1. What is DNS?
DNS stands for Domain Naming System. The DNStranslates
Internet domain and host names to IP addresses. DNS automatically
converts the names we type in our Web browser address bar to the IP addresses
of Web servers hosting those
sites.
DNS
implements a distributed database to store this name and address information
for all public hosts on the Internet.
DNS assumes IP addresses do not change (are statically assigned rather than
dynamically assigned).
2. What is DNS
server and how it works?
In any network, the hosts primarily communicate between each other
through IP addresses. For example, if my computer
is doing a google search, my computer is actually communicating with the IP
address of one of the web servers of
google.com. However, even if the computer is efficient with numbers, humans on
the other hand work better with
names. For this reason, the TCP/IP protocol includes the Domain Name
System (DNS) to link between
IPs and computer names i.e. hostnames. The DNS is a distributed database of
computers that is responsible
for resolving hostnames against IP addresses and vice-versa.
Any
DNS query involves two parts.
(i) The Resolver: The
resolver forms up or initiates the query. The resolver itself does not run as a
program. /etc/resolve.conf is an example of a resolver.
(ii) Name Server: The Name
Server is the service running in the server that responds to the DNS query generated by the
resolver i.e. answers to the question of the resolver.
The working DNS :
(i) The client
initiates a query to find a domain
example.com. The client sends the query to the DNS server of the ISP. (The DNS Server IP in the
client computer is set as the IP address of the DNS Server of the ISP)
(ii) The DNS Server of the ISP first
checks it's own cache to check whether it already knows the answer. But as the
answer is not present, it generates another query. As the Top Level Domain of example.com is
.com, so
the DNS server queries the Internet Registration Authority to find
who is responsible for example.com.
(iii) The Internet Registration Authority responds to the ISP by answering the query.
(iv)
Once the ISP DNS Server knows the authoritative name servers, it contacts the
authoritative name servers to find out the IP address for www.example.com i.e. the IP address of host www in the domain example.com. (v) example.com
responds to the ISP DNS Server by answering the query and providing the IP
address of the web
server i.e. www
(vi) The ISP DNS Server stores the answer in it's cache for future use and
answers to the client by sending the IP address of the www server.
(vii)
The client may store the answer to the DNS query in it's own cache for future
use. Then the client communicates directly with the www server of domain example.com using the IP address.
(viii)
The www server responds by sending the index.html page.
3. What is the
format of the domain name?
Like a physical address, internet domain names are hierarchical way.
If the Fully Qualified Domain Name is www.google.co.in , the www
is the Hostname, google
is the Domain, co is the
Second Level Domain
and in is the
Top Level Domain.
4. What are the
files we have to edit to configure the
DNS?
There
are four files to edit to configure the DNS. They
are /etc/named.conf, /etc/named.rfc1912.zones, Forward
Lookup Zoneand Reverse Lookup
Zone. DNS provides a centralised database for
resolution. Zone
is
storage databasewhich contains all the records.
Forward
Lookup Zone is used to resolveHostnames to IP
addresses.
Reverse
Lookup Zone is used to resolve IP
addresses to Hostnames.
5. What are the DNS
record and explain them?
(i) SOA Record : (Start
of Authority)
SOA contains the general administration and
control information about the
domain.
(ii) Host A
Record :
(a) It is
nothing but aForward Lookup
Zone.
(b) It maps
Hostname to IP address.
(iii) PTR
: (Pointer Record)
(a) It is nothing but a Reverse Lookup
Zone.
(b) It maps
IP address to Hostname.
(iv) NS Record : (Name
Server Record)
It stores the
DNS server IP addresses.
(v) MX Record : (Mail
Exchange Record)
It stores the records of the Mail Server
IP address.
(vi)
CNME
Record :
It is nothing but Host's Canonical
name allows additional names or
aliases to be used locate a system.
6. What is the
profile of the DNS?
Package : bind
and caching-name
Script : /etc/init.d/named
Configuration file : /etc/named.conf and
/etc/named.rfc1912.zones
Client's configuration file : /etc/resolve.conf
Document root : /var/named/
Log file : /var/log/messages
Deamon : named
Port number : 53
7. How to configure
the DNS
server?
(i) Install the packages bind, caching-name for RHEL - 6
&bind, cashing-name
and unbound for
RHEL - 7.
# yum
install bind* caching-name* -y (to
install the DNS packages
for RHEL - 6)
# yum
install bind* caching-name* unbound*
-y (to install
the DNS
packages for RHEL - 7)
(ii) Change the hostname by adding fully qualified domain
name and make it permanent.
# hostname
#
hostname server9.example.com (example for setting hostname temporarily in RHEL - 6)
# hostnamectl set
(to
change the hostname in RHEL - 7)
#
hostnamectl set server9.example.com (example for
setting hostname temporarily in RHEL - 7)
# vim /etc/hosts (open this file and go to last
line and
type as below in RHEL - 6
only)
172.25.9.11 server9.example.com server9 (for example of the above syntax)
# vim
/etc/sysconfig/network (open this file and go to last line and
type as below in RHEL - 6
only)
HOSTNAME=
HOSTNAME=server9.example.com (for
example of the above syntax)
(ii) Open the DNS
main configuration file by # vim
/etc/named.conf command.
* Go to line number 11
and edit this line as below.
listen-on port
53 { 127.0.0.1;
; };
Example : listen-on
port 53 {127.0.0.1;
172.25.9.11; };
* Go to line number 17 and edit this line as below.
allow-query {
localhost; /; };
Example : allow-query {localhost; 172.25.9.0/24; }; (save and
exit this file)
(iii) Open the DNS
zone reference file by # vim
/etc/named.rfc1912.zones
command
* Go to line number 19
and copy 5
lines and paste them at last of the file.
zone "" IN
{
type-master;
file "";
allow-update {
none; };
};
Example : zone "example.com" IN
{
type-master;
file
"named.forward";
allow-update {
none; };
};
* Go to line number 31
and copy 5
lines and paste them at last of the file.
zone " . in . addr . arpa" IN
{
type-master;
file "";
allow-update {
none; };
};
Example : zone "9.25.172 . in . addr . arpa" IN
{
type-master;
file
"named.reverse";
allow-update {
none; };
}; (save and
exit this file)
(iv)
Copy /var/named/named.localhost file
to /var/named/named.forward
and edit as follows.
# cp
-p /var/named/named.localhost /var/named/named.forward
# vim
/var/named/named.forward
* Go
to line number 2 and edit as follows.
@ IN SOA
. com root .
.
{
* Go
to line number 8 and edit
as follows.
NS .
A
www IN CNAME
Example : The line number 2
should be edited as follows.
@ IN SOA
server9.example.com.
root.example.com. {
The line number 8
should be edited as follows.
NS server9.example.com.
A 172.25.9.11
server9.example.com.
IN A 172.25.9.11
client9.example.com.
IN A 172.25.9.10
client10.example.com.
IN A 172.25.9.12
client11.example.com.
IN A 172.25.9.13
www
IN CNAME
server9.example.com. (save and
exit this file)
(v)
Copy /var/named/named.empty file
to /var/named/named.reverse
and edit as follows.
# cp
-p /var/named/named.empty /var/named/named.reverse
# vim
/var/named/named.reverse
* Go
to line number 2 and
edit as follows.
@ IN SOA
. com root .
.
{
* Go
to line number 8 and
edit as follows.
NS .
www IN CNAME
Example : The line
number 2
should be edited as follows.
@ IN SOA
server9.example.com.
root.example.com. {
The line number 8
should be edited as follows.
NS server9.example.com.
11
IN PTR server9.example.com.
10
IN PTR client9.example.com.
12
IN PTR client10.example.com.
13
IN PTR client11.example.com.
server9.example.com. IN
A 172.25.9.11
www
IN CNAME
server9.example.com. (save and
exit this file)
(vi)
Check the DNS configuration files for syntax errors.
#
named-checkconf /etc/named.conf
#
named-checkconf
/etc/named.rfc1912.zones
#
name-checkzone
Example : # named-checkzone example.com /var/named/named.forward
#
named-checkzone
Example : # named-checkzone example.com /var/named/named.reverse
(vii)
Give full permissions to the
forward and reverse
lookup zones.
# chmod
777 /var/named/named.forward
#
chmod 777 /var/named/named.reverse
(viii)
Open
/etc/sysconfig/network-scripts/ifcfg-eth0 and enter
the DNS
domain details if not present.
# vim
/etc/sysconfig/network-scripts/ifcfg-eth0 (go to last line and type
as follows)
DNS 1=example.com (save and
exit this file)
(ix)
Add the DNS server
IP address in /etc/resolve.conf
#
vim /etc/resolve.conf
search
namesever
Example :
search example.com
nameserver 172.25.9.11 (save and
exit this file)
(x) Restart the DNS
server deamons.
#
service named restart (to restart the deamon
in RHEL - 6)
#
chkconfig named on (to enable the deamon
at next boot time in RHEL - 6)
#
systemctl restart named
unbound (to restart the
deamons in RHEL - 7)
#
systemctl enable named
unbound (to enable the deamons
at next boot time in RHEL -7)
(xi)
Add the DNS service to the IP tables
and Firewall.
#
setup (then
select the Firewall configuration
option and add
DNS in RHEL - 6)
#
service iptables restart (to
restart the IP tables in RHEL - 6)
#
service iptables save (to
save the IP tables in RHEL - 6)
#
firewall-cmd --permanent --add-service=dns (to add the DNS service to firewall in
RHEL - 7)
#
firewall-cmd --complete-reload (to reload the firewall in
RHEL - 7)
(xi) Check
whether the DNS is resolving
or not.
#
dig (to check the resolving from hostname
to IP address)
#
dig -x (to check the resolving from IP address
to hostname)
Example : # dig
server9.example.com
# dig
-x 172.25.9.11
(xii)
Check the resolution with ping test.
# ping
-c3 (to check the ping test with hostname)
# ping
-c3 (to check the ping test with IP address)
Example :
#
ping -c3 server9.example.com
#
ping -c3 172.25.9.11
(xiii)
Check the resolution with host command.
# host
(to check the resolution with hostname)
# host
(to check the resolution with IP address)
Example :
# host server9.example.com
# host 172.25.9.11
(xiv)
Check the resolution with nslookup command.
# nslookup (to check the resolution with hostname)
# nslookup (to check the resolution with IP address)
Example :
# nslookup server9.example.com
# nslookup 172.25.9.11
8. How to configure
the DNS
client?
(i) First assign the static IP address to the client.
(ii) Set the hostname to the client.
(iii)
Restart the network service by #service
network restart command.
(iv) Open
/etc/resolve.conf file and
edit as below.
# vim /etc/resolve.conf
search
nameserver
Example :
search
example.com
nameserver
172.25.9.11 (save and
exit this file)
(v) Check whether the
DNS is resolving or not.
#
dig (to check the resolving from hostname
to IP address)
#
dig -x (to check the resolving from IP address
to hostname)
Example : # dig
server9.example.com
# dig
-x 172.25.9.11
# dig client9.example.com
# dig
-x 172.25.9.10
(vi)
Check the resolution with ping test.
# ping
-c3 (to check the ping test with hostname)
# ping
-c3 (to check the ping test with IP address)
Example :
# ping
-c3 client9.example.com
# ping
-c3 172.25.9.10
# ping
-c3 server9.example.com
# ping
-c3 172.25.9.11
(vii)
Check the resolution with host command.
# host
(to check the resolution with hostname)
# host
(to check the resolution with IP address)
Example :
# host server9.example.com
# host 172.25.9.11
# host client9.example.com
# host 172.25.9.10
(viii)
Check the resolution with nslookup command.
# nslookup (to check the resolution with hostname)
# nslookup (to check the resolution with IP address)
Example :
# nslookup server9.example.com
# nslookup 172.25.9.11
# nslookup client9.example.com
# nslookup 172.25.9.10
9. How to configure
the Secondary DNS
server?
(i) Install the packages bind, caching-name
for RHEL - 6 &bind, cashing-name
and unbound for
RHEL - 7.
# yum
install bind* caching-name* -y (to
install the DNS packages
for RHEL - 6)
# yum
install bind* caching-name* unbound*
-y (to install
the DNS
packages for RHEL - 7)
(ii) Change the hostname by adding fully qualified domain
name and make it permanent.
# hostname
#
hostname server6.example.com (example for setting hostname temporarily in RHEL - 6)
# hostnamectl set
(to
change the hostname in RHEL - 7)
#
hostnamectl set server6.example.com (example for setting hostname temporarily in RHEL - 7)
# vim
/etc/hosts (open this file and go to last line and
type as below in RHEL - 6
only)
172.25.6.11 server6.example.com server6 (for example of the above syntax)
# vim
/etc/sysconfig/network (open this file and go to last line and
type as below in RHEL - 6
only)
HOSTNAME=
HOSTNAME=server6.example.com (for
example of the above syntax)
(ii) Open the DNS
main configuration file by # vim
/etc/named.conf command.
* Go to line number 11
and edit this line as below.
listen-on port
53 { 127.0.0.1;
; };
Example : listen-on
port 53 {127.0.0.1;
172.25.6.11; };
* Go to line number 17 and edit this line as below.
allow-query {
localhost; /; };
Example : allow-query {localhost; 172.25.6.0/24; }; (save and
exit this file)
(iii) Open the DNS
zone reference file by # vim
/etc/named.rfc1912.zones
command
* Go to line number 19
and copy 5
lines and paste them at last of the file.
zone "" IN
{
type-slave;
file "slaves/";
master {
};
Example : zone "example.com" IN
{
type-slave;
file
"slaves/named.forward";
master { 172.25.9.11; };
};
* Go to line number 31
and copy 5
lines and paste them at last of the file.
zone " . in . addr . arpa" IN
{
type-slave;
file "slaves/";
master {
};
Example : zone "9.25.172 . in . addr .
arpa" IN {
type-slave;
file
"slaves/named.reverse";
master
{ 172.25.9.11; };
}; (save and
exit this file)
(iv)
Copy /var/named/slaves/named.localhost to /var/named/slaves/named.forward
and edit as follows.
# mkdir
/var/named/slaves
# cp
-p /var/named/slaves/named.localhost /var/named/slaves/named.forward
# vim
/var/named/slaves/named.forward
* Go
to line number 2 and
edit as follows.
@ IN SOA
. com root
. . {
* Go
to line number 8 and
edit as follows.
NS .
A
www IN CNAME
Example : The line number 2
should be edited as follows.
@ IN SOA
server6.example.com.
root.example.com. {
The line number 8
should be edited as follows.
NS server6.example.com.
A 172.25.6.11
server6.example.com.
IN A 172.25.6.11
server9.example.com.
IN A 172.25.9.11
client9.example.com.
IN A 172.25.9.10
client10.example.com.
IN A 172.25.9.12
client11.example.com.
IN A 172.25.9.13
www
IN CNAME
server6.example.com. (save and
exit this file)
(v)
Copy /var/named/slaves/named.empty file
to /var/named/slaves/named.reverse
and edit as follows.
# cp
-p /var/named/slaves/named.empty /var/named/slaves/named.reverse
# vim
/var/named/slaves/named.reverse
* Go
to line number 2 and
edit as follows.
@ IN SOA
. com root
. . {
* Go
to line number 8 and
edit as follows.
NS .
www IN CNAME
Example : The line number 2
should be edited as follows.
@ IN SOA
server6.example.com.
root.example.com. {
The line number 8
should be edited as follows.
NS server6.example.com.
11
IN PTR server6.example.com.
11
IN PTR server9.example.com.
10
IN PTR client9.example.com.
12
IN PTR client10.example.com.
13
IN PTR client11.example.com.
server6.example.com. IN
A 172.25.6.11
www
IN CNAME
server6.example.com. (save and
exit this file)
(vi)
Check the DNS configuration files for syntax errors.
#
named-checkconf /etc/named.conf
#
named-checkconf
/etc/named.rfc1912.zones
#
name-checkzone
Example : # named-checkzone example.com /var/named/slaves/named.forward
#
named-checkzone
Example : # named-checkzone example.com /var/named/slaves/named.reverse
(vii)
Give full permissions to the
forward and reverse
lookup zones.
# chmod
777 /var/named/slaves/named.forward
#
chmod 777 /var/named/slaves/named.reverse
(viii)
Open
/etc/sysconfig/network-scripts/ifcfg-eth0 and
enter the DNS domain details if not present.
# vim
/etc/sysconfig/network-scripts/ifcfg-eth0 (go to last line and type
as follows)
DNS 1=example.com (save and
exit this file)
(ix)
Add the DNS server
IP address in /etc/resolve.conf
#
vim /etc/resolve.conf
search
namesever
namesever
Example :
search example.com
nameserver 172.25.9.11
nameserver 172.25.6.11 (save and
exit this file)
(x) Restart the DNS
server deamons.
#
service named restart (to restart the deamon
in RHEL - 6)
#
chkconfig named on (to enable the deamon
at next boot time in RHEL - 6)
#
systemctl restart named
unbound (to restart the
deamons in RHEL - 7)
#
systemctl enable named
unbound (to enable the deamons
at next boot time in RHEL -7)
(xi)
Add the DNS service to the IP tables
and Firewall.
#
setup (then
select the Firewall configuration
option and add
DNS in RHEL - 6)
#
service iptables restart (to
restart the IP tables in RHEL - 6)
#
service iptables save (to
save the IP tables in RHEL - 6)
#
firewall-cmd --permanent --add-service=dns (to add the DNS service to firewall in
RHEL - 7)
#
firewall-cmd --complete-reload (to reload the firewall in
RHEL - 7)
(xi) Check
whether the DNS is resolving
or not.
#
dig (to check the resolving from hostname
to IP address)
#
dig -x (to check the resolving from IP address
to hostname)
Example : # dig
server6.example.com
# dig
-x 172.25.6.11
(xii)
Check the resolution with ping test.
# ping
-c3 (to check the ping
test with hostname)
# ping
-c3 (to check
the ping test with IP address)
Example :
# ping
-c3 server6.example.com
# ping
-c3 172.25.6.11
(xiii)
Check the resolution with host command.
# host
(to
check the resolution with hostname)
# host
(to check the resolution with IP address)
Example :
# host server6.example.com
# host 172.25.6.11
(xiv)
Check the resolution with nslookup command.
# nslookup (to check the resolution with hostname)
# nslookup (to check the resolution with IP address)
Example :
# nslookup server6.example.com
# nslookup 172.25.6.11
No comments:
Post a Comment