Services: DNS domain name system



Similar documents
Configuring the BIND name server (named) Configuring the BIND resolver Constructing the name server database files

DNS. Computer Networks. Seminar 12

DNS and BIND Primer. Pete Nesbitt linux1.ca. April 2012

- Domain Name System -

ECE 4321 Computer Networks. Network Programming

Domain Name Server. Training Division National Informatics Centre New Delhi

DNS. Computer networks - Administration 1DV202. fredag 30 mars 12

Using Webmin and Bind9 to Setup DNS Sever on Linux

DNS and BIND. David White

DNS Service on Linux. Supawit Wannapila CCNA, RHCE

Introduction to DNS and Application Issues related to DNS. Kirk Farquhar

Creating a master/slave DNS server combination for your Grid Infrastructure

Zimbra :: The Leader in Open Source Collaboration. Administrator's PowerTip #3: June 21, 2007 Zimbra Forums - Zimbra wiki - Zimbra Blog

netkit lab load balancer dns 1.2 Massimo Rimondini Version Author(s)

The Domain Name System: An Integral Part of the Internet. By Keiko Ishioka

Building a Linux IPv6 DNS Server

Solaris Networking Guide. Stewart Watkiss. Volume. New User To Technical Expert Solaris Bookshelf. This document is currently under construction

CSIS 3230 Computer Networking Principles, Spring 2012 Lab 7 Domain Name System (DNS)

Deploying & Configuring a DNS Server on OpenServer 6 or UnixWare 7. Kirk Farquhar

Simple DNS Configuration Example

Motivation. Domain Name System (DNS) Flat Namespace. Hierarchical Namespace

Understand Names Resolution

DNS : Domain Name System

How to set up the Integrated DNS Server for Inbound Load Balancing

DNS. The Root Name Servers. DNS Hierarchy. Computer System Security and Management SMD139. Root name server. .se name server. .

Introduction to the Domain Name System

Local DNS Attack Lab. 1 Lab Overview. 2 Lab Environment. SEED Labs Local DNS Attack Lab 1

Lab 4 Domain Name System - DNS CMPE 150

Domain Name System (DNS) Fundamentals

DNS + DHCP. Michael Tsai 2015/04/27

Lecture 2 CS An example of a middleware service: DNS Domain Name System

Overview. Principles Creating reverse zones Setting up nameservers Reverse delegation procedures IPv6 Reverse DNS

Application Protocols in the TCP/IP Reference Model

Application Protocols in the TCP/IP Reference Model. Application Protocols in the TCP/IP Reference Model. DNS - Concept. DNS - Domain Name System

Domain Name System. Heng Sovannarith

Distributed Systems. 09. Naming. Paul Krzyzanowski. Rutgers University. Fall 2015

Domain Name System (DNS) Session-1: Fundamentals. Ayitey Bulley

DNS - Domain Name System

Networking Domain Name System

Agenda. Network Services. Domain Names. Domain Name. Domain Names Domain Name System Internationalized Domain Names. Domain Names & DNS

Introduction to DNS CHAPTER 5. In This Chapter

Copyright

CS3250 Distributed Systems

DNS Session 4: Delegation and reverse DNS. Joe Abley AfNOG 2006 workshop

How to Add Domains and DNS Records

DNS Domain Name System

netkit lab dns Università degli Studi Roma Tre Dipartimento di Informatica e Automazione Computer Networks Research Group Version Author(s)

Chapter 7 Implementing Domain Name System (DNS)

Installing and Setting up Microsoft DNS Server

DNS Domain Name System

CS 348: Computer Networks. - DNS; 22 nd Oct Instructor: Sridhar Iyer IIT Bombay

The Domain Name System (DNS)

Application Protocols in the TCP/IP Reference Model. Application Protocols in the TCP/IP Reference Model. DNS - Domain Name System

Names vs. Addresses. Flat vs. Hierarchical Space. Domain Name System (DNS) Computer Networks. Lecture 5: Domain Name System

How To Guide Edge Network Appliance How To Guide:

HTG XROADS NETWORKS. Network Appliance How To Guide: EdgeDNS. How To Guide

Networking Domain Name System

Tunnel Client FAQ. Table of Contents. Version 0v5, November 2014 Revised: Kate Lance Author: Karl Auer

How to Configure Split DNS

Windows 2008 Server. Domain Name System Administración SSII

The Domain Name System

How to Configure the Windows DNS Server

DNS. DNS Fundamentals. Goals of this lab: Prerequisites: LXB, NET

Domain Name System (DNS) RFC 1034 RFC

Understanding DNS: Essential knowledge for all IT professionals

Naming and the DNS. Focus. How do we name hosts etc.? Application Presentation Topics. Session Domain Name System (DNS) /URLs

How-to: DNS Enumeration

Domain Name Servers. Domain Types WWW host names. Internet Names. COMP476 Networked Computer Systems. Domain Name Servers

Understanding DNS By Robert Sterler

DNS based Load Balancing with Fault Tolerance

Red Hat system-config-bind BIND (Berkeley Internet Name Domain) DNS ( Domain Name System)

Application and service delivery with the Elfiq idns module

How To Manage Dns On An Elfiq Link Load Balancer (Link Balancer) On A Pcode (Networking) On Ipad Or Ipad (Netware) On Your Ipad On A Ipad At A Pc Or Ipa

Networking Domain Name System

what s in a name? taking a deeper look at the domain name system mike boylan penn state mac admins conference

Hostnames. HOSTS.TXT was a bottleneck. Once there was HOSTS.TXT. CSCE515 Computer Network Programming. Hierarchical Organization of DNS

APNIC elearning: Reverse DNS for IPv4 and IPv6

DNS Pharming Attack Lab

2G1701 Advanced Internetworking Group 5 : KiStaNEt ISP Project Report

Copyright International Business Machines Corporation All rights reserved. US Government Users Restricted Rights Use, duplication or disclosure

Domain Name System :49:44 UTC Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement

Understanding DNS (the Domain Name System)

DNS and Interface User Guide

HTG XROADS NETWORKS. Network Appliance How To Guide: DNS Delegation. How To Guide

Domain Name System (DNS)

The Use of DNS Resource Records

Securing an Internet Name Server

Domain Name System Security

Domain Name System DNS

netkit lab Università degli Studi Roma Tre Dipartimento di Informatica e Automazione Computer Networks Research Group Version 1.

walkthrough Università degli Studi Roma Tre Dipartimento di Informatica e Automazione Computer Networks Research Group Version 1.

Computer Networks: Domain Name System

Part 5 DNS Security. SAST01 An Introduction to Information Security Martin Hell Department of Electrical and Information Technology

Transcription:

Services: DNS domain name system David Morgan Buying numbers and names numbers are IP addresses you buy them from an ISP the ISP makes sure those addresses go to your place the names are domain names you buy them from a name registrar if you can connect the names to the addresses, those names will go to your place 1

Grouping numbers and names grouping IP addresses is called subnetting you buy 164.67.*.* from an ISP you define subgroups 164.67.78.* 164.67.79.* etc grouping names is called creating zones you buy mycompany.com from a name registrar you define machine names like vp.mycompany.com you define subgroups like sales.mycompany.com you define machine names like manny.sales.mycompany.com, moe.sales.mycompany.com, jack.sales.mycompany.com DNS job 1: Assigning your numbers to your names by a cross-correlation of your choosing, and making the assignments accessible to the world by dynamic software lookup. Then, the world can use your names and forget about your numbers. 2

A poor-man man s, non-dns alternative: /etc/hosts # Do not remove the following line, or various programs # that require network functionality will fail. 127.0.0.1 hostz hostz.linnet.edu localhost.localdomain localhost 164.67.79.150 hostz.linnet.edu 164.67.79.151 hosta.linnet.edu 164.67.79.152 hostb.linnet.edu 164.67.79.153 hostc.linnet.edu 164.67.79.154 hostd.linnet.edu 164.67.79.155 hoste.linnet.edu 164.67.79.156 hostf.linnet.edu 164.67.79.157 hostg.linnet.edu 164.67.79.158 hosth.linnet.edu 164.67.79.159 hosti.linnet.edu 164.67.79.160 hostj.linnet.edu 164.67.79.161 hostk.linnet.edu 164.67.79.162 hostl.linnet.edu 164.67.79.163 hostm.linnet.edu 164.67.79.164 hostn.linnet.edu 164.67.79.165 hosto.linnet.edu 164.67.79.166 hostp.linnet.edu 164.67.79.167 hostq.linnet.edu 164.67.79.168 hostr.linnet.edu Resolvers Clients that query name-number databases Functions issue query interpret response return response to program that requested it Resolvers can query local /etc/hosts file 3

The domain name space root com edu gov jp au top-level domains smc ucla 1st-level domains homepage www sputnik 198.147.67.246 198.147.67.242 207.151.69.250 hosts (computers) Name-address address correlation table Name homepage.smc.edu www.smc.edu sputnik.smc.edu Address 198.147.67.246 198.147.67.242 207.151.69.250 4

Addresses in a nameserver s database Always (permanent, file-based) for the nameserver s own domain the hosts in it for a subdomain of the nameserver s domain the hosts in it, or the nameserver(s) for it hosts in the root zone Maybe (transient, cache-based) for other, unrelated domains some of the hosts in those Name-resolution process Computers (including nameservers) query nameservers 2 query types recursive iterative Resolvers can query nameservers configured with addresses of a few known namservers 5

Name-resolution process name server query for www.smc.edu referral to eduname servers query for www.smc.edu referral to smc name servers. name server edu name server query for www.smc.edu query (for www.smc.edu) resolver answer (198.147.67.242) address of www.smc.edu smc name server recursive query iterative queries Or maybe just name server query for www.smc.edu referral to smc name servers edu name server query for www.smc.edu query (for www.smc.edu) resolver answer (198.147.67.242) address of www.smc.edu smc name server recursive query iterative queries 6

Or maybe just name server query for www.smc.edu query (for www.smc.edu) resolver answer (198.147.67.242) address of www.smc.edu smc name server recursive query iterative queries Or maybe just name server query (for www.smc.edu) answer (198.147.67.242) resolver recursive query 7

DNS mechanism A decentralized, distributed database for the internet as a whole. You keep the part internal to your company on your own nameserver for others to access. They do the same for you. Software on linux to integrate your name-number list into the global database is Berkeley Internet Name Daemon (BIND). You supply your name-number list to BIND and BIND makes it available to outsiders. DNS implements 2 lookup types Forward lookup given a name provides a number Reverse lookup give a number provides a name 8

BIND s files /etc/named.conf identifies the others /var/named/ F F R F R R F R root server list forward/reverse pair for self forward/reverse set for each zone you create RedHat 8 default fileset /etc/named.conf named.ca localhost.zone named.local /var/named/ F F R No created zones! named.ca localhost.zone named.local 9

DNS and BIND s example fileset /etc/named.conf db.cache db.127.0.0 db.movie.edu db.192.249.249 db.192.253.253 /var/named/ F F R F R R db.cache db.127.0.0 db.movie.edu db.192.249.249 db.192.253.253 Homegrown fileset /etc/named.conf db.cache db.127.0.0 db.linnet db.128.97.25 /var/named/ F F R F R db.cache db.127.0.0 db.linnet db.128.97.25 10

Zone data files have resource records of several types SOA indicates authority for this zone NS lists name server for this zone A name-to-address mapping PTR address-to-name mapping others SOA record start of authority <zone> IN SOA <zone s nameserver> <mail address> <numeric data for slaves> movie.edu. IN SOA terminator.movie.edu. al.robocop.movie.edu. ( 1 ; serial 3h ; Refresh after 3 hours 1h ; Retry after 1 hour 1w ; Expire after 1 week 1h) ; Negative caching TTL of 1 day 11

NS record name server <name> IN NS <zone s nameserver> movie.edu. IN NS terminator.movie.edu. movie.edu. IN NS wormhole.movie.edu. A record address <name> IN A <address> terminator.movie.edu. IN A 192.249.249.3 diehard.movie.edu. IN A 192.249.249.4 12

PTR record pointer <adddress in a name form> IN PTR <name> 3.249.249.192.in-addr.arpa. IN PTR terminator.movie.edu. 4.249.249.192.in-addr.arpa. IN PTR wormhole.movie.edu. Notation shortcuts Appending domain names @ notation Repetition of name from last resource record 13

Appending domain names 2 nd field of named.conf s zone statement is a domain name Serves as origin of corresponding zone file s data Gets auto-appended to all names in zone file that don t end with a. @ notation found in a zone file abbreviates that zone file s origin/domain name (from named.conf), with trailing dot most common in SOA records 14

Name repetition for lines that begin with space or tab name from last resource record is implied at beginning of such lines Running the nameserver conventional, as other servers /etc/rc.d/init.d/named { start, stop, restart, status } service named { start, stop, restart, status } 15

Client side resolver configuration /etc/resolv.conf and /etc/host.conf resolv.conf contains directives of type nameserver domain search host.conf contains directives of type order trim multi man resolv.conf man host.conf tools dig nslookup h2n converts /etc/hosts to DNS fileset ftp://ftp.oreilly.com/published/oreilly/nutshell/dnsbind/dns.4ed.tar.z $ zcat dns.tar.z tar xf or (may be more up to date) ftp://ftp.hpl.hp.com/pub/h2n/h2n.tar.gz webmin redhat-config-bind 16

Biblio DNS and BIND, Albitz and Liu, O Reilly, 4 th ed. 2001 http://www.ibiblio.org/pub/linux/docs/howto/ot her-formats/html_single/dns-howto.html#ss5.1 17

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information