The Domain Name System. CeylonLinux DNS concepts using BIND 2 Hostnames IP Addresses are great for...

The Domain Name System

CeylonLinux DNS concepts using BIND

2

Hostnames

• IP Addresses are great for computers– IP address includes information used for

routing.

• IP addresses are tough for humans to remember.

• IP addresses are impossible to guess.– ever guessed at the name of a WWW site?


3

The Domain Name System

• The domain name system is usually used to translate a host name into an IP address .

• Domain names comprise a hierarchy so that names are unique, yet easy to remember.


4

DNS Hierarchy

edu com org jp

rpi albany


5

Host name structure• Each host name is made up of a sequence

of labels separated by periods.– Each label can be up to 63 characters– The total name can be at most 255 characters.

• Examples:– whitehouse.gov– barney.the.purple.dinosaur.com– monica.cs.rpi.edu


6

Domain Name

• The domain name for a host is the sequence of labels that lead from the host (leaf node in the naming tree) to the top of the worldwide naming tree.

• A domain is a subtree of the worldwide naming tree.


7

Top level domains

• edu, gov, com, net, org, mil, …

• Countries each have a top level domain (2 letter domain name).

• New top level domains include:.aero .biz .coop .info .name .pro


8

DNS Organization• Distributed Database

– The organization that owns a domain name is responsible for running a DNS server that can provide the mapping between hostnames within the domain to IP addresses.

– So - some machine run by RPI is responsible for everything within the rpi.edu domain.


9

rpi.eduDNS DB

rpi.eduDNS DB

DNS Distributed Database

• There is one primary server for a domain, and typically a number of secondary servers containing replicated databases.

rpi.eduDNS DB

Authoritative

rpi.eduDNS DB

Replicas

rpi.edu DNS server


10

DNS Clients• A DNS client is called a resolver.

• A call to gethostbyname()is handled by a resolver (typically part of the client).

• Most Unix workstations have the file /etc/resolv.conf that contains the local domain and the addresses of DNS servers for that domain.


11

/etc/resolv.conf

domain rpi.edu

128.113.1.5

128.113.1.3


12

nslookup

• nslookup is an interactive resolver that allows the user to communicate directly with a DNS server.

• nslookup is usually available on Unix workstations.


13

DNS Servers

• Servers handle requests for their domain directly.

• Servers handle requests for other domains by contacting remote DNS server(s).

• Servers cache external mappings.


14

Server - Server Communication• If a server is asked to provide the

mapping for a host outside it’s domain (and the mapping is not in the server cache):– The server finds a nameserver for the

target domain.– The server asks the nameserver to provide

the host name to IP translation.

• To find the right nameserver, use DNS!


15

DNS Data

• DNS databases contain more than just hostname-to-address records:– Name server records NS– Hostname aliases CNAME– Mail Exchangers MX– Host Information HINFO


16

The Root DNS Server

• The root server needs to know the address of 1st (and many 2nd) level domain nameservers.

edu com org jp

albanyrpi


17

Server Operation

• If a server has no clue about where to find the address for a hostname, ask the root server.

• The root server will tell you what nameserver to contact.

• A request may get forwarded a few times.


18

DNS Message Format

HEADER

QUERIES

Response RESOURCE RECORDS

Response AUTHORITY RECORDS

Response ADDITIONAL INFORMATION

HEADER

QUERIES

Response RESOURCE RECORDS

Response AUTHORITY RECORDS

Response ADDITIONAL INFORMATION


19

Question Format

• Name: domain name (or IP address)

• Query type (A, NS, MX, …)


20

Response Resource Record

• Domain Name

• Response type

• Class (IP)

• Time to live (in seconds)

• Length of resource data

• Resource data


21

UDP & TCP

• Both UDP and TCP are used:– TCP for transfers of entire database to

secondary servers (replication).– UDP for lookups– If more than 512 bytes in response -

requestor resubmits request using TCP.


22

Name to Address Conversion

• There is a library of functions that act as DNS client (resolver).


23

DNS Data Flow


24

Example suranga.com

This is named.conf in /etc/ folderAccording to the following configuration I have created a zone called suranga.com and in that zone im3 is a host. Therefore the full name of that host would be im3.suranga.com. like that

you can have any amount of PCs in your domain. This will definitely works if you type

following according to your network.


25

Example Network


26

This is named.conf in /etc/ folder

• options {• directory "/var/named";• // query-source address * port 53;• };• zone "." IN {• type hint;• file "named.ca";• };• zone "localhost" IN {• type master;• file "localhost.zone";• allow-update { none; };• };• zone "0.0.127.in-addr.arpa" IN {• type master;• file "named.local";• allow-update { none; };• };• zone "suranga.com" IN {• type master;• file "suranga.com.zone";• allow-update { none; };• };• zone "200.168.192.in-addr.arpa" IN {• type master;• allow-update { none; };• };


27

BIND Files

• Following files should be created in /var/named/ folder we do not need to customize the default file named.ca in the /var/named/ folder.

• 1. 0.0.127.in-addr.arpa.zone• 2. 200.168.192.in-addr.arpa.zone• 3. suranga.com.zone• 4. localhost.zone• 5. named.local


28

The contents of 0.0.127.in-addr.arpa.zone as follows

• $TTL 86400• @ IN SOA localhost. root.localhost (• 1 ; serial• 28800 ; refresh• 7200 ; retry• 604800 ; expire• 86400 ; ttk• )• @ IN NS localhost.• 1 IN PTR localhost.


29

200.168.192.in-addr.arpa.zone file

• $TTL 86400• @ IN SOA 192.168.200.8. root.localhost (• 1 ; serial• 28800 ; refresh• 7200 ; retry• 604800 ; expire• 86400 ; ttk• )• @ IN NS localhost.• 1 IN PTR localhost.• 2 IN PTR im3.


30

suranga.com.zone file

• $TTL 86400• @ IN SOA @ root.suranga.com (• 1 ; serial• 28800 ; refresh• 7200 ; retry• 604800 ; expire• 86400 ; ttl• )• IN NS suranga.com.• @ IN A 192.168.200.8• im3 IN A 192.168.200.250


31

localhost.zone file

• $TTL 86400• @ IN SOA @ root.localhost (• 1 ; serial• 28800 ; refresh• 7200 ; retry• 604800 ; expire• 86400 ; ttl• )• IN NS localhost.• @ IN A 127.0.0.1


32

named.localhost file

• $TTL 86400• @ IN SOA localhost. root.localhost. (• 1997022700 ; Serial• 28800 ; Refresh• 14400 ; Retry• 3600000 ; Expire• 86400 ) ; Minimum• IN NS localhost.• 1 IN PTR localhost.


33

Results

• Now go to the prompt and type service named start and type nslookup commands to verify your domain as follows.

• #nslookup >suranga.com

• Server: 192.168.200.8Address: 192.168.200.8#53

Name: suranga.comAddress: 192.168.200.8

• >im3.suranga.com• Server: 192.168.200.8

Address: 192.168.200.8#53

Name: im3.suranga.comAddress: 192.168.200.250


34

Configuration Files

• named configuration file (/etc/named.conf): • It basically defines the parameters that point to the sources of

domain database information, which can be local files or on remote servers.

• Hint file (cache file)(/var/named/named.ca): • It actually provides the name of root server which gets activated

in case the machine name, which is to be searched, is not there in user defined zone.

• localhost file (/var/named.local): • All configuration have a local domain Database for resolving

address to the host name localhost. • Zone: • Basically a zone that keeps the information about the domain

database.


35

More on zone files

• @: It means from the origin to the lastname object that is suranga.com.

• IN: This stands for Internet servers • SOA: This stands for `Start Of Authority’. It marks the beginning

of a zone’s data and defines the parameter that affects the entire zone. Followed by the current machine name where the DNS server is maintained.

• 20000011301;serial: This is the serial number--a numeric value that tells or notifies the slave server, that the database has been updated. So slave server should also update it.

• 3600;refresh: This is the refresh cycle in seconds. In every refresh cycle the slave server comes to master server and checks for the updated database.


36

More on zone files

• 1800;retry: This particular line refers to the retry cycle which in turn means that the slave server should wait before asking the master server again in case master server doesn’t respond.

• 1209600;expire: This is the time for slave server to respond to queries of client for the expiration time if master server fails and has to be up and not getting up. After this period slave server also fails to solve the queries of clients and sits idle.

• 432100;default_ttl: This refers to the default time to leave, for this domain to work for, when named is once started. Remember the user doesn’t have to play with this unless he wants that the query time from the slave server should be somewhat less or more. In case we want to change, we should change only the refresh time in both master and slave. The best way is to make it 2, which means after each 2 seconds slave server will query to master server.

The Domain Name System. CeylonLinux DNS concepts using BIND 2 Hostnames IP Addresses are great for...

Documents

Transcript of The Domain Name System. CeylonLinux DNS concepts using BIND 2 Hostnames IP Addresses are great for...