Concept of DNS
When you are going to browse any web site, then you enter the web site's name, but this name converted into number. Each time you type a web site's address into your browser, the Domain Name System (DNS) goes to work. The level of FQDN (Fully Qualified Domain Name) are given below,
Ex. mail.yahoo.com.
To install the DNS, we need some rpm to install from RedHat Cd which are given below,
Installation of RPM
[root@www RPMS]# rpm -ivh bind-9.2.3-13.i386.rpm
warning: bind-9.2.3-13.i386.rpm: V3 DSA signature: NOKEY, key ID 4f2a6fd2
Preparing... ########################################### [100%]
1:bind ########################################### [100%]
[root@www RPMS]# rpm -ivh bind-utils-9.2.3-13.i386.rpm
ð This package installation is needed for client side
[root@www RPMS]# rpm -ivh caching-nameserver-7.2-12.noarch.rpm
warning: caching-nameserver-7.2-12.noarch.rpm: V3 DSA signature: NOKEY, key ID 4f2a6fd2
Preparing... ########################################### [100%]
1:caching-nameserver ########################################### [100%]
ð To configure the DNS server we must install this rpm. After installation of this rpm it creates some configuration files of DNS, such as localhost.zone, named.ca, named.local files in /var/named directory and named.conf file in /etc directory.
The configuration file of DNS server is called "named.conf" and it is "/etc" directory.
[root@www RPMS]# vi /etc/named.conf
// generated by named-bootconf.pl
options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
include "/etc/rndc.key";
[root@www named]# vi localhost.zone
$TTL 86400
$ORIGIN localhost.
@ 1D IN SOA @ root (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
1D IN NS @
1D IN A 127.0.0.1
ð Host name -> IP address (Forward lookup): while we find a web side through host name, then DNS can converts the host name to IP address, this process is called Forward lookup. This above file (localhost.zone) contains a database of Forward lookup.
[root@www named]# vi named.local
$TTL 86400
@ IN SOA localhost. root.localhost. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS localhost.
1 IN PTR localhost.
ð IP address -> Host name (Reverse lookup): while we find a web side through IP address, then DNS can converts the IP address to host name, this process is called Reverse lookup. This above file (named.local) contains a database of Reverse lookup.
Some important symbols are used in both files which are given below,
SOA Start of Authority.
NS Name Servers.
root User who can configure the server.
PTR Pointer for Address Name Mapping.
Configuring the DNS:
1). In the first step we shall configure three files which are given below,
[root@www RPMS]# vi /etc/named.conf
// generated by named-bootconf.pl
options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
//
// a caching only nameserver config
//
//controls {
// inet 127.0.0.1 allow { localhost; } keys { rndckey; };
//};
//zone "." IN {
// type hint;
// file "named.ca";
//};
zone "home.com" IN { //Only give the domain name
type master; // Another Option Is "slave"
file "localhost.zone"; //This is the configuration file of
//allow-update { none; }; //Forward Lookup in
};
zone "10.168.192.in-addr.arpa" IN { // Don't give the host number.
type master;
file "named.local"; // This is the configuration file
//allow-update { none; }; // of Reverse Lookup in
};
include "/etc/rndc.key";
root@www root]# vi /var/named/localhost.zone
$TTL 86400
@ IN SOA www.home.com. root.www.home.com. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS www.home.com.
www IN A 192.168.10.1
mail IN A 192.168.10.2
chat IN A 192.168.10.3
news IN A 192.168.10.4
[root@www root]# vi /var/named/named.local
$TTL 86400
@ IN SOA www.home.com. root.www.home.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS www.home.com.
1 IN PTR www.home.com.
2 IN PTR mail.home.com.
3 IN PTR chat.home.com.
4 IN PTR news.home.com.
2).
[root@www root]# vi /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
192.162.10.1 www.home.com
[root@www root]# vi /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=www.home.com
[root@www root]# vi /etc/resolv.conf
nameserver 192.162.10.1
search www.home.com
ð We have to add above both lines in resolv.conf file for all clients computer.
3).
[root@localhost root]# service named start
Note: Some times to restart the named service, it faces some debug, then we have to use reload command for restart the service as
[root@localhost root]# service named reload
ð It restarts the service.
Commands to Get DNS Information
[root@www root]# dig -x 127.0.0.2
; <<>> DiG 9.2.3 <<>> -x 192.168.10.2
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30776
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;2.10.168.192.in-addr.arpa. IN PTR
;; ANSWER SECTION:
2.10.168.192.in-addr.arpa. 86400 IN PTR mail.home.com.
;; AUTHORITY SECTION:
10.168.192.in-addr.arpa. 86400 IN NS www.home.com.
;; ADDITIONAL SECTION:
www.home.com. 86400 IN A 192.168.10.1
;; Query time: 9 msec
;; SERVER: 192.168.10.1#53(192.168.10.1)
;; WHEN: Thu Jun 23 15:01:41 2005
;; MSG SIZE rcvd: 101
ð We ask a question to DNS to know the host name of given IP address and it answers including message’s size and time taken.
[root@www root]# dig www.home.com
; <<>> DiG 9.2.3 <<>> www.home.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55210
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;www.home.com. IN A
;; ANSWER SECTION:
www.home.com. 86400 IN A 192.168.10.1
;; AUTHORITY SECTION:
home.com. 86400 IN NS www.home.com.
;; Query time: 8 msec
;; SERVER: 192.168.10.1#53(192.168.10.1)
;; WHEN: Thu Jun 23 15:01:51 2005
;; MSG SIZE rcvd: 60
ð We ask a question to DNS to know the IP address of given host name and it answers including message’s size and time taken.
[root@www root]# nslookup
> www.home.com
Server: 192.168.10.1
Address: 192.168.10.1#53
Name: www.home.com
Address: 192.168.10.1
> mail.home.com
Server: 192.168.10.1
Address: 192.168.10.1#53
Name: mail.home.com
Address: 192.168.10.2
> 127.0.0.4
Server: 192.168.10.1
Address: 192.168.10.1#53
4.10.168.192.in-addr.arpa name = news.home.com.
> exit
ð We get a command prompt of nslookup. Here we can give the IP address or FQDN and get all the information of client from server. To exit from this prompt we use exit command.
[root@www root]# host chat.home.com
chat.home.com has address 127.0.0.3
[root@www root]# host 192.168.10.3
3.10.168.192.in-addr.arpa domain name pointer chat.home.com.
ð This is another command as dig to get host's information from DNS.
