Building A Linux Ipv6 Dns Server (complete Softcopy)

Building a Linux IPv6 DNS Server

1. INTRODUCTION OVERVIEW TO OUR PROJECT IPv6 is a key cutting Edge Technology and top 4th Technology all around the world from EFY Magazine resources. It is a Top 6th Technology of Computer Networks from Network Magazine website. The project mainly deals with creating a Dual IP stack node with provision of complete support for both IPV4 and IPV6 in hosts and servers. This can be achieved by making a recursive copy of the kernel and configuring the necessary network properties to support both IPv4 and IPv6. The kernel is configured by using scripts in shell programming and C programming. The main idea of the project is configure a DNS server in Linux with IPv6 name resolution facility. The concept of encapsulation of IPv6 packets within IPv4 headers to carry then an IPv4 network simply called as IPv6 over IPv4 tunneling. Finally Resources are accessed in the network regardless of the platform. 1.2 PINPOINTS OF OUR PROJECT • Creating a new kernel from the existing kernel through kernel compilation. • Making DNS server in Linux with IPv6 support. • Providing backup of existing kernel in Linux. • DNS server can be activated or deactivated through Interactive user interface. • To promote sharing of files from Windows to Linux or vice versa.

Page 1

Building a Linux IPv6 DNS Server 1.3 DOCTRINE OF THE REPORT ¾ Chapter 1 discusses about the Introduction, which includes overview of the project, document conventions followed in the project and brief description about the organization profile. ¾ Chapter 2 discusses about the Literature Survey, which includes details about the problem definition, existing system, and proposed system of our project. ¾ Chapter 3 discusses about the System Specification for our project. Basically it consists of hardware and software requirements and network service profiles for our project. ¾ Chapter 4 discusses the System design for our project have the following components such as data flow diagram and other design considerations and issues while designing the system. ¾ Chapter 5 discusses about the System Implementation for our project. It consists of Brief account of project modules. ¾ Chapter 6 discusses the System Testing for our project which have testing strategies and errors which we have faced while designing the system. ¾ Chapter 7 discusses the Conclusion and scope for future enhancement for our project. ¾ Chapter 8 discusses about the References of our project having the following criteria such as RFCs, Bibliography, Websites, HowTo guides, FTP sites, Blogs, Forums, PPT’s and PDF’s. ¾ Chapter 9 discusses the appendices of our project which consists of source codes and snapshots for our project. Page 2

Building a Linux IPv6 DNS Server

1.4 DOCUMENT CONVENTIONS MAIN SECTION TITLES Font: Time New Roman

Face: Bold

Size: 16

Face: Bold

Size: 14

Face: Normal

Size: 12

SUB SECTION TITLES Font: Times New Roman Other Text Explanations Font: Times New Roman 1.5 ORGANISATION PROFILE Maze Net Systems has emerged as IT Solutions Company and today it’s providing application migrations/solutions and re-engineering for turn key projects. Maze Net’s offerings range from software development like data warehousing, financial software services and enterprise system management solutions, with a rich talent pool of about 25 associates. Maze Net Systems has its corporate office and development centers in Chennai (India).

To be a vibrant, customer-oriented, quality driven, state of the art Technology Company Creating value to employees, customers, shareholders and society Maze Net Systems has emerged as leading global IT Solutions Company and is a leader in application migrations and application reengineering. Maze Net’s offerings range from cross-platform migrations,

Page 3

Building a Linux IPv6 DNS Server software development, and outsourced product development to application maintenance.

This consultative approach provides a risk-free, cost-effective way for an organization to design, develop, and/or maintain cutting edge information systems. Maze Net is a Quality conscious company there by assessed at CMM LEVEL 4 Certification from Software Engineering Institute.

The customer focus is intended at contributing to the creation of customer relationships that endure beyond the end of assignments while the people focus aims at building a learning organization to manage the demands of rapid technological changes.

The process focus will bring about process focus through welldefined, institutionalized processes and finally, Maze Net would also work towards improving the predictability of delivery time, effort and quality of delivery. Maze Net is on its way to CMM Level 5.

Page 4

Building a Linux IPv6 DNS Server

2. LITERATURE SURVEY 2.1 PROBLEM DEFINITION LINUX kernels up to 2.3 do not support the incorporation of IPv6 into it. Hence to build a kernel which has provision for both IPv4 and IPv6, we use kernel version 2.4. In this project, we look closely at IPv6 name resolution and provide technical support to help the user set up their own IPv6 Linux DNS server to allow IPv6 name resolution using the latest version of BIND Configuration tool. 2.2 EXISTING SYSTEM The existing IPv4 system supports DNS configuration in RedHat Linux 9 and its prior versions. The graphical tool BIND 9 and prior versions support DNS configuration of IPv4. The kernel version 2.4 and prior versions support IPv4 DNS configuration. The BIND tool was introduced to configure the IPv4 DNS after Linux 6. The existing system namely RedHat Linux 8 and BIND 8 does not support IPv6 configurations. 2.3 PROPOSED SYSTEM The proposed system is aimed at removing the drawbacks of the existing system. Our dual stack server can easily help a user to give IPv6 support to the Linux system. The project has configurations and tunneling is established through coding written in JAVA. Also, the packets are transferred from client to the server using the code and cross platform resources are achieved.

Page 5

Building a Linux IPv6 DNS Server

3. SYSTEM SPECIFICATION 3.1 HARDWARE REQUIREMENTS SERVER MACHINE

: Red Hat Enterprise / Workstation Linux v3.0 [Server Installation]

CLIENT MACHINE

: MS-Windows / Fedora core v3.0 [Client Installation]

PROCESSOR

: Intel / AMD Processors (> 533 MHz)

MAIN MEMORY

: 32MB RAM

HARD DISK

: Minimum 2GB

KEYBOARD

: 101 keys

3.2 SOFTWARE REQUIREMENTS PLATFORM USED

: RedHat Enterprise / Workstation Linux 3

SOURCE LANGUAGE

: Java, C, Shell Scripting

SHELL TYPE

: Bash

KERNEL VERSION

: 2.4 (Shrike)

KERNEL TYPE

: Stable Kernel (Open)

BIND VERSION

: 9.0

LANGUAGE TOOL KITS

: J2SDK v 1.4, Gcc Compiler

PACKAGE FORMAT

: .rpm for Linux, .exe format for Windows families.

Page 6

Building a Linux IPv6 DNS Server 3.3 SERVICE PROFILE DNS (DOMAIN NAME SERVER) Type

: System V-Managed Service

Packages : bind, bind-utils Daemons : named, rndc Script

: named

Ports

: 53(domain), 953(rndc)

Configs

: /etc/named.conf /var/named/* /etc/rndc.*

3.4 SOFTWARE DESCRIPTION About Kernel The kernel is the part of the operating system that handles the most basic functions and control interactions with the computer hardware. The Linux kernel is very modular. Each driver, for a file system or a piece of hardware, needs to be compiled into the kernel, or inserted as a module. The file /proc/file systems contain a list of all the file systems that the kernel understands.

There are two ways to get IPV6 support. The simplest is to probe the IPV6 module to the kernel (as root). If this fails, then your distribution didn’t install the IPV6 module. The second way is to recompile the kernel, yourself. This sounds like a lot of work, but isn’t that hard.

Page 7

Building a Linux IPv6 DNS Server Kernels, being the backbone of an operating system are of two types: (i) Open Kernel (ii) Closed Kernel

The open kernel is a free source and easily modifiable by any one familiar with Linux. The closed kernel is a kernel of proprietary software which cannot be modified by normal user.

The open kernel is again of two kinds: (i) Stable Kernel (2.4.20.8) (ii) Development Kernel (2.4.19.8) If the third octet of Linux Kernel Version is Even, it is called as Stable Kernel and if the third octet of Linux Kernel Version is Odd, it is known as Development Kernel.

The kernel has release, version and volume specifications each separated by a period. If the version of the kernel is even, then the kernel is pointed as a stable kernel and can be used for implementation purposes. If the version is Odd then the kernel is a development kernel and it is not advisable for implementation purposes. The Development Kernel is used for Benchmarking applications.

The Kernel versions prior to 2.3 did not have provisions for IPV6, so a Program module has to be added by recompiling the kernel. But the current versions from 2.4 have provisions to support IPv6 and are IPv6 ready kernels. Appropriate RPMS has to be enabled in the kernel. Most users won’t have to compile anything to enable IPV6 support. Page 8

Building a Linux IPv6 DNS Server Almost every Linux distribution comes with IPv6 support out of the box. For any RedHat 7.3 or RedHat 8.0 user, the user probably doesn’t have to recompile the kernel. If there is an older version of RedHat, or other distribution which doesn’t include IPv6 support, then the user has to recompile the kernel.

Why Linux? Linux is free. Like UNIX, it is very powerful and is a "real" operating system. Also, it is fairly small compared to other UNIX operating systems. Many UNIX operating systems require 500MB or more, whereas Linux can be run on as little as 150MB of space, and it can run on as little as 2MB of RAM. Realistically, though, you will want to have room for development tools, data, and so on, which can take up 250MB or more, and your RAM should be 16MB.

Here we go some of the Linux advantages: • Full multitasking - Multiple tasks can be accomplished and multiple devices can be accessed at the same time. • Virtual memory - Linux can use a portion of your hard drive as virtual memory, which increases the efficiency of your system by keeping active processes in RAM and placing less frequently used or inactive portions of memory on disk. Virtual memory also utilizes all your system's memory and doesn't allow memory segmentation to occur.

Page 9

Building a Linux IPv6 DNS Server • The X Window System - The X Window System is a graphics system for UNIX machines. This powerful interface supports many applications and is the standard interface for the industry. • Built-in networking support - Linux uses standard TCP/IP protocols, including Network File System (NFS) and Network Information Service (NIS, formerly known as YP). By connecting your system with an Ethernet card or over a modem to another system, you can access the Internet. • Shared libraries - Each application, instead of keeping its own copy of software, shares a common library of subroutines that it can call at runtime. This saves a lot of hard drive space on your system. • Compatibility with the IEEE POSIX.1 standard - Because of this compatibility, Linux supports many of the standards set forth for all UNIX systems. • Nonproprietary source code - The Linux kernel uses no code from AT&T, nor any other proprietary source. Other organizations, such as commercial companies, the GNU project, hackers, and programmers from all over the world have developed software for Linux. • Lower cost than most other UNIX systems and UNIX clones - If you have the patience and the time, you can freely download Linux off the Internet. Many books also come with a free copy. • GNU software support - Linux can run a wide range of free software available through the GNU project. This software includes everything from application development (GNU C and GNU C++) to system administration (gawk, groff, and so on), to games (for example, GNU Chess, GnuGo, NetHack).

Page 10

Building a Linux IPv6 DNS Server Why Preferably Red Hat? Red Hat Linux is the leading platform for open source computing. It runs on multiple system architectures, certified by top enterprise software and hardware vendors, and is supported for seven years. WHAT DOES IT DO? Red Hat Linux creates a reliable, secure, high-performance platform designed for today’s commercial environments—with capabilities that match or surpass those of proprietary operating systems.

Red Hat Linux is the corporate Linux standard, already at work running some of the world’s largest commercial, government, and academic institutions. Red Hat is the world’s leading supplier of commercial-strength Linux solutions. It delivers the highest levels of reliability and value coupling the innovation of open source technology and the stability of a true enterprise-class platform.

BIND – A Quick Tour BIND is the most widely used DNS server on the Internet. Red Hat Linux Uses BIND 9. It provides a stable and reliable infrastructure on which to base a domain's name and IP address associations.

BIND has gone through numerous revisions over years. The Most common BIND used since about 1995 was version 8. BIND 9 was released in September 2000. The development of BIND 9 made important improvements in security and robustness. In addition it provides IPv6 support, allows eight-bit clean names, and better multi-threading. Page 11

Building a Linux IPv6 DNS Server The Internet Software Consortium (isc.org), who all are the maintainers of BIND recommend that all users of older versions Bind upgrade to version 9 because of its greatly improved security.

An Outlook on Shell Scripting The UNIX shell program interprets user commands, which are either directly entered by the user, or which can be read from a file called the shell script or shell program. Shell scripts are interpreted, not compiled. The shell reads commands from the script line per line and searches for those commands on the system, while a compiler converts a program into machine readable form, an executable file – which may then be used in a shell script.

Apart from passing commands to the kernel, the main task of a shell is providing a user environment, which can be configured individually using shell resource configuration files.

BASH IN Nut Shell Bash is a sh-compatible shell that incorporates useful features from the Korn shell (ksh) and C shell (csh). It is intended to conform to the IEEE POSIX P1003.2/ISO 9945.2 Shell and Tools standard. Bash stands for Bourne Again Shell.

It offers functional improvements over sh for both programming and interactive use; these include command line editing, unlimited size command history, job control, shell functions and aliases, indexed arrays of unlimited size, and integer arithmetic in any base from two to sixty-four. Page 12

Building a Linux IPv6 DNS Server Bash can run most sh scripts without modification. Like the other GNU projects, the bash initiative was started to preserve, protect and promote the freedom to use, study, copy, modify and redistribute software. It is generally known that such conditions stimulate creativity. This was also the case with the bash program, which has a lot of extra features that other shells can't offer.

Luxury of C The programming language C was developed in 1972 by Dennis Ritchie at AT & T Bell Laboratory, Murray Hill, New Jersy. It was mainly influenced by the language by the languages BCPL and B. It was named as C to present it as the successor B language which was designed earlier by Ken Thompson in 1970 for the first UNIX system on the DEC PDP – 7 computer. C proved to be an excellent programming language for writing system programs; Hence, it got wide popularity especially among the programmers in research in research centers, universities and colleges. The UNIX operating system, C compiler and all UNIX applications software are written in C.

Features / Characteristics of C C is attractive and popular because of the following reasons. • General purpose language. • Structured Language. • Flexible and Powerful language. • System programming language. Page 13

Building a Linux IPv6 DNS Server • Relatively low-level language. • Machine independent and hence portable. • Memory addresses are directly accessed by pointers. • More Built-in functions. • Free format language. • Programs are made up of functions.

Java Unleashed Java is a general-purpose, object-oriented programming language developed by Sun Microsystems of USA in 1991. Originally call Oak by James Gosling; one of the inventors of the language, Java was designed for the development of software for consumer electronic devices like TVs, VCRs, toasters and such other electronic machines. This goal has a strong impact on the development team to make the language simple, portable and highly reliable.

The Java team, which included Patrick Naughton,

discovered that the existing language like C and C++ had limitations in terms of both reliability and portability.

Java is a general purpose, object – oriented programming language. We can develop two types of java programs: • Stand alone applications • Web applets

Page 14

Building a Linux IPv6 DNS Server Stand-alone applications are programs written in java to carry out certain tasks on a stand-alone local computer. In fact, java can be used to develop programs for all kinds of applications, which earlier, were developed using languages like C and C++. As pointed out earlier, Hot Java itself is java application program. Executing a stand-alone java program involves two steps. 1. Compiling source code into byte code using javac compiler 2. Executing the byte code program using java interpreter.

Applets are small java programs developed for Internet applications. An applet located on a distant computer can be downloaded via Internet and executed on a local computer using a java-capable browser. We can develop applets for doing everything from simple animated graphics to complex games and utilities.

Java Features The inventors of Java wanted to design a language, which could offer solutions to some of the problems encountered in modern programming. They wanted the language to be reliable, portable and distributed but also simple, compact and interactive. Sun Microsystems officially describes java with the following attributes: ¾ Compiled and Interpreted ¾ Platform-Independent and portable ¾ Object-oriented ¾ Robust and secure ¾ Distributed ¾ Familiar, Simple and small Page 15

Building a Linux IPv6 DNS Server ¾ Multithreaded and Interactive ¾ High Performance ¾ Dynamic and Extensible

The most striking feature of the language is that it is a platformneutral language. Java is the first programming language that is not tied to any particular hardware or operating system. Programs developed in java can be executed anywhere on any system. We can call java as a revolutionary technology because it has brought in a fundamental shift in how we develop and use programs. Nothing like this has happened to the software industry.

Swing Components The Swing components conform to the Swing architecture, which means that they are lightweight, have a pluggable look and feel and so on. Despite the plethora of features, the components are easy to use. Swing components and applications commonly present information to the user and invite the user's interaction using a GUI.

Page 16

Building a Linux IPv6 DNS Server 4. SYSTEM DESIGN 4.1 DATA FLOW DIAGRAM Data flow diagram clearly tells about the pipeline and how the modules are marshaled in the project. Start

Kernel Compilation

Lookup module (Registering the clients with server and checks the status)

Configuring IPv6 over Ipv4

Building Linux DNS Server

Cross Platform Resource Access

Stop Diagram 1. Data flow diagram

Page 17

Building a Linux IPv6 DNS Server 4.2 IPV4 HEADER IPV4 is the internet protocol version 4, the protocol in current usage. Thus, can be simply called as IP. IP is the transmission mechanism used by the TCP/IP protocols. It is an unreliable and connectionless datagram protocol – a best effort delivery service. The term best effort means that IP provides no error checking or tracking. IP assumes the unreliability of the underlying layers and does its best to get a transmission through to its destination, but with no guarantees. The transmission along a physical network can be destroyed by a number of reasons like bit errors due to noise, discarding of a datagram because of congestion in routers etc.

Diagram 2. IPv4 Header

The Components of IPv4 header are: ¾ Version Number This is a 4-bit field that contains the IP version number the protocol software is using.

Page 18

Building a Linux IPv6 DNS Server ¾ Header Length This 4-bit field reflects the total length of the IP header built by the sending machine; it is specified in 32-bit words. ¾ Type of Service The 8-bit (1 byte) Service Type field instructs IP how to process the datagram properly. ¾ Datagram Length (or Packet Length) This field gives the total length of the datagram, including the header, in bytes. ¾ Identification This field holds a number that is a unique identifier created by the sending node. ¾ Flags The Flags field is a 3-bit field, the first bit of which is left unused (it is ignored by the protocol and usually has no value written to it). ¾ Fragment Offset This enables IP to reassemble fragmented packets in the proper order. ¾ Time to Live (TTL) This field gives the amount of time in seconds that a datagram can remain on the network before it is discarded. ¾ Transport Protocol This field holds the identification number of the transport protocol to which the packet has been handed.

Page 19

Building a Linux IPv6 DNS Server ¾ Header Checksum The number in this field of the IP header is a checksum for the protocol header field (but not the data fields) to enable faster processing. ¾ Sending Address and Destination Address These fields contain the 32-bit IP addresses of the sending and destination devices. ¾ Options The Options field is optional, composed of several codes of variable length. ¾ Padding The content of the padding area depends on the options selected. The padding is usually used to ensure that the datagram header is a round number of bytes. ¾ DF It stands for don’t fragment, given as an order to the routers not to fragment the

datagram because the destination is incapable of putting

the pieces back together again. ¾ MF It stands for more fragments it is needed to know if all the fragments of the datagram have arrived.

What‘s Wrong With IPv4 ? • Address space exhaustion by year 2005 • Difficult (re-)configuration • Sophisticated, structured header • No integrated end-to-end security solution Page 20

Building a Linux IPv6 DNS Server • NAT is no longer adequate

What Can IPv6 Do Better? • Increased address space – 128 bits = 340 trillion trillion trillion addresses – (2128=340,282,366,920,938,463,463,374,607,431,768,211,456) – = 67 billion billion addresses per cm2 of the planet surface • Hierarchical address architecture – Improved address aggregation • More efficient header architecture • Neighbor discovery and autoconfiguration – Improved operational efficiency – Easier network changes and renumbering • Integrated security features

Why Not IPv5 As Successor For IPv4? On any IP header, the first 4 bits are reserved for protocol version. So theoretically a protocol number between 0 and 15 is possible: • 4: is already used for IPv4 • 5: is reserved for the Stream Protocol (STP, RFC 1819 / Internet Stream Protocol Version 2) (which never really made it to the public). The next free number was 6. Hence IPv6 was born!

Page 21

Building a Linux IPv6 DNS Server IPv6 – Key Advantages These are the prominent key advantages of IPv6 • Global addressing: – Scaling well beyond 4 trillion public endpoints – Stateless address auto-configuration • Plug and play: – Simple instant-on ad-hoc networking • Efficient mobility: – Mobile IPv6, unlike IPv4, does not need the Foreign Agent • Secure: – IPSec is a requirement and integral part of the IP layer – Anonymous addresses ensure privacy

Summary of IPv6 Benefits • Expanded addressing capabilities • Structured hierarchy to manage routing table growth • Server less auto configuration and reconfiguration • Streamlined header format and flow identification • Improved support for options / extensions

IPv6 Meets The Challenges • Enables next generation network-based applications without additional expense or expertise • Enables

deployment

of

these

applications

investment in new network infrastructure

Page 22

without

major

Building a Linux IPv6 DNS Server 4.3 IPV6 HEADER The Figure 3. Portrays the IPv6 Header Format ¾ Vers: 4-bit Internet Protocol version number: 6. ¾ Traffic class: 8-bit traffic class value. The 8-bit traffic class field allows applications to specify a certain priority for the traffic they generate, thus introducing the concept of Class of Service. ¾ Flow label: 20-bit field. IPv6 introduces the concept of a flow, which is a series of related packets from a source to a destination that requires a particular type of handling by the intervening routers. ¾ Payload length: The length of the packet in bytes (excluding thisheader) encoded as a 16-bit unsigned integer. If length is greater than 64 KB, this field is 0 and an option header (Jumbo Payload) gives the true length. ¾ Next header: Indicates the type of header immediately following the basic IP header. It may indicate an IP option header or an upper layer protocol. The protocol numbers used are the same as those used in IPv4 ¾ Hop limit: This is the IPv4 TTL field but it is now measured in hops and not seconds. It was changed for two reasons: • IP normally forwards datagrams faster than onehop per second and the TTL field is always decremented on each hop, so, in practice, it ismeasured in hops and not seconds. • Many IP implementations do not expireoutstanding datagrams on the basis of elapsed time.The packet is discarded once the hop limit is decremented to zero. ¾ Source address: A 128-bit address consists of sending address. Page 23

Building a Linux IPv6 DNS Server ¾ Destination address: A 128-bit address consists of receiving address.

Figure 1. IPv6 Header

A comparison between the IPv4 and IPv6 header formats will show that a number of IPv4 header fields have no direct equivalents in the IPv6 header.

4.4 IPV6 ADDRESSING Like IPv4, IPv6 addresses can be split into network and host parts using subnet masks. Local host Address This is a special address for the loopback interface, similiar to IPv4 with its "127.0.0.1". With IPv6, the localhost address is: 0000:0000:0000:0000:0000:0000:0000:0001 or compressed: ::1 Page 24

Building a Linux IPv6 DNS Server Packets with this address as source or destination should never leave the sending host.

Unspecified Address This is a special address like "any" or "0.0.0.0" in IPv4 . For IPv6 it's: 0000:0000:0000:0000:0000:0000:0000:0000 or: :: These addresses are mostly used/seen in socket binding (to any IPv6 address) or routing tables.

IPv6 Address With Embedded IPv4 Address There are two addresses which contain an IPv4 address. • IPv4-Mapped IPv6 Address • IPv4-Compatible IPv6 Address

IPv4-Mapped IPv6 Address IPv4-only IPv6-compatible addresses are sometimes used/shown for sockets created by an IPv6-enabled daemon, but only binding to an IPv4 address. These addresses are defined with a special prefix of length 96 (a.b.c.d is the IPv4 address): 0:0:0:0:0:ffff:a.b.c.d/96 or in compressed format ::ffff:a.b.c.d/96 For example, the IPv4 address 1.2.3.4 looks like this: ::ffff:1.2.3.4

IPv4-Compatible IPv6 Address Used for automatic tunneling, which is being replaced by 6to4 tunneling. 0:0:0:0:0:0:a.b.c.d/96 or in compressed format :a.b.c.d/96

Page 25

Building a Linux IPv6 DNS Server 4.5 TUNNELING When IPv6 or IPv6/IPv4 systems are separated from other similar systems that they wish to communicate with by older IPv4 networks, then IPv6 packets must be tunneled through the IPv4 network.IPv6 packets are tunnelled over IPv4 very simply; the IPv6 packet is encapsulated in an IPv4 datagram, or in other words, a complete IPv4 header is added to the IPv6 packet. The presence of the IPv6 packet within the IPv4 datagram is indicated by a protocol value of 41 in the IPv4 header.

There are two kinds of tunneling of IPv6 packets over IPv4 networks: • Automatic Tunneling • Configured Tunneling

Automatic Tunneling Automatic tunneling relies on IPv4-compatible addresses. The decision to when to tunnel is made by an IPv6/IPv4 host that has a packet to send across an IPv4-routed network area.

Configured Tunneling Configured tunneling is used for host-router or router-router tunneling of IPv6-over-IPv4. The sending host or the forwarding router is configured so that the route, as well as having a next hop, also has a tunnel end address (which is always an IPv4-compatible address).

Page 26

Building a Linux IPv6 DNS Server Overview of Socket Programming A socket is nothing more than a convenient abstraction. It represents a connection point into a TCP/IP network, much like the electrical sockets in your home provide a connection point for your appliances. When two computers want to converse, each uses a socket. One computer is termed the server--it opens a socket and listens for connections. The other computer is termed the client--it calls the server socket to start the connection. To establish a connection, all that's needed is a server's destination address and port number.

Each computer in a TCP/IP network has a unique address. Ports represent individual connections within that address. Each port within a computer shares the same address, but data is routed within each computer by the port number. When a socket is created, it must be associated with a specific port--this process is known as binding to a port.

Socket Transmission Modes Sockets have two major modes of operation: • Connection-oriented mode • Connectionless mode

Connection-Oriented Mode Connection-oriented sockets operate like a telephone: they must establish a connection and then hang up. Everything that a flow between these two events arrives in the same order it was sent.

Page 27

Building a Linux IPv6 DNS Server Connection-oriented operation uses the Transport Control Protocol (TCP). A socket in this mode must connect to the destination before sending data. Once connected, the sockets are accessed using a streams interface: open-read-write-close. Connection-oriented operation is less efficient than connectionless operation, but it's guaranteed.

Connectionless Mode Connectionless sockets operate like the mail: delivery is not guaranteed, and multiple pieces of mail may arrive in an order distinct from that in which they were sent.

Connectionless operation uses the User Datagram Protocol (UDP). A datagram is a self- contained unit that has all the information needed to attempt its delivery. The UDP protocol promises only to make a best-effort delivery attempt. Connectionless operation is fast and efficient, but not guaranteed.

Overview of Java Network Cafe The following sections give a short overview of the capabilities and limitations of the different network classes provided in the java.net package. The overview can help to pick the Java classes that best fit your networking application.

The URL Class The URL class is an example of what can be accomplished using the other, lower-level network objects. The URL class is best suited for applications or applets that have to access content on the World Wide Web. Page 28

Building a Linux IPv6 DNS Server If all you use Java for is to write Web browser applets, the URL and URLConnection classes, in all likelihood, will handle your network communications needs.

The Socket Class The Socket class provides a reliable, ordered stream connection (that is, a TCP/IP socket connection). The host and port number of the destination are specified when the Socket is created.

The connection is reliable because the transport layer (the TCP protocol layer) acknowledges the receipt of sent data. If one end of the connection does not receive an acknowledgment within a reasonable period of time, the other end re-sends the unacknowledged data (a technique known as Positive Acknowledgment with Retransmission, often abbreviated as PAR). Once you have written data into a Socket object, you can assume that the data will get to the other side (unless you receive an IOException, of course).

The reliable stream connection provided by Socket objects is well suited for interactive applications. Examples of protocols that use TCP as their transport mechanism are Telnet and FTP. The HTTP protocol used to transfer data for the Web also uses TCP to communicate between hosts.

The Server socket Class The ServerSocket class represents the thing with which Socket-type connections

Page 29

Building a Linux IPv6 DNS Server communicate. Server sockets listen on a given port for connection requests when their accept() method is called. The ServerSocket offers the same connection-oriented, ordered stream protocol (TCP) that the Socket object does. In fact, once a connection has been established, the accept() method returns a Socket object to talk with the remote end.

The Datagram socket Class The DatagramSocket class provides an unreliable, connectionless, datagram connection (that is, a UDP/IP socket connection).

Unlike the reliable connection provided by a Socket, there is no guarantee that what you send over a UDP connection actually gets to the receiver. The TCP connection provided by the Socket class takes care of retransmitting any packets that get lost. Packets sent through UDP simply are sent out and forgotten, which means that if you need to know that the receiver got the data, you will have to send back some sort of acknowledgment.

Table 1. Classes of the java.net package

Class

Purpose

URL

Represents a Uniform Resource Locator.

URLConnectio Retrieves content addressed by URL objects n Socket

Provides a TCP (connected, ordered stream) socket

ServerSocket

Provides a server (listening) TCP socket. Page 30

Building a Linux IPv6 DNS Server DatagramSock Provides a UDP (connectionless datagram) socket. et DatagramPac ket

Represents a datagram to be sent using a DatagramSocket object.

InetAddress

Represents a host name and its corresponding IP number or numbers.

4.6 DNS IN NUT SHELL These are the some of the noteworthy features for DNS server. • DNS stands for Domain Name System. • It translates (or "maps" as the jargon would have it) from name to address and from address to name, and some other things. • Allow machines to be logically grouped by name Domains. • Provides email routing Information.

The structure of the DNS database, shown in Figure 2., is very similar to the structure of the UNIX file system. The whole database (or file system) is pictured as an inverted tree, with the root node at the top. Each node in the tree has a text label, which identifies the node relative to its parent.

This is roughly analogous to a "relative pathname" in a filesystem, like bin. Onelabel - the null label, or "" - is reserved for the root node. In text, the root node is written as a single dot ("."). In the UNIX filesystem, the root is written as a slash ("/").

Page 31

Building a Linux IPv6 DNS Server

Figure 2. The DNS database versus a UNIX file system

Each node is also the root of a new subtree of the overall tree. Each of these subtrees represents a partition of the overall database - a "directory" in the UNIX filesystem, or a domain in the Domain Name System. Each domain or directory can be further divided into additional partitions, called subdomains in DNS, like a filesystem's "subdirectories." Subdomains, like subdirectories, are drawn as children of their parent domains.

Figure 3. DNS upside-down tree structure

Page 32

Building a Linux IPv6 DNS Server The Figure 3. Portraits the DNS upside down tree structure which is in a hierarchical manner. Every domain has a unique name, like every directory. A domain's domain name identifies its position in the database, much as a directory's "absolute pathname" specifies its place in the file system. In DNS, the domain name is the sequence of labels from the node at the root of the domain to the root of the whole tree, with "." separating the labels.

DNS Lookups DNS have a couple of lookups, one is forward lookup and the other is reverse of forward lookup. ™ Forward Lookup - It Resolves Hostname into IP address. ™ Reverse Lookup - It Resolves IP address into Host Name.

DNS Server Functions These are the some of the notable key points in DNS server. • Internet Domain Support - Accessing servers through remote network. • Local Name Resolution - Resolve the hostnames of systems on your LAN. • Internet Name Resolution - Most often used for ISP's DNS server.

Page 33

Building a Linux IPv6 DNS Server Name Server Hierarchy According to name server hierarchy the prominent features are • Master Name Server Contains the master copy of data for a zone. • Slave Name Server Provides a backup to the master name server. • Caching Name Server Provides a backup of queries and answers

Figure 4. Graphical Representation of DNS Configuration

DNS Message Format and Resource Records All communications inside of the domain protocol are carried in a single format called a message. The top level format of message is divided into 5 sections (some of which are empty in certain cases) shown below: • Header • Question • Answer • Authority

Page 34

Building a Linux IPv6 DNS Server • Additional

HEADER QUESTION ANSWER

the question for the name server RRs answering the question

AUTHORITY

RRs pointing toward an authority

ADDITIONAL

RRs holding additional information

Diagram 3. DNS Message Format

The header section is always present. The header includes fields that specify which of the remaining sections are present, and also specify whether the message is a query or a response, a standard query or some other opcode, etc.

The names of the sections after the header are derived from their use in standard queries. The question section contains fields that describe a question to a name server. These fields are a query type (QTYPE), a query class (QCLASS), and a query domain name (QNAME). The last three sections have the same format: a possibly empty list of concatenated resource records (RRs).

The answer section contains RRs that answer the question; the authority section contains RRs that point toward an authoritative name

Page 35

Building a Linux IPv6 DNS Server server; the additional records section contains RRs which relate to the query, but are not strictly answers for the question.

DNS Configuration Files The default configuration file for BIND is /etc/named.conf, There are couples of zones in BIND. • Master Zone • Slave zone Master zones are the central player in BIND configuration. Slave zones look similar to their master counterparts. These are the typical zone configuration files in our project.

zone "mahendra.com" { type

master;

file

"mahendra.com.zone"

};

zone "kernel.org" { type

slave;

masters

{ 192.168.192.168; };

file

"kernel.org.zone";

};

The file directive specifies the text file that holds the zone's database. The name of the zone file is arbitrary be common examples include: mahendra.com.zone mahendra.com.db Page 36

Building a Linux IPv6 DNS Server db.mahendra.com mahendra.com

Zone files usually reside in /var/named/ directories. All zone files must start with a TTL directive. Every zone file must have the following components such as serial number, refresh time, retry time, and expire time and TTL parameters.

Installing a Rpm Package in Linux The modules from the enhanced version cannot be loaded into the prior versions, because the facilities in the prior versions are restricted and the modules attached to the degraded version will not cope up with each other. So for a version which has no support for IPv6 a patch up rpm corresponding to the kernel version has to be downloaded from the net and run in the root using the command.

# rpm –ivh For e.g. # rpm –ivh j2sdk1.4.0.1-arch-x86.rpm

The switch options in rpm command are explained as follows: i - Stands for Installation. v - Stands for Verbose mode. h - Stands for Hash display while installation.

Through this RPM command we can install goodies of software's in Linux boxes.

Page 37

Building a Linux IPv6 DNS Server Path setting for java's bin directory can be achieved by /etc/profile configuration file by passing certain parameters.

Page 38

Building a Linux IPv6 DNS Server

5. SYSTEM IMPLEMENTATION 5.1 OUR PROJECT MODULES In Our Project we divided the process into five Modules: ™ Kernel Compilation and Creation of Patch Work. ™ Lookup Module. ™ Configuring IPv6 over IPv4. ™ DNS Configuration Settings by editing the /etc based config. files. ™ Cross Platform Resource Access.

Kernel Compilation and Creation of Patch Work In this module we are creating a new kernel to execute our project. So we are surmounting the accidental damages to the already existing kernel.

Building a new kernel providing some benefits as follows: • Additional drivers. • Enabling additional features (security patch for example). • Use a more recent kernel than prebuilt kernels. • Optimization ƒ "Lower" memory footprint. ƒ Speed, compiled for your hardware.

We can configure the new kernel in two ways. • Text based configuration – make config , make menuconfig

Page 39

Building a Linux IPv6 DNS Server • GUI basedconfiguration – make xconfig, make gconfig

In our project the necessary files to build a new kernel are kept under the loading.sh file.

The following commands are used to customize the kernel • Kernel level commands These are the kernel commands which are included in our shell program loading.sh to build, compile, installing the kernel modules. ƒ # make dep

>> for dependency checks.

ƒ # make clean

>> parameter checks.

ƒ # make bzImage >> Extracting Kernel image. • Modules level commands These are the commands to install modules in the kernel ƒ # make modules >> configuring kernel modules. ƒ # make modules_install >> installing modules.

Lookup Module The main goal of this module is to check the status of the server by the client. Initially the server is enabled by specifying a port number which is greater than 1024 [i.e. it should not be a default port number as assigned by ICANN].

Then all the clients are registered with the server in the same port number that is assigned previously at the server side programs by clicking

Page 40

Building a Linux IPv6 DNS Server on Register button .The client name and the port name are entered on their preferred text boxes.

Successively any client system can be added in the network with the server by checking the server status through lookup button. A clear indication will be shown to the user regarding the server status whether it is active or inactive.

Configuring IPv6 over IPv4 At present we have IPv4 all around the globe. We can’t change the entire IPv4 network to IPv6 network suddenly. In order to come over this problem we encapsulated the IPv6 packet support over the IPv4 packets. This process is known as “IPv6 Tunneling”. It can be accomplished by writing proper BIND script for our project.

In our project, we created our network name as “Mahendra.com” with specified IP address. The file db.mahendra.com contains the essential functional parameters that are needed to configure the server. The forward lookup contains the zone name as mahendra.com and the reverse lookup contains IP address as a zone name. All the server and client names and their IP addresses are configured in BIND script.

DNS Configuration Settings by editing the /etc Based Configuration Files The following commands are used to trigger the server / reconfigure. • # Service named start - The command indicates to start the named service in Linux network services. Page 41

Building a Linux IPv6 DNS Server • # Service named stop - The command indicates to stop the named service in Linux network services. • # Service named restart - The command indicates to restart the named service in Linux network services. • # Chkconfig named on - The command indicates to start the named service while booting Linux.

DNS panel consists of three components. • Control panel • IPv6 address • IPv4 address

In the control panel dialog box, we can activate the server through start / restart buttons and deactivated through stop button. Additionally the close button is used to exit from the control panel if the user clicks on it.

Both IPv6 and IPv4 address panels consists of following components: • Domain name – represents the name of the entire network. • Host name - represents the name of the particular client. • IPv6/IPv4 address- represents the hexadecimal address format and classful addressing. Also the user can add the new clients in the network by clicking on the add button.

Page 42

Building a Linux IPv6 DNS Server Cross Platform Resource Access In our project, the server is configured under Linux platform and the clients may under Windows / Linux platform. We created the interactive java network programs to get connection between the client and the server. Initially the server is in ON state. Then the client sends the domain name and port number (default: 2995) as a run time parameter while executing. Then through SAMBA server we can access the windows files and directories in Linux or vice versa…We can enable IPv6 support for samba server by installing the preferred patches.

5.2 THE BOTTOMLINE OF THE PROJECT Figure 5. The Bottom Line of the Project

At Present situation, suddenly we can’t change the entire IPv4 network into IPv6 network. That’s why we chose to select the concept of IP v6 over IPv4 Tunneling. The above diagram represents the Bottom line of the Project that resolves the name and IP address for both IPv6 and IPv4 components. The main concept involved in our Project IPv6 over IPv6 Page 43

Building a Linux IPv6 DNS Server Tunneling. The principal function for this concept is encapsulating the IPv6 packets within IPv4 packets.

Page 44

Building a Linux IPv6 DNS Server 6. SOFTWARE TESTING 6.1 AN INTRODUCTION Testing is done to make sure that all processes are executed properly in order to avoid unprecedented errors and bugs under various circumstances.

In our Project following testing procedures are followed. ¾ Unit Testing ¾ Integration testing ¾ Validation testing ¾ Output testing ¾ User Acceptance testing ¾ White box testing Unit Testing Unit testing focuses verification effort on the smallest limit of software design. Using the unit test plan prepared in the design phase of the system, important control paths are tested to uncover the errors within the module. This testing was carried out during the coding itself. In this testing each module is going to be working satisfactorily as the expected output from the module. Integration Testing Integration testing is the systematic technique for constructing the program structure while at the same time conducting test to uncover errors associated with the interface. The objective is to take tested modules and

Page 45

Building a Linux IPv6 DNS Server build the program structure that has been dictated by design. All modules are combined in this testing step. Then the entire program is tested as a whole. If a set of errors is encountered correction is difficult because the isolation of causes is complicated by vastness of the entire program. Using integrated test plans prepared in the design phase of the system developed as a guide, the integration was carried out. All the errors found in the system were corrected for the next testing steps. Validation Testing At the end of the integration testing, software is completely assembled as a package, interfacing errors have been uncovered and corrected and final series of software validation testing begins. Validation testing can be defined in many ways, but a simple definition is that validation succeeds then the software functions in a manner that can be reasonably accepted by the user. Software validation is achieved through a series of black box tests that demonstrate conformity the requirements. Thus, the proposed system under consideration has been tested by using validation testing and found to be working satisfactory. Output Testing After performing the validation testing the next step is to perform the output testing of the proposed system. Since no system could be useful if it does not produce the required output in the specified format. The output generated by the system under consideration is compared with the format required by the user. Here the output format is considered in two ways. One is onscreen and other is printed format. The output format on the screen is found to be correct as the system design phase according to the user needs

Page 46

Building a Linux IPv6 DNS Server for the hard copy also, the output comes out as a specified requirement by the user. Hence, the output testing does not result in any correction in the system.

User Acceptance Testing User acceptance of a system is a key factor to the success of any system. The system under consideration was tested for user acceptance by constantly keeping in touch with the prospective system user at the time of developing and making changes wherever required. This is done with regard to the following points: • Input screen design. • Output screen design. • Online message to guide the user. • Event driven system. • Format of the reports and other output.

Black Box Testing Knowing the specified function that a product has been designed to platform, test can be conducted at each function is fully operational. Black box test is carried out to test that input to a function properly accepted and output is correctly produced. A black box test examines some aspects of a system with little regard for the internal logical structure of the software. Errors in the following categories were found through Black Box testing: • Incorrect or missing functions. • Interface errors. • Performance error.

Page 47

Building a Linux IPv6 DNS Server • Initialization and termination errors. White Box Testing White box testing of software is predicted on a close examination of procedural detail. The status of the program may be tested at various points to determine whether the expected or asserted status corresponding to the actual status. Using these following test cases can be derived: • Exercise all logical conditions on their true and false side. • Execute all loops within their boundaries and their operation bounds. • Exercise internal data structure to ensure their validity. 6.2 FEATURES TO BE TESTED There are certain modules to be tested to make the project to be qualitative and will be effective in certain circumstances. We divided the testing strategy into two counter parts: • Generic test • Security test Generic Test Conditions Table 2. Generic Test Conditions Conditions to be tested Click on all links

Use of wrong data type values

Expected results System display appropriate screen. No error message saying ‘not found’ is given Display error: Enter numeric or alpha according to the entry

Page 48

Building a Linux IPv6 DNS Server Security Test Conditions Table 3. Security Test Conditions Conditions to be tested Provide wrong port no If Port number is string If String is a number If port number differs between client and server

Expected results Displays exception : Improper Port number Displays Number format Exception Displays Illegal argument Exception Displays "Server not active message"

Page 49

Building a Linux IPv6 DNS Server

7. CONCLUSION Our Project would resolve both IPv4 and IPv6 names, since we have created a dual stack which supports both kinds of name resolution. The project also includes the tunneling mechanism through name resolution by the code developed by the code developed in JAVA.

Though the system has been successfully working with the currently developed modules, it is planned to upgrade the system to accommodate the IPv6 name server too. These ideas are under consideration and ground work for further development is on. These are the Pointers that we have chosen IPV6 as academic Project. • Long-term solution, Scalable, Reliable, Manageable • Secure and High-performance IP networks.

Scope of Future Enhancement The Future Enhancement for our project involves: • Implementation of IPv6 Name Server. • Implementation of DHCP Name Server. • Implementation of SAMBA Server.

Page 50

Building a Linux IPv6 DNS Server

8. REFERENCES Supported RFC’s For Our Project The Supported RFC’s for our projects are • RFC1886: DNS extension for IPv6 • RFC2373: IPv6 addressing architecture • RFC2428: FTP extensions for IPv6 & NATs • RFC2452: IPv6 MIB: TCP • RFC2463: ICMP for IPv6 • RFC2464: IPv6 over ethernet • RFC2466: IPv6 MIB: ICMP • RFC2553: Basic socket API for IPv6

Books Referred 1. M.Beck, H.Bome, M, Dziadzka, U.Kunitz, R.Manus, D,Verwomer “LINUX Kernal Internals” Addison Wesley Longman (Singapore ) Pvt. Ltd. Indian Branch 482 FIE , Delhi -110092, pp.54-123. 2. Craig Hunt “Linux Network Servers” BPB publications , B-14 connaught place, New Delhi-01, pp.67-78. 3. Kerry Cox “Red Hat Linux administrator’s guide” Prentice Hall of India pte Ltd, New Delhi -01, pp.101-222. 4. Christopher Negus “Red Hat Linux 9 Bible” WILEY – dreamtech India Pvt Ltd, New Delhi-01, pp.36-63. 5. Douglas E.Comer “Internetworking with TCP/IP” forth edition, Pearson Education pte Ltd, New Delhi-92, pp.92-134.

Page 51

Building a Linux IPv6 DNS Server Websites 1. www.ietf.org 2. www.6bone.net 3. www.linuxkernel.org 4. www.sourceforge.net 5. www.ipv6.org 6. www.linux.org 7. www.linuxquestions.org 8. www.desktoplinux.com 9. www.realvnc.com 10. www.redhat.com

Forums 1. www.IPv6forum.com

Blogs 1. www.blogger.com

FTP Sites 1. ftp://tsx-11.mit.edu/pub/linux

How To Guides 1. Linux IPv6 guide from tldp.org 2. Linux DNS guide from tldp.org

Page 52

Building a Linux IPv6 DNS Server Power Point Presentations (PPT) And PDF’s 1. IPv6 Router Experience and Plans, July 2001, Naoya Ikeda, Enterprise Server Division Hitachi, Ltd. Power Point Presentation (PPT). 2. Cisco IPv6 status, Tony Hain, Cisco Systems Technical Leader IPv6. Power Point Presentation (PPT). 3. IPv6 market status, Yolonda Lamilla, Consulting System Engineer, Cisco Systems. (PDF). 4. IPv6 on Linux: A Tutorial Approach, Ibrahim Haddad, IP Network branch at Ericsson Research.(PDF).

Page 53