Dns (domain Name System)

DNS (Domain Name System)  DNS is a very well known protocol.  The DNS protocol works when your computer sends out a DNS query to a name server to resolve a domain.  The DNS protocol utilises Port 53 for its service. This means that a DNS server listens on Port 53 and expects any client wishing to use the service to use the same port.  It is used for resolving host names and domain names to IP addresses ( or vice versa)  The Domain Name System is a 'hierarchically distributed database', which is a fancy way of saying that its layers are arranged in a definite order and that its data is distributed across a wide range of machines (just like the roots of a tree branch out from the main root).

History

The Internet Domain Name Server Hierarchy

Top-level domains Domain ==========

Used By ==========

.com

Commercial organizations, as in novell.com

.edu

Educational organizations, as in ucla.edu

.gov

Governmental agencies, as in whitehouse.gov

.mil

Military organizations, as in army.mil

.org

Nonprofit organizations, as in redcross.org

.net

Networking entities, as in nsf.net

.int

International organizations, as in nato.int

Example DNS Resolution

DNS Server & Clients  DNS Server :The software component that returns the name to IP translation ( or vice versa) to the inquiring client. The DNS server may ask other DNS server for help in doing this. On Red Hat Linux machines the server gets its configuration from /etc/named.conf file and the named.conf references.  DNS Client: The software component of all networked computers that finds the IP address for name or (vice versa) by asking its assigned DNS server(s) on Red Hat Linux machine the client gets its configuration information from /etc/resolv.conf

Nameserver Types There are four primary nameserver configuration types: • master (Primary DNS)— Stores original and authoritative zone  records for a certain namespace, answering questions from other  nameservers searching for answers concerning that namespace.

• slave (Secondary DNS)— Answers queries from other 

nameservers concerning namespaces for which it is considered an  authority. However, slave nameservers get their namespace information  from master nameservers.

• caching­only — Offers name to IP resolution services but is not 

authoritative for any zones. Answers for all resolutions are cached in  memory for a fixed period of time, which is specified by the retrieved  zone record.

• forwarding — Forwards requests to a specific list of nameservers for  name resolution. If none of the specified nameservers can perform the  resolution, the resolution fails.

Primary DNS Configuration  Necessary rpm required for Primary DNS configuration

1. bind 2. bind-utils 3. bind-libs

Configuration Cont. 

Primary DNS Configuration Files /etc/hosts  /etc/named.conf  /etc/resolv.conf  /ver/named/ispsetup.com.fz  /ver/named/ispsetup.com.rev  /ver/named/named.ca  /ver/named/named.local  /var/named/localhost.zone Configuration Cont. 

/etc/named.conf options { directory "/var/named"; }; controls { inet 127.0.0.1 allow { localhost; } keys { rndckey; }; }; zone "." IN { type hint; file "named.ca"; }; zone "localhost" IN { type master; file "localhost.zone"; allow-update { none; }; };

/etc/named.conf zone "0.0.127.in-addr.arpa" IN { type master; file "named.local"; allow-update { none; }; }; zone "ispsetup.com" IN { type master; file "ispsetup.com.fz"; allow-update { none; }; allow-transfer { 199.227.167.214; 69.88.13.6; 69.88.13.5; 69.88.7.162; }; }; zone "10.168.192.in-addr.arpa" IN { type master; file "ispsetup.com.rev"; allow-update { none; }; }; include "/etc/rndc.key";

/ver/named/ispsetup.com.fz $TTL 7200 ; 2 hour $ORIGIN ispsetup.com. @

IN SOA ns01.ispsetup.com.

root.ispsetup.com. (

2006050901

; serial (d. adams)

3600

; refresh after 1 hours

900

; retry after 15 hour

1209600

; expire after 2 week

1800 ) IN

NS

ns01.ispsetup.com.

IN

NS

ns02.ispsetup.com.

IN

MX

; minimum TTL of 30 minutes 

10 mail.ispsetup.com.

$ORIGIN ispsetup.com. @

IN

A

192.168.9.14

ns01

IN

A

192.168.9.14

ns02

IN

A

192.168.9.12

mail

IN

A

192.168.9.4

www

IN

CNAME ns01.

/ver/named/ispsetup.com.rev $TTL 86400 @

IN

SOA

ns01.ispsetup.com. root.ispsetup.com. ( 1997022712 ; Serial 28800

; Refresh

14400

; Retry

3600000

; Expire

86400 ) ; Minimum IN

NS

ns01.ispsetup.com.

IN

NS

ns02.ispsetup.com.

14

IN

PTR

ns01.ispsetup.com.

12

IN

PTR

ns02.ispsetup.com.

12

IN

PTR

mail.ispsetup.com.

/var/named/named.local $TTL 86400 @

IN

SOA

localhost. root.localhost. ( 1997022720 ; Serial 28800

; Refresh

14400

; Retry

3600000

; Expire

/var/named/localhost.zone

86400 ) ; Minimum IN

NS

localhost.

RIGIN localhost. @

1

IN

PTR

1D IN SOA

localhost.

44

; serial (d. adams)

3H

; refresh

15M

; retry

1W

; expiry

1D )

; minimum

1D IN NS 1D IN A

@ root (

@ 127.0.0.1

Resource Records • SOA — Start Of Authority record, proclaims important authoritative  information about a namespace to the nameserver.  • NS — NameServer record, which announces the authoritative  nameservers for a particular zone. • MX — Mail eXchange record, which tells where mail sent to a particular  namespace controlled by this zone should go. • A — Address record, which specifies an IP address to assign to a name • CNAME — Canonical name record, maps one name to another. This  type of record is also known as an alias record. • PTR — PoinTeR record, designed to point to another part of the  namespace

/etc/hosts 127.0.0.1

localhost.localdomain localhost

192.168.9.14

ns01.ispsetup.com

ns01

/etc/resolv.conf  nameserver 192.168.9.14 nameserver 192.168.9.12

Start and Test DNS Service  Start DNS service # service named start or # /etc/rc.d/init.d/named start  Test DNS Service # nslookup # dig # dig –x 192.168.9.14