Presentation is loading. Please wait.

Presentation is loading. Please wait.

Created by : Ashish Shah, J.M.Patel College, Goregoan West

Published byJonathan Dickerson Modified over 6 years ago

Similar presentations

Presentation on theme: "Created by : Ashish Shah, J.M.Patel College, Goregoan West"— Presentation transcript:

1 Created by : Ashish Shah, J.M.Patel College, Goregoan West
DNS

2 Created by : Ashish Shah, J.M.Patel College, Goregoan West
WHAT IS DNS ? IP address is expressed as a group of numbers referred to as a dotted quad group. These groups of numbers present no problem to the computers in the network, but it is difficult for humans to remember many groups of numbers. Each time you type a Web site’s address into your browser, the Domain Name System (DNS) goes to work. You enter names that are easy for you to remember, and the names are resolved into numbers that computers find easy to understand.

3 Created by : Ashish Shah, J.M.Patel College, Goregoan West
DNS First, take a look at domain names and their organization using the domain name tactechnology.com. The first part of this domain name, tactechnology, is the name of the company, institution, or organization. The next part, after the period (dot in today’s vernacular) is called the top-level domain (TLD). In addition to the com top-level domain, you will find many others.

4 TOP-LEVEL DOMAIN MEANING
com A TLD typically used to register a business edu A TLD assigned to an educational institution gov A TLD given to a U.S. government agency mil A TLD used by a branch of the U.S. military net A TLD used by a network affiliated organization org A TLD used by a noncommercial organization int An TLD assigned to an international organization us The U.S. domain, with each listing as a lower level biz Another TLD used for businesses info A TLD that can be used for any type of organization name A TLD used to register sites for individuals museum A TLD used to register a museum coop A TLD assigned to a cooperative organization aero A TLD used by the air transport industry pro A TLD not yet active but assigned to professions travel A TLD that should be available in late 2005 used by travel related companies Created by : Ashish Shah, J.M.Patel College, Goregoan West

5 Installing the Software, DNS
Created by : Ashish Shah, J.M.Patel College, Goregoan West Installing the Software, DNS The most common DNS server used in current Fedora Core and Red Hat Enterprise Linux distributions is BIND, or the Berkeley Internet Name Daemon. The latest release of BIND can be obtained from the Internet Software Consortium at A very convenient and easy way to install the latest version of BIND is to look for the distribution specific package. Check the Web site for your distribution to locate the RPM for BIND.

6 Installing the Software, DNS
Created by : Ashish Shah, J.M.Patel College, Goregoan West Installing the Software, DNS The RPM version of BIND is included with the Red Hat installation CD-ROMs. The RPM file can be installed at the command line by using the rpm command.

7 TYPES OF DOMAINS Created by : Ashish Shah, J.M.Patel College, Goregoan West The three types of local domain name servers are master, or primary, slave, or secondary, and caching-only servers. Master — The master contains all the information about the domain and supplies this information when requested. A master server is listed as an authoritative server when it contains the information you are seeking and it can provide that information. Slave— The slave is intended as a backup in case the master server goes down or is not available. This server contains the same information as the master and provides it when requested if the master server cannot be contacted. Caching— A caching server does not provide information to outside sources; it is used to provide domain information to other servers and workstations on the local network. The caching server remembers the domains that have been accessed. Use of a caching server speeds up searches since the domain information is already stored in memory, and the server knows exactly where to go rather than having to send out a request for domain information.

8 Examining Server Configuration Files
Created by : Ashish Shah, J.M.Patel College, Goregoan West Examining Server Configuration Files Before you begin to configure your servers, you need to take a closer look at the files you need to configure. The number of files you will use depends on the type of BIND server you want to use. You need five files to set up the named server. Three files are required regardless of the configuration as a master, slave, or caching-only server, and two additional configuration files are used on the master server. There is also the script that is used to start the servers after they are configured, for a total of six possible files.

9 Examining Server Configuration Files
Created by : Ashish Shah, J.M.Patel College, Goregoan West The three required files are: named.conf — Found in the /etc directory, this file contains global properties and sources of configuration files. named.ca — Found in /var/named, this file contains the names and addresses of root servers. named.local — Found in /var/named, this file provides information for resolving the loopback address for the localhost. The two additional files required for the master domain server are: zone— This file contains the names and addresses of servers and workstations in the local domain and maps names to IP addresses. reverse zone — This file provides information to map IP addresses to names. The following script is used to start the BIND server: /etc/rc.d/init.d/named — This is the BIND server initialization file used to start BIND. A sample file is installed with the RPM from the Installation CDs.

10 Created by : Ashish Shah, J.M.Patel College, Goregoan West
The named.conf file Look at this file in more detail beginning with the lines starting with //. These are comment lines, and anything following them is ignored. Commands are passed to the file in the form of statements. These are listed here with a brief explanation of their function. options — Lists global configurations and defaults include — Gets information from another file and includes it acl — Specifies IP addresses used in an access control list logging — Specifies log file locations and contents server — Specifies properties of remote servers zone— Specifies information about zones key — Specifies security keys used for authentication Information about the statement is contained within curly braces and terminated by a semicolon: {information about server};.

11 named.conf file // named.conf for Red Hat caching-nameserver //
Created by : Ashish Shah, J.M.Patel College, Goregoan West // named.conf for Red Hat caching-nameserver // options { directory “/var/named”; dump-file “/var/named/data/cache_dump.db”; statistics-file “/var/named/data/named_stats.txt”; };

12 Created by : Ashish Shah, J.M.Patel College, Goregoan West
Options The options statement is typically the first section of named.conf, and it contains information about the location of the files used by named. You can use only one options statement, but you can have more than one value for that statement. By specifying the directory where other files are located, you make it unnecessary to list the entire path to the file; you just list the name of the file for any files shown in the remainder of named.conf. Options statements use the following syntax: options { Value “property”; } The list of values that can be used in the options statement is quite long.

13 Options Values and Their Meanings
Created by : Ashish Shah, J.M.Patel College, Goregoan West Options Values and Their Meanings allow-query : Accepts queries only from hosts in the address list (by default queries are accepted from any host).Usage: allow-query {“address-list”};. allow-transfer : Zone transfers are accepted only by hosts in the address list (by default transfers are allowed to all hosts). Usage: allow-transfer {“address list”};.

14 Options Values and Their Meanings
Created by : Ashish Shah, J.M.Patel College, Goregoan West Options Values and Their Meanings auth-nxdomain : The server responds as an authoritative server (defaults to yes). Usage: auth-nxdomain “yes or no”; (choose one). check-names Hostnames are checked for compliance with the RFC. Usage: check-names “master or slave or response warn or fail or ignore”; (choose one from each group). cleaning-interval Specifies the time period before expired resource records are removed by the server (defaults to 60 minutes). Usage: cleaning-interval “number”; (specify number in minutes). coresize Specifies largest size for core dump files. Usage: coresize “size”; (specify size in bytes).

15 controls { inet allow { localhost; } keys { rndckey; }; }; zone “.” IN { type hint; file “named.ca”; zone “localdomain” IN { type master; file “localdomain.zone”; allow-update { none; }; zone “localhost” IN { file “localhost.zone”; zone “ in-addr.arpa” IN { file “named.local”; include “/etc/rndc.key”; Created by : Ashish Shah, J.M.Patel College, Goregoan West

16 Created by : Ashish Shah, J.M.Patel College, Goregoan West
Include The include statement lists the path and name of any files that you want to be included with the named.conf file. Use the same syntax used in the options statement to specify the path.

17 hosts on this list have access to the server.
Created by : Ashish Shah, J.M.Patel College, Goregoan West Acl This option lets you specify a list of IP addresses in an access control list. Only hosts on this list have access to the server.

18 Logging Created by : Ashish Shah, J.M.Patel College, Goregoan West The logging statement is where you specify your server’s logging options. The logging statement contains two additional items, the channel and the category. The channel is where you specify the location of the logged information. Logged information can be written to a file, sent to the syslog, or thrown away by specifying the appropriate command.

19 Logging Created by : Ashish Shah, J.M.Patel College, Goregoan West The syntax for the logging statement is similar to the syntax for the option statement. The following commands send the information to a file. Items in italics indicate information you need to enter. logging { channel channel_name { file path to file versions specify number or unlimited size specify size in bytes } } If you want to send the information to the syslog, the syntax is: syslog (choose where to send from following choices) (kern,user,mail,daemon,auth,syslog,lpr,news,uucp,cron,\ authpriv,ftp,local0 thru local7) To discard the information, choose null as the destination. channel channel_name { null; }

20 Created by : Ashish Shah, J.M.Patel College, Goregoan West
Logging Next, you can set the severity level for the information written to the file or syslog. This section follows the sections shown previously for file or syslog. You also indicate here whether you want the time, category, and severity included. If you are discarding the information, you don’t need to set these parameters. severity choose from critical, error, warning, notice, info, debug\ level, dynamic print-time choose yes or no print-severity choose yes or no print-category choose yes or no

21 Created by : Ashish Shah, J.M.Patel College, Goregoan West
Logging The category is where you specify the type of information to log. This value follows the severity and print parameters and takes the following syntax: category category name { channel name; channel name; };

22 Logging Categories cname : Information about CNAME references
Created by : Ashish Shah, J.M.Patel College, Goregoan West Logging Categories cname : Information about CNAME references config I: nformation about configuration files db : Information about databases Default: The default if nothing is selected eventlib : Information about event system debugging insist : Details about failures from internal consistency checking lame-servers : Information about LAME servers load : Information about zone loading maintenance : Information about maintenance ncache : Information about negative caching notify : Information about tracing the NOTIFY protocol os : Information about operating system problems packet : Dumps of all sent and received packets panic : Information about faults that shut down the server Parser : Information about processing configuration commands queries : Information about all received DNS queries

23 server Created by : Ashish Shah, J.M.Patel College, Goregoan West In the server statement you can set the properties of a remote server. You can specify whether to send queries to the remote server from the local server, and you can set the method used for transferring information. The syntax for this statement is the same as for other statements. The following are valid values: bogus — Specify yes or no. No is the default and indicates that queries are sent to the remote server. Yes means that the remote server is not queried. transfer — Specify the number of transfers you want to allow. transfer-format — Specify whether you want one-answer or manyanswers. keys — Specify key ID (currently not implemented).

24 zones Created by : Ashish Shah, J.M.Patel College, Goregoan West The remainder of the listings in /etc/named.conf shown in Listing in named.conf are zone statements. These zone statements refer to files that are called zone files. Additional options for zone statements exist, of course. Each zone statement begins with the word zone followed by the domain name and the data class. The four data classes are in, hs, hesiod, and chaos. If no type is specified, the default is in, for Internet.

25 zone Created by : Ashish Shah, J.M.Patel College, Goregoan West The other options for the zone statements are listed here, along with an explanation of their function: allow-query — Accepts queries only from hosts in the address list (by default queries are accepted from any host). allow-transfer — Zone transfers are accepted only by hosts in the address list (by default transfers are allowed to all hosts). allow-update — Hosts in the address list are allowed to update the database. also-notify — Servers in the address list are sent a notify message when the zone is updated. check-names — Hostnames are checked for compliance with the RFC. max-transfer-time-in — Specifies the time the slave waits for a zone transfer. notify — When zone files are updated, this option, when set to yes, sends DNS NOTIFY messages (default is yes).

26 Created by : Ashish Shah, J.M.Patel College, Goregoan West
Zone Files Zone files contain resource records (RR) about IP addresses. Atypical zone file is shown below IN SOA localhost root ( 42 ; serial 3H ; refresh 15M ; retry 1W ; expiry 1D ) ; minimum IN NS localhost localhost IN A

27 SOA — Start of Authority
Created by : Ashish Shah, J.M.Patel College, Goregoan West SOA — Start of Authority The start of authority (SOA) is the first line in the zone file. The SOA identifies the name server as the authoritative source for information about that domain. Each zone file has only one SOA, and it contains the following data: @ IN SOA main.tactechnology.com. mail.tactechnology.com. (/ ; Serial 8h ;Refresh 2h ;Retry 1w ;Expire 1d) ; The first character in the SOA line is a special symbol that means “to look at this domain.” IN means Internet. SOA means Start of authority.

28 Created by : Ashish Shah, J.M.Patel College, Goregoan West
The Reverse Zone File You can also find a name from an IP number, and this is called reverse address resolution. All you need to do is enter the IP address, and the server returns the domain name. Reverse address resolution requires the use of a reverse zone file.

29 A typical reverse lookup zone file.
Created by : Ashish Shah, J.M.Patel College, Goregoan West A typical reverse lookup zone file. @ IN SOA localhost. root.localhost. ( ; Serial ; Refresh ; Retry ; Expire ) ; Minimum IN NS localhost. 1 IN PTR localhost.

30 Configuring a Caching DNS Server
Created by : Ashish Shah, J.M.Patel College, Goregoan West Configuring a Caching DNS Server Begin by verifying the zone information in /etc/named.conf. When you installed the BIND package, the /etc/named.conf file was created and it contained zone information for your localhost, but you need to check it to be sure. You are looking for two zone lines: one indicated by a “.”, referencing the file named.ca, and one shown as “ in.addr.arpa”, referencing named.local.

31 Created by : Ashish Shah, J.M.Patel College, Goregoan West
Next, you need to check the configuration of the /var/named/named.local file. This file contains the domain information for the localhost and is typically created when BIND is installed. You usually don’t have to make any changes to /var/named/named.local. This domain is a reverse domain in that it is used to map the loopback address to the localhost name. You need to check the /etc/nsswitch file to be sure it contains the following line: hosts: files dns You need to check the /etc/resolv.conf file to make sure that the IP address ( ) of your localhost is listed as a name server. Finally, you need to check that your /etc/host.conf contains the word bind. After you have completed all of the previous steps, it is time to start the named daemon and check your work. Type service named start at a command prompt, press Enter, wait for the prompt to return, and then type rndc status. Press Enter. You will see output similar to this: number of zones: 8 debug level: 0 xfers running: 0 xfers deferred: 0 SOA queries in progress: 0 query logging is off server is up and running You have successfully configured and started your caching name server

Download ppt "Created by : Ashish Shah, J.M.Patel College, Goregoan West"

Similar presentations

1 Dynamic DNS. 2 Module - Dynamic DNS ♦ Overview The domain names and IP addresses of hosts and the devices may change for many reasons. This module focuses.

1 Dynamic DNS. 2 Module - Dynamic DNS ♦ Overview The domain names and IP addresses of hosts and the devices may change for many reasons. This module focuses.
Web Server Administration

Web Server Administration
Web Server Administration Chapter 4 Name Resolution.

Web Server Administration Chapter 4 Name Resolution.
Domain Name System. DNS is a client/server protocol which provides Name to IP Address Resolution.

Domain Name System. DNS is a client/server protocol which provides Name to IP Address Resolution.
DNS server & Client Objectives Contents

DNS server & Client Objectives Contents
DNS Domain name server – a server to translate IP aliases to addresses As you know, IP (internet protocol) works by providing every Internet machine with.

DNS Domain name server – a server to translate IP aliases to addresses As you know, IP (internet protocol) works by providing every Internet machine with.
DNS. DNS is a network service that enables clients to resolve names to IP address and vice-versa. Allows machines to be logically grouped by domain names.

DNS. DNS is a network service that enables clients to resolve names to IP address and vice-versa. Allows machines to be logically grouped by domain names.
1 DNS. 2 BIND DNS –Resolve names to IP address –Resolve IP address to names (reverse DNS) BIND –Berkeley Internet Name Domain system Version 4 is still.

1 DNS. 2 BIND DNS –Resolve names to IP address –Resolve IP address to names (reverse DNS) BIND –Berkeley Internet Name Domain system Version 4 is still.
The Domain Name System. CeylonLinux DNS concepts using BIND 2 Hostnames IP Addresses are great for computers –IP address includes information used for.

The Domain Name System. CeylonLinux DNS concepts using BIND 2 Hostnames IP Addresses are great for computers –IP address includes information used for.
Domain Name System (DNS) Network Information Center (NIC) : HOSTS.TXT.

Domain Name System (DNS) Network Information Center (NIC) : HOSTS.TXT.
Hands-On Microsoft Windows Server 2003 Networking Chapter 6 Domain Name System.

Hands-On Microsoft Windows Server 2003 Networking Chapter 6 Domain Name System.
The Domain Name System Unix System Administration Download PowerPoint Presentation.

The Domain Name System Unix System Administration Download PowerPoint Presentation.
Hands-On Microsoft Windows Server 2003 Networking Chapter 7 Windows Internet Naming Service.

Hands-On Microsoft Windows Server 2003 Networking Chapter 7 Windows Internet Naming Service.
Hands-On Microsoft Windows Server 2003 Administration Chapter 9 Administering DNS.

Hands-On Microsoft Windows Server 2003 Administration Chapter 9 Administering DNS.
DOMAIN NAMING SYSTEM (AN OVERVIEW) By -DEEPAK. Topics --DNS What is DNS? Purpose of DNS DNS configuration files.

DOMAIN NAMING SYSTEM (AN OVERVIEW) By -DEEPAK. Topics --DNS What is DNS? Purpose of DNS DNS configuration files.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.
Domain Name Services Oakton Community College CIS 238.

Domain Name Services Oakton Community College CIS 238.
DNS. Introduction What is DNS? –Hierarchy or Tree –Dot used as a separator.

DNS. Introduction What is DNS? –Hierarchy or Tree –Dot used as a separator.
New SA Training Topic 7: DNS and DHCP To implement the underlying basis for our organizations networking, we rely on two fundamental services  DNS – the.

New SA Training Topic 7: DNS and DHCP To implement the underlying basis for our organizations networking, we rely on two fundamental services  DNS – the.
TELE 301 Lecture 11: DNS 1 Overview Last Lecture –Scheduled tasks and log management This Lecture –DNS Next Lecture –Address assignment (DHCP)

TELE 301 Lecture 11: DNS 1 Overview Last Lecture –Scheduled tasks and log management This Lecture –DNS Next Lecture –Address assignment (DHCP)

Similar presentations

Ads by Google