DNS

Introduction
• What is DNS?
– A server that translates DNS names (such as
stop-phishing.com) into an IP address that is
actually used for communication on the
Internet.

– Dot used as a separator

Why DNS?
1.Because users cant, remember IPs?
2.Hide the Complexity of network infrastructure
3.(Ex . Google has 100000 severs in the Backend)
ping google.com -c 4
4.Directory Service for Internet.
5.It shares resources (one IP bat many domain
names)
What it does?
1.Restore name to IP (forward lookup)
2.Restore IP to name (Reveres Lookup
Local DNS in Linux can be provide by
Having entries in

Linux
/etc/hosts
less /etc/hosts

MS

windows\system32\drivers\etc\hosts
 Top-level domain
Domain Name Meaning
COM Commercial organizations
EDU Educational institutions
GOV Government institutions
MIL Military groups
NET Major network support
ORG Organizations other than those above
ARPA Temporary ARPANET domain
INT International organizations
country codeEach country (geographical scheme)
Implementation of DNS

DNS is a world wild distributed Architecture

Database which has only a single root donated by .
(dot)
. root
|
.lk .edu .com }TLD top Lever domain ---can not buy
individuals
|
.google } Zones(domain) individuals can own
after having registered with a dns registar
|
www/ftp/mail } sub Domains / hostname owner can
decide
 zone
• Domain Delegation

Primary (Master) Name Server

– Contains the writable authoritative copy for
the zones
Secondary (Slave) Name Server
– Contains mirror copy of the data from a
primary nameserver
 Introduction to DNS
• DNS Clients
– /etc/resolv.conf
• Authoritative DNS Servers
– provide the information for your DNS domain
• Caching DNS Server
– Most servers don’t ask authoritative servers
for DNS directly
– ask a caching DNS server
 How Does It Work?
• Listens at UDP and TCP port 53
– UDP for routine queries
– TCP used for zone transfers
 Basic DNS Testing of DNS Resolution
(Query DNS)

dig (command internet gropher)

1.To view DNS records
dig yahoo.com
ii) To reveal the IP
host www.yahoo.com

iii) To view mail server host name ( MX

record)
dig mx google.com
• The Host Command
– host www.google.com
• The nslookup Command
– nslookup www.google.com
– nslookup
*Most widely used DNS server in the internet is
BIND
Berkley Presently Maintaces by
Internet internet software consortium
Name www.isc.com
Deamon hence also known as isc-BIND
 The /etc/resolv.conf File
• Nameserver
– IP address of your DNS nameserver
• Search
• Domain
– localdomain use by default
search my-site.com my-site.net my-site.org
nameserver 192.168.1.100
nameserver 192.168.1.102
 BIND
• Downloading and Installing the BIND
Type of Name Server

1.Caching Name servers

2.Master (Primary) Name server
3.Slave (secondary) Name server
Caching Server
In this configuration BIND9 will find the answer to
name queries and remember the answer for the next
query. This can be useful for a slow internet
connection. By caching DNS queries, you reduce the
bandwidth used.
Primary Master Server
BIND9 can be used to serve DNS records (groups of
records are referred to as zones) for a registered domain
name or an imaginary one (but only if used on a
restricted network).

Secondary Master Server

A secondary master DNS server is used to complement
a primary master DNS server by serving a copy of the
zone(s) configured on the primary server. Secondary
servers are recommended in larger setups. If you intend
to serve a registered domain name they ensure that your
DNS zone is still available even if your primary server is
not online.
Registration Process
Company level pvt
Process name nyc.com

DNS Host name

ns1.nyc.com  203.143.22.21
ns2.nyc.com  203.143.22.22

nyc.com resistor (godday.com /networksolution.com)

Create host for DNS
Go to Resistor and create two hosts
ns1.nyc.com  203.143.22.21
ns2.nyc.com  203.143.22.22

*use there as DSN for nyc.com and ns2.nyc.com to root DNS

(owner main register networksolutions.com)
 How To Get BIND Started
• /etc/init.d/bind9 start
• /etc/init.d/bind9 stop
• /etc/init.d/bind9 restart
 DNS File Locations
• named.conf
– /etc/named.conf
• zone files
– /var/named
 Named.conf
• This file usually has two zone areas:
– Forward zone file
– Reverse zone file
 Configuring The Zone Files
• By default located in the directory
/var/named
• Each zone file contains a variety of
records (SOA, NS, MX, A, and CNAME)
 Time to Live Value
– D signifies days
– W signifies weeks
– H signifies hours

$TTL 3D
 Standard Resource Records
• SOA
– Start of Authority, Marks the begining of a
zone's data
• NS
– IP address or CNAME of the name server
• A
– IP address of server
– The most commonly used type of record. This
record maps an IP Address to a hostname.
• MX
– Mail server DNS name
• CNAME
– Server name alias
• PTR
– Last octet of server's IP address
 The SOA Record
• Format
Name Class Type Name-Server Email-Address Serial-No Refresh
Retry Expiry Minimum-TTL
@ IN SOA ns1.my-site.com. hostmaster.my-site.com. ( 2004100801 ; serial #

4H ; refresh
1H ; retry
1W ; expiry
1D ) ; minimum
 the general format:
Name Class Type Data
eeunix IN A 130.111.148.45
IN MX 0 eeunix
IN MX 1 maine.maine.edu.
Ex:-
• Install DNS sever for sigiri.lk

Configuring BIND9 for sigiri.lk

BIND 9 Configuration files are stored in:
/etc/bind/

The main configuration is stored in the following files:

/etc/bind/named.conf
/etc/bind/named.conf.options
/etc/bind/named.conf.local

In this section BIND9 will be configured as the primary master for the domain
sigiri.lk. Simply replace sigiri.lk with your fully qualified domain name.

Zone File
To add a DNS zone to BIND9, turning BIND9 into a Primary Master server, all
you have to do is edit /etc/bind/named.conf.local
zone “sigiri.lk”{
type master;
file "/etc/bind/db.sigiri.lk“;
};
• Now use an existing zone file as a template:
• Or copy db.empty to db.sigiri.lk
• Or copy db.local to db.sigiri.lk

cp /etc/bind/db.local /etc/bind/db.sigiri.lk
• Edit the new zone file /etc/bind/db.sigiri.lk change localhost. to
the FQDN of your server, leaving the additional "." at the end.

Change 127.0.0.1 to the nameserver's IP Address and

root.localhost to a valid email address, but with a "." instead of
the "@". also leaving the "." at the end.

• Also, create an A record for ns.sigiri.lk the name server in this

example:
;
; BIND data file for local loopback interface
;
$TTL 604800
@ IN SOA ns.sigiri.lk. root.sigiri.lk. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS ns.sigiri.lk.
@ IN A 192.168.1.10
box IN A 192.168.1.10
• You must increment the serial number every time you make changes to
the zone file. If you make multiple changes before restarting BIND9,
simply increment the serial once.
• Now, you can add DNS records to the bottom of the zone.
• Tip: Many people like to use the last date edited as the serial of a zone,
such as 2005010100 which is yyyymmddss (where s is serial)

• Once you've made a change to the zone file BIND9 will need to be
restarted for the changes to take affect:

• /etc/init.d/bind9 restart