DNS - PowerPoint PPT Presentation
Title:
DNS
Description:
Allows machines to be logically grouped by domain names. Provides email routing information. ... Access Control List. DNS Setup. ACL is a list of semi-colon ... – PowerPoint PPT presentation
Number of Views:73
Avg rating:3.0/5.0
Title: DNS
1
DNS
- DNS
2
DNS
DNS
- DNS is a network service that enables clients to
resolve names to IP address and vice-versa. - Allows machines to be logically grouped by domain
names. - Provides email routing information.
3
Internet Naming Hierarchy
DNS
The silent dot at the end of all addresses
.org
.in
.com
.net
.sidbi
.co
.ac
.iitk
www
www
4
DNS Operation
DNS Setup
- A DNS server maintains the name to IP address
mapping of the domain for which it is the name
server. - The DNS server for a domain is registered with
the domain registrar and the entry is maintained
by the Internet Root-Servers (13) or Country
Level Root-Servers. - Whenever a server is queried, if doesnt have the
answer, the root servers are contacted. - The root servers refer to the DNS server for that
domain (in case the domain is a top level domain)
or the Country Root Server (in case the domain is
country level domain).
5
DNS Configuration
DNS Setup
- named daemon is used
- A DNS Server may be caching/master/slave server
- The named.ca file has information of all Root
Servers. - There is a Forward Zone file and a Reverse Zone
file for every domain. - Configuration file
- /var/named/chroot/etc/named.conf
- Forward Zone File
- /var/named/chroot/var/named/ltforward_zone_filegt
- Reverse Zone File
- /var/named/chroot/var/named/ltreverse_zone_filegt
6
Sample Master named.conf
DNS Setup
- zone "."
- type hint
- file "named.ca"
- zone "0.0.127.in-addr.arpa"
- type master
- file "named.local"
- allow-query any
- zone "iitk.ac.in"
- type master
- file "hosts.db"
- allow-query any
- zone "95.200.203.IN-ADDR.ARPA"
- type master
- file "hosts.rev.203.200.95"
- allow-query any
7
Sample Forward Zone File
DNS Setup
- TTL 86400
- _at_ IN SOA ns.iitk.ac.in.
root.ns.iitk.ac.in. ( - 200605091 Serial
- 10800 Refresh - 3
hours - 3600 Retry - 1 hour
- 1209600 Expire - 1 week
- 43200 ) Minimum TTL for
negative answers - 12 hours - IN NS ns.iitk.ac.in.
- IN NS proxy.iitk.ac.in.
- IN MX 5 mail0.iitk.ac.in.
- IN MX 10 mail1.iitk.ac.in.
- IN MX 20 mail2.iitk.ac.in.
- ORIGIN iitk.ac.in.
- ns IN A 203.200.95.142
- mail IN A 203.200.95.144
- proxy IN CNAME mail
8
Sample Reverse Zone File
DNS Setup
TTL 86400 ORIGIN 200.203.in-addr.arpa. 95
IN SOA ns1.iitk.ac.in.
root.ns1.iitk.ac.in. (
200605091 Serial 10800
Refresh - 5 minutes
3600 Retry - 1 minute
1209600 Expire - 1 weeks
43200 ) Minimum TTL for negative
answers - 12 hours IN NS
ns.iitk.ac.in. IN NS
proxy.iitk.ac.in. ORIGIN 95.200.203.in-addr.arpa
. 142 IN PTR ns.iitk.ac.in. 144
IN PTR mail.iitk.ac.in.
9
Configuring Local Resolver
DNS Setup
- /etc/resolv.conf
- server 127.0.0.1
10
Test DNS
DNS Setup
- nslookup
- host
- dig
- Test your DNS with the following DNS diagnostics
web site dnsstuff.com
11
Advanced BIND Features
DNS Setup
- Access List
- Round Robin Load Sharing
- Dynamic DNS Update
12
Access Control List
DNS Setup
- ACL is a list of semi-colon separated IP
addresses or networks. - Create ACLs and apply directives on specified
ACLs - acl mynetwork 172.31.0.0/16 172.30.1.1
- allow-query mynetwork
- allow-transfer mynetwork
- allow-update mynetwork
13
Dynamic DNS Update
DNS Setup
- Allows the DNS server to update the Name and IP
address of hosts on the network. - To disable DDNS, use the directive
- allow-update none
14
Round Robin Load Sharing
DNS Setup
- Load Balancing can be achieved by use of multiple
A records for the same name - www IN A 203.200.95.140
- www IN A 203.200.95.141
- www IN A 203.200.95.142
Recommended
CrystalGraphics Presentations
