DNS (Domain Name System)

 DNS is a very well known protocol.

 The DNS protocol works when your computer sends out a DNS
query to a name server to resolve a domain.

 The DNS protocol utilises Port 53 for its service. This means that a
DNS server listens on Port 53 and expects any client wishing to use
the service to use the same port.

 It is used for resolving host names and domain names to IP

addresses ( or vice versa)

 The Domain Name System is a 'hierarchically distributed database',

which is a fancy way of saying that its layers are arranged in a
definite order and that its data is distributed across a wide range of
machines (just like the roots of a tree branch out from the main root).
History
The Internet Domain Name Server
Hierarchy
 Top-level domains
Domain Used By
========== ==========
.com Commercial organizations, as in novell.com
.edu Educational organizations, as in ucla.edu
.gov Governmental agencies, as in whitehouse.gov
.mil Military organizations, as in army.mil
.org Nonprofit organizations, as in redcross.org
.net Networking entities, as in nsf.net
.int International organizations, as in nato.int
Example DNS Resolution
 DNS Server & Clients
 DNS Server :The software component that returns the
name to IP translation ( or vice versa) to the inquiring client.
The DNS server may ask other DNS server for help in doing
this. On Red Hat Linux machines the server gets its
configuration from /etc/named.conf file and the named.conf
references.

 DNS Client: The software component of all networked

computers that finds the IP address for name or (vice versa)
by asking its assigned DNS server(s) on Red Hat Linux
machine the client gets its configuration information from
/etc/resolv.conf
Nameserver Types
There are four primary nameserver configuration types:
• master (Primary DNS)— Stores original and authoritative zone 
records for a certain namespace, answering questions from other 
nameservers searching for answers concerning that namespace.

• slave (Secondary DNS)— Answers queries from other 
nameservers concerning namespaces for which it is considered an 
authority. However, slave nameservers get their namespace information 
from master nameservers.
• caching­only — Offers name to IP resolution services but is not 
authoritative for any zones. Answers for all resolutions are cached in 
memory for a fixed period of time, which is specified by the retrieved 
zone record.

• forwarding — Forwards requests to a specific list of nameservers for 
name resolution. If none of the specified nameservers can perform the 
resolution, the resolution fails.
Primary DNS Configuration

 Necessary rpm required for Primary DNS

configuration

1. bind
2. bind-utils
3. bind-libs

Configuration Cont. 
Primary DNS Configuration Files
/etc/hosts
 /etc/named.conf
 /etc/resolv.conf
 /ver/named/ispsetup.com.fz
 /ver/named/ispsetup.com.rev
 /ver/named/named.ca
 /ver/named/named.local
 /var/named/localhost.zone

Configuration Cont. 
/etc/named.conf
options {
directory "/var/named";
};

controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};

zone "." IN {
type hint;
file "named.ca";
};

zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
/etc/named.conf
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "ispsetup.com" IN {
type master;
file "ispsetup.com.fz";
allow-update { none; };
allow-transfer { 199.227.167.214; 69.88.13.6; 69.88.13.5; 69.88.7.162; };
};
zone "10.168.192.in-addr.arpa" IN {
type master;
file "ispsetup.com.rev";
allow-update { none; };
};
include "/etc/rndc.key";
/ver/named/ispsetup.com.fz
$TTL 7200 ; 2 hour
$ORIGIN ispsetup.com.
@ IN SOA ns01.ispsetup.com. root.ispsetup.com. (
2006050901 ; serial (d. adams)
3600 ; refresh after 1 hours
900 ; retry after 15 hour
1209600 ; expire after 2 week
1800 ) ; minimum TTL of 30 minutes 
IN NS ns01.ispsetup.com.
IN NS ns02.ispsetup.com.
IN MX 10 mail.ispsetup.com.

$ORIGIN ispsetup.com.
@ IN A 192.168.9.14
ns01 IN A 192.168.9.14
ns02 IN A 192.168.9.12
mail IN A 192.168.9.4
www IN CNAME ns01.
/ver/named/ispsetup.com.rev

$TTL 86400
@ IN SOA ns01.ispsetup.com. root.ispsetup.com. (
1997022712 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS ns01.ispsetup.com.
IN NS ns02.ispsetup.com.

14 IN PTR ns01.ispsetup.com.
12 IN PTR ns02.ispsetup.com.
12 IN PTR mail.ispsetup.com.
/var/named/named.local
$TTL 86400
@ IN SOA localhost. root.localhost. (
1997022720 ; Serial
28800 ; Refresh

/var/named/localhost.zone
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS localhost. RIGIN localhost.
@ 1D IN SOA @ root (

1 IN PTR localhost. 44 ; serial (d. adams)

3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum

1D IN NS @
1D IN A 127.0.0.1
Resource Records
• SOA — Start Of Authority record, proclaims important authoritative 
information about a namespace to the nameserver. 

• NS — NameServer record, which announces the authoritative 
nameservers for a particular zone.

• MX — Mail eXchange record, which tells where mail sent to a particular 
namespace controlled by this zone should go.

• A — Address record, which specifies an IP address to assign to a name

• CNAME — Canonical name record, maps one name to another. This 
type of record is also known as an alias record.

• PTR — PoinTeR record, designed to point to another part of the 
namespace
 /etc/hosts
127.0.0.1 localhost.localdomain localhost
192.168.9.14 ns01.ispsetup.com ns01

/etc/resolv.conf 
nameserver 192.168.9.14
nameserver 192.168.9.12
Start and Test DNS Service
 Start DNS service
# service named start
or
# /etc/rc.d/init.d/named start

 Test DNS Service

# nslookup
# dig
# dig –x 192.168.9.14