RHEL 5 includes BIND version 9.3
TCP/IP port 53
system-config-bind
/etc/hosts
/etc/ resolv.conf
Provides resolution of names to IP addresses
and resolution of IP addresses to names.
Defines a hierarchical namespace where each level of
the namespace is separated by a "."
How DNS works?
-----------------
we ask DNS server for www.cloudnetwork.in resolution it asks Root(.)then (.com ;.net; etc) then ( cloudnetwork.in) then IP address of
www.cloudnetwork.in is sent.
/etc/hosts
Host File provides resolution of hostnames
to IP addresses.
types of DNS servers
---------------------
A master DNS server for your domain(s), which stores authoritative records for your domain.
A slave DNS server, which relies on a master DNS server for data.
A caching-only DNS server, which stores recent requests like a proxy server. It otherwise refers to other DNS servers.
If the DNS server is outside your network, this request can take time. If you have a caching-only name server, these queries are stored locally, which can save significant time while you or others on your network are browsing the same sites on the Internet.
A forwarding-only DNS server, which refers all requests to other DNS servers.
Common host name services :
---------------------------
files /etc/hosts ; /etc/networks
DNS and NIS
/etc/nsswitch.conf determine the order in which to query name service
default is
hosts: files,dns
NIS domain and DNS domain names should usually be different to simplify torubleshooting and
avoid name collisions
Client-side resolvers:
----------------------
dig ( never look /etc/nsswitch.conf)
dig +trace redhat.com ( reads /etc/nsswitch.conf to determine nameserver)
host ( never look /etc/nsswitch.conf)
nslookup
It can only resolve the names provide in the local host
file.
It cannot be used as central Database.
You can add the name and ip address in /etc/hosts
192.168.0.2 server1.learnadmin.com Server1
Using nslookup to Test DNS
--------------------------
nslookup www.learnadmin.com
Name: www.learnadmin.com
Address: 192.168.0.2
Using the host Command to Test DNS
-----------------------------------
host 192.168.0.2
ZONE
-----
Zone is a storage database which contains
all zone Records
Forward Lookup Zone
--------------------
Used for Resolving Host Names to IP-Address
It maintains Host to IP Address Mapping Information
Reverse Lookup Zone
--------------------
Used for Resolving IP-Address to Host Names
It maintains IP Address to Host Mapping Information
SOA is a Start Of Authority record, which is a first record in DNS, which controls the
startup behavior of DNS. We can configure TTL, refresh, and retry intervals in this
record.
###BIND DNS###
Features:
1. Name-to-IP address mapping
2. Name resolution for DNS clients
3. Caching-only server (Default)
4. Primary DNS server
5. Slave server
6. Replication of DNS database information between servers
7. Dynamic DNS updates
8. Provides numerous client tools: nslookup, dig, host
Tasks:
1. Installation of BIND on the remote system: linuxcbtserv4
a. yum -y install bind
2. Setup service to auto-start at boot
a. chkconfig --level 35 named on - enables the service in runlevels: 3,5
3. Configure a default, caching-only, named.conf file
a. rpm -ql bind - to see samples
b. cp /usr/share/doc/bind*/sample/* to /etc/ and /var/named
c. Modify /etc/named.conf - disable DDNS_KeyGen sections
d. Start the server - service named start
4. Query the server
a. dig @localhost www.cloudnetwork.in
a1. Returns: question, answer, authoritative DNS servers, query time
b. nslookup www.cloudnetwork.in OR nslookup - server 127.0.0.1 - www.cloudnetwork.in
Note: The server has cached: www.cloudnetwork.in, evidenced by the decrementing TTL values for the various records associated with the zone
c. host www.cloudnetwork.in - also performs a lookup
Note: /etc/resolv.conf controls the DNS servers that are consulted by lookup tools such as: Web browser, GFTP, LFTP, nslookup, dig, host, etc.
d. dig cloudnetwork.in MX - queries the domain for mail exchangers
Note: DNS is organized into an inverted tree, with '.' representing the root of the DNS tree. e.g.
dig mail1.cloudnetwork.in.
- . = root
- .com = top level
- .linuxgenius = second level
-mail = third level
Note: A trailing '.' in a DNS query is implied, and may optionally be indicated if desired in any standard Internet application (web browser, FTP client, wget, nslookup, dig, host, etc.)
Primary & Secondary Zones:
Features:
1. Ability to service zones
2. Authoritative support for a zone
Tasks:
1. Create internal zone named 'linuxcbt.internal'
a. modify /etc/named.conf to include the new zone
zone "linuxcbt.internal" {
type master;
#allow-update { key ddns_key; };
file "linuxcbt.internal.db";
};
b. create the corresponding zone file
c. restart named
d. test resolution of DNS primary zone
Note: Install 'caching-nameserver*' for Caching-only DNS server
2. Create a slave (Secondary) server
a. yum -y install bind
b. copy sample files from primary server to secondary server
c. modify /etc/named.conf and set 'linuxcbt.internal' zone to slave
d. start named service - 'service named start'
e. chkconfig --level 35 named on
f. Update: /var/named/linuxcbt.internal.db to reflect new name server
3. Create a primary zone on the "secondary" server
a. create a zone for: linuxcbt.external - in /etc/named.conf
b. copy/create 'linuxcbt.external.db' zone file
c. setup 'linuxcbtserv4' to be a slave for the zone: linuxcbt.external
4. Start 'named' as a caching-only DNS server (Default)
a. service named start
b. 'dig @192.168.75.199 www.cloudnetwork.in' - forces a caching-only lookup query
Forward IPv6 Records:
Implemented primarily as AAAA records:
linuxcbtserv1 IN AAAA 2002:4687:db25:3:202:b3ff:fe98:4108
linuxcbtserv4 IN AAAA 2002:4687:db25:3:20c:29ff:feb5:1692
linuxcbtmedia1 IN AAAA 2002:4687:db25:3:20a:5eff:fe1b:4aad
linuxcbtrouter1 IN AAAA 2002:4687:DB25:3:21A:2FFF:FEE3:F240
Test IPv6 resolution using:
1. ping6 linuxcbtrouter1.linuxcbt.internal
2. dig @192.168.75.10 linuxcbtrouter1.linuxcbt.internal
Reverse Zones:
Features:
1. The ability to resolve a name, given an IPv4 or IPv6 address
Tasks:
1. Define an IPv4 reverse zone for the local subnet:
a. Define zone name: '75.168.192.in-addr.arpa' - /etc/named.conf
b. Update: /etc/named.conf
c. Create zone file in: /var/named
d. Update configuration
e. Restart named
f. test using 'dig -x 192.168.75.1'
Note: Reverse zones are built from the prefix in IPv4 subnets
IPv6 Reverse Zone:
Requirements:
1. /etc/named.conf entry
zone "3.0.0.0.5.2.b.d.7.8.6.4.2.0.0.2.ip6.arpa" {
type master;
file "3.0.0.0.5.2.b.d.7.8.6.4.2.0.0.2.ip6.arpa.reverse";
};
Note: IPv6 reverse zone names are in nibble format, with ALL zeros expanded for the network prefix portion of the address, which is usually 64-bits in length
2. /var/named/zone_file
a. Include entries using the last 64-bits or IPv6 host part
d.a.a.4.b.1.e.f.f.f.e.5.a.0.2.0 IN PTR linuxcbtmedia1.linuxcbt.internal.
Note: When creating reverse IPv6 entries for hosts, do the following:
a. reverse the 64-bit portion of the address that corresponds to the host, expanding all zeros
b. Create PTR record based on the reverse, nibble-format of the address
Test using dig:
a. dig -x 2002:4687:db25:3:20a:5eff:fe1b:4aad
Thanking You
Hope U like it.....
