÏ·Î ¾î¶² ÆÄÀÏÀ̳ª µ¥ÀÌŸº£À̽º·ÎºÎÅÍ ¿©·¯ Á¾·ùÀÇ Á¤º¸(È£½ºÆ® ¸í, ¾ÏÈ£, ½¦µµ¿ì ¾ÏÈ£, ±×·ì Á¤º¸, ¾Ë¸®¾Æ½º Á¤º¸ µî)¸¦ ¾ò¾î ¿Í¼­ »ç¿ëÇÒ °ÍÀÎÁö¸¦ ÁöÁ¤ÇÑ´Ù. º¸Åë ÆÄÀÏ ½ÃÀÛ ºÎºÐ¿¡ µµ¿ò¸»ÀÌ ÀÖÀ¸¹Ç·Î ÀÐ¾î º¸¸é ÆíÁýÇÏ´Â µ¥¿¡ µµ¿òÀÌ µÈ´Ù. Áö±Ý ´çÀå ÀÐ¾î º¸±â ¹Ù¶õ´Ù. `hosts:·Î ½ÃÀÛÇÏ´Â ¶óÀÎÀ» ã¾Æ º¸ÀÚ. ´ÙÀ½°ú °°Àº ¶óÀÎÀÌ ÀÖÀ¸¸é Á¤»óÀÌ´Ù.


hosts:      files dns

`hosts:'·Î ½ÃÀÛÇÏ´Â ¶óÀÎÀÌ ¾ø´Â °æ¿ì¿¡´Â À§¿Í °°ÀÌ Ãß°¡Çϵµ·Ï ÇÑ´Ù. ÇÁ·Î±×·¥ÀÌ ÁÖ¼Ò¸¦ Á¶È¸ÇÒ ¶§ ¸ÕÀú /etc/hosts ÆÄÀÏÀ» °Ë»çÇÏ°í ±× ÆÄÀÏ¿¡¼­ ãÁö ¸øÇÏ´Â °æ¿ì resolv.conf¿¡ ¸í½ÃµÈ DNS¿¡¼­ ÁÖ¼Ò¸¦ ã´Â´Ù.

/etc/host.conf

ÀÌ ÆÄÀÏÀº º¸Åë ¿©·¯ ¶óÀÎÀ¸·Î ±¸¼ºµÇ´Âµ¥, order·Î ½ÃÀÛÇÏ´Â ¶óÀÎÀÌ ÀÖ¾î¾ß ÇÑ´Ù. ÀϹÝÀûÀ¸·Î´Â ¾Æ·¡¿Í °°´Ù¸é Á¤»óÀÌ´Ù.


order hosts,bind

`order'·Î ½ÃÀÛÇÏ´Â ¶óÀÎÀÌ ¾ø´Â °æ¿ì¿¡´Â À§ÀÇ ¶óÀÎÀ» »ðÀÔÇÑ´Ù. ¸ÕÀú /etc/hosts ÆÄÀÏÀ» ã¾Æ º¸°í ¾øÀ¸¸é ³×ÀÓ ¼­¹ö(resolv.conf ÆÄÀÏ¿¡¼­ 127.0.0.1·Î ÁöÁ¤ÇÏ¿´´Ù)¿¡¼­ ÁÖ¼Ò¸¦ ã´Â´Ù´Â ÀǹÌÀÌ´Ù. ¸®´ª½º ¹èÆ÷ÆÇ¿¡´Â ´ëºÎºÐ ÀÌ µÎ ÆÄÀÏÀ» resolv(8) ¸ÇÆäÀÌÁö(`man 8 resolv'¸¦ ½ÇÇàÇØ º»´Ù.)¿¡¼­ ¼³¸íÇÏ°í ÀÖ´Ù. That man page is IMHO readable, and everyone, especially DNS admins, should read it. Do it now, if you say to yourself "I'll do it later" you'll never get around to it.

3.1 named ½ÇÇà

ÀÌÁ¦ named¸¦ ½ÌÇàÇÏ¸é µÈ´Ù. ÀüÈ­ Á¢¼Ó »ç¿ëÀÚÀÎ °æ¿ì¿¡´Â ¿ì¼± ÀüÈ­¸¦ °É¾î Á¢¼ÓÀ» Çϵµ·Ï ÇÑ´Ù. `ndc start'¸¦ ÀÔ·ÂÇÏ°í ¿£Å͸¦ ´©¸¥´Ù. ´Ù¸¥ ¿É¼ÇÀº ÇÊ¿ä ¾ø´Ù. Àß ¾ÈµÅ¸é `/usr/sbin/ndc start'¸¦ ½ÇÇàÇÑ´Ù. ±×·¡µµ ÀÌ»óÇÏ´Ù¸é qanda ÀýÀ» Âü°íÇÑ´Ù. ÀÌÁ¦ Á¤»óÀûÀ¸·Î ÀÛµ¿ÇÏ´ÂÁö ½ÃÇèÇØ º¸ÀÚ. named°¡ ½ÃÀÛÇÏ´Â µ¿¾È message ÆÄÀÏÀÇ ³»¿ëÀ» »ìÆì º¸ÀÚ. º¸Åë messages ÆÄÀÏÀº /var/adm/messages ÆÄÀÏÀÌÁö¸¸, °æ·Î°¡ /var/logÀÎ °æ¿ì°¡ ÀÖÀ¸¸ç, ÆÄÀϸíÀÌ syslogÀÎ °æ¿ìµµ ÀÖ´Ù. tail -f /var/log/messages ¸í·ÉÀ¸·Î ³»¿ëÀ» È®ÀÎÇÒ ¼ö Àִµ¥, È®ÀÎ °á°ú°¡ ¾Æ·¡¿Í °°´Ù¸é Á¤»óÀÌ´Ù.

(`\'´Â ´ÙÀ½ÁÙ°ú ¿¬°á µÇ¾úÀ½À» ¶æÇÑ´Ù.)

Feb 15 01:26:17 roke named[6091]: starting.  named 8.1.1 Sat Feb 14 \
  00:18:20 MET 1998 ^Ijanl@roke.uio.no:/var/tmp/bind-8.1.1/src/bin/named
Feb 15 01:26:17 roke named[6091]: cache zone "" (IN) loaded (serial 0)
Feb 15 01:26:17 roke named[6091]: master zone "0.0.127.in-addr.arpa" \
  (IN) loaded (serial 1)
Feb 15 01:26:17 roke named[6091]: listening [127.0.0.1].53 (lo)
Feb 15 01:26:17 roke named[6091]: listening [129.240.230.92].53 (ippp0)
Feb 15 01:26:17 roke named[6091]: Forwarding source address is [0.0.0.0].1040
Feb 15 01:26:17 roke named[6092]: Ready to answer queries.

¿¡·¯ ¸Þ½ÃÁö°¡ º¸À̸é Áß°£¿¡ ¹º°¡ ½Ç¼ö°¡ ÀÖ´Ù´Â ¶æÀÌ´Ù. ¼³Á¤ÇÒ ¶§ ½Ç¼öÇÑ ÆÄÀϸí(named.conf³ª root.hintsÀÏ °ÍÀÌ´Ù)À» named°¡ º¸¿© ÁÙ °ÍÀÌ´Ù. named¸¦ Á×ÀÌ°í ±× ÆÄÀÏÀ» Á¡°ËÇÑ´Ù.

ÀÌÁ¦ nslookupÀ¸·Î named°¡ Á¤»óÀûÀ¸·Î ÀÛµ¿ÇÏ´ÂÁö Á¡°ËÇÒ Â÷·ÊÀÌ´Ù.

$ nslookup
Default Server:  localhost
Address:  127.0.0.1

>

À§¿Í °°´Ù¸é Á¦´ë·Î µÈ °ÍÀÌ´Ù. ±×·¯±â¸¦ ¹Ù¶õ´Ù. ±×·¸Áö ¾Ê´Ù¸é óÀ½ºÎÅÍ ´Ù½Ã °Ë»çÇÑ´Ù. named.conf¸¦ ¼öÁ¤ÇÒ ¶§¸¶´Ù ndc restart ¸í·ÉÀ¸·Î named¸¦ Àç½ÃÀÛ½ÃÄÑ¾ß ÇÑ´Ù.

ÀÌÁ¦ Äõ¸®¸¦ ÀÔ·ÂÇÒ ¼ö ÀÖ´Ù. ±Ùó¿¡ ÀÖ´Â ÄÄÇ»Å͸¦ ã¾Æ º¸ÀÚ. Oslo ´ëÇп¡ ÀÖ´Â pat.uio.no°¡ ÀúÀÚ¿¡°Ô´Â pat.uio.no°¡ °¡±õ´Ù.

> pat.uio.no
Server:  localhost
Address:  127.0.0.1

Name:    pat.uio.no
Address:  129.240.130.16

nslookupÀÌ ¿©·¯ºÐÀÌ ¼³Á¤ÇÑ named¿¡°Ô pat.uio.no ÄÄÇ»Å͸¦ ãµµ·Ï ¿äûÇß´Ù. ±×·¡¼­ named´Â root.hints ÆÄÀÏ¿¡ ÀÖ´Â ³×ÀÓ ¼­¹ö Áß Çϳª¿¡ Á¢¼ÓÇÑ ÈÄ ±× ÀÀ´äÀ» ¹Þ¾Ò´Ù. /etc/resolv.conf¿¡ ½á ³ÖÀº µµ¸ÞÀεéÀ» ¸ðµÎ °Ë»öÇϱ⠶§¹®¿¡ ±×¸¸Å­ ½Ã°£ÀÌ °É¸± °ÍÀÌ´Ù.

¶È°°Àº ¿äûÀ» ´Ù½Ã ÇÑ´Ù¸é ´ÙÀ½ ó·³ º¸ÀÏ °ÍÀÌ´Ù.

> pat.uio.no
Server:  localhost
Address:  127.0.0.1

Non-authoritative answer:
Name:    pat.uio.no
Address:  129.240.2.50

`Non-authoritative answer:' ¶óÀο¡ À¯ÀÇÇÏÀÚ. ÀÌ ¶óÀÎÀº ¿ÜºÎ·Î ³ª°¡Áö ¾Ê°í ´ë½Å ij½Ã¸¦ °Ë»çÇÏ¿© ã¾Æ ¿ÔÀ½À» ¶æÇÑ´Ù. ±×·¯³ª ij½Ã¿¡ ³²¾Æ ÀÖ´Â Á¤º¸´Â ¿À·¡µÇ¾î ½ÇÁ¦·Î´Â º¯°æµÈ °æ¿ìµµ ÀÖ´Ù. ±×·¡¼­ °æ°íÀÇ ¶æÀ¸·Î `Non-authorative answer:'¸¦ º¸¿© ÁØ´Ù. ¾î¶² È£½ºÆ®¿¡ ´ëÇØ µÎ ¹ø° ÁúÀÇÇßÀ» ¶§ nslookupÀÌ ÀÌ ¸Þ½ÃÁö¸¦ º¸¿© Áشٸé, named°¡ Á¤º¸¸¦ ij½Ã¿¡ ÀúÀåÇÏ¿´´Ù°¡ »ç¿ëÇÑ´Ù´Â ¶æÀÌ´Ù. Áï, Á¤»óÀûÀ¸·Î ÀÛµ¿ÇÑ´Ù´Â ¶æÀÌ´Ù. `exitÀ» ÀÔ·ÂÇÏ¿© nslookupÀ» Á¾·áÇÑ´Ù.

ÀÌÁ¦ ij½Ã Àü¿ë DNS(Caching Only DNS) ¼³Á¤ ¹æ¹ýÀ» ¾Ë¾Ò´Ù. ÀÚÃàÇÏ´Â ¶æÀ¸·Î ¸ÆÁÖ³ª ¿ìÀ¯¸¦ ÇÑ ÀÜÇÏ´Â °Ç ¾î¶³±î?


´ÙÀ½ ÀÌÀü Â÷·Ê