Professional Documents
Culture Documents
Nvsu FR Icd 05 00 Module 5 (Sam101) Student
Nvsu FR Icd 05 00 Module 5 (Sam101) Student
V. LESSON CONTENT
DOMAIN NAME
Domain Name System (DNS) is a worldwide service that resolves host names to IP addresses.
This facilitates proper communication between computers. DNS servers communicate with each other in
a hierarchy in an effort to teach each other their name resolutions. The LAN DNS servers do the same
thing as their Internet counterparts, just on a smaller scale (although sometimes not so small!). DNS
servers use inbound port 53 to accept name resolution requests. A domain is given a name, such as
microsoft.com for Microsoft. In addition, computers within a domain are given a unique name, which often
parallels the name of a user, such as Sinclair, or is a favorite name, such as antelope or popcorn. The
translation of a name to an IP address is called forward DNS lookup or forward DNS resolution, and
translation of an IP address to a domain name is called reverse DNS lookup or reverse DNS
resolution.
Domain Name and IP Address are two key elements used by the general population when
accessing websites on the Internet. One is the Internet name of the website and the other is its public IP
address. These two elements go hand in hand. People generally connect to Internet services via Internet
hostnames, but behind the scenes, the Internet name is translated to a public IP address. Both the IP
address assignment and the Internet domain name are governed at the highest level by the Internet
Assigned Numbers Authority (IANA).
Internet Assigned Numbers Authority (IANA), which is responsible for the global coordination
of the DNS Root, IP addressing, and other Internet Protocol resources. IANA is one of the Internet’s
oldest organizations and was set up to be in charge of the Internet management authorities or registration
authorities. IANA has three primary functions:
•
Domain name management: IANA manages the DNS root zone for the generic (g) top-level
domains (gTLDs), such as .COM, .NET, .ORG, .INFO, and country-code (cc) top-level domains
(ccTLDs), such as .US, .UK, and .AU. IANA maintains the .int (intergovernmental) domain
registries, which are exclusive registrations for intergovernmental treaty organizations, such as
NVSU-FR-ICD-05-00 (081220) Page 1 of 8
“In accordance with section 185. Fair use of copyrighted works of Republic Act 8293, the copyrighted works included in this material may be reproduced for educational purposes
only and not for commercial distribution.”
Republic of the Philippines
NUEVA VIZCAYA STATE UNIVERSITY
Bayombong, Nueva Vizcaya
INSTRUCTIONAL MODULE
IM No.: SAM101-1st-SY2020-2021
the United Nations (un.int) and NATO (nato.int), Asnthe.int, .arpa domains, and an IDN practices
resource. IANA maintains the .arpa domain registries, which include the in-addr.arpa domain. The
in-addr.arpa is the reverse DNS lookup for IPv4 addresses on the Internet. IANA also maintains
the IDN (Internationalized Domain Name) practices repository known as the language table
registry. This allows for domain name registration containing international characters (for
example, müller.info).
• Number resources management: IANA coordinates the global pool of IP addresses, which include
both IPv4 and IPv6. To coordinate the global effort of IP address allocation more effectively, IANA
delegates the allocation to the regional Internet registries (RIR), each of which is responsible for
a different area. The five RIRs accounting for the different regions of the world are as follows:
o AfriNIC: Africa Region
o APNIC: Asia/Pacific Region
o ARIN: North America Region
o LACNIC: Latin America and some Caribbean Islands
o RIPE NCC: Europe, the Middle East, and Central Asia
IANA is also responsible for the AS (Autonomous System) number allocation, which is used in
BGP to route Internet traffic. This allocation is delegated to the RIRs the same as the IP address
allocation.
• Protocol Assignments: IANA is also responsible for maintaining the registries of protocol names
and numbers used in the Internet today. These protocol numbering systems are managed by
IANA in conjunction with standards bodies.
DNS Hierarchy
The DNS is a tree hierarchy. Everything in DNS starts at the “.” servers, or generally called root
servers, which are at the top of the hierarchy. The root servers are well-known IP addresses that have
been programmed into DNS servers. When the DNS is installed on a server, a list of the root server’s IP
addresses is automatically configured in the DNS. A file containing the list of the most up-to-date root
servers is available for the public, and it can be downloaded at the IANA’s website. The file is known as
the Root Hints file (root.hints). According to IANA, there are currently 13 root servers distributed around
the world operated by different independent entities. Each server is typically a cluster of servers spreading
throughout different regions or countries.
To allow computers to properly recognize a fully qualified domain name, dots are placed between
each part of the name. All resolvers treat dots as separators between the parts of the domain name. The
fully qualified domain name is split into pieces at the dots and the tree is searched starting from the root
of the hierarchical tree structure. All resolvers start their lookups at the root, therefore the root is
represented by a dot and is often assumed to be there, even when not shown. The resolver navigates
it's way down the tree until it gets to the last, left-most part of the domain name and then looks within that
location for the information it needs. Information about a host such as its name, its IP address and
occasionally even it's function are stored in one or more zone files which together compose a larger zone
often referred to as a domain.
It is traditional to use different DNS servers for each level of the DNS hierarchy. The root of all
DNS entries is handled by the DNS servers at the InterNIC [well, sort of, but we'll get to that later --InetD
NVSU-FR-ICD-05-00 (081220) Page 2 of 8
“In accordance with section 185. Fair use of copyrighted works of Republic Act 8293, the copyrighted works included in this material may be reproduced for educational purposes
only and not for commercial distribution.”
Republic of the Philippines
NUEVA VIZCAYA STATE UNIVERSITY
Bayombong, Nueva Vizcaya
INSTRUCTIONAL MODULE
IM No.: SAM101-1st-SY2020-2021
]. The InterNIC points the Top-Level Domains (TLDs) to the top-level domain name servers maintained
by all registrars such as Network Solutions, Register.Com, OpenSRS and many others. [Please note that
InetDaemon does not endorse ANY registrar--they all suck, some more than others. --InetD ]. Next come
each domain's server will delegate to the DNS server at the next lower level in the hierarchy.
For example, in the figure below, .edu is the top-level domain, Berkeley is the second level
domain, and .cs is the sub-domain of Berkeley. Eos is the host name. A DNS server would store the IP
address of the host where its name resides in the tree.
Root Servers
The authoritative name servers that serve the DNS root zone, commonly known as the “root
servers”, are a network of hundreds of servers in many countries around the world. They are configured
in the DNS root zone as 13 named authorities, as follows.
Authoritative Name Server, A name server that is authorized and configured to answer DNS
queries for a particular domain or zone. A Non-Authoritative Answer is a name lookup answer received
by a client via a non-authoritative server. A non-authoritative name server will always query the
authoritative name servers of the domain for the answer
SUB-DOMAIN
The sub-domain is the next level in the DNS hierarchy. The sub-domain can be defined as the
domain that is a part of the main domain. The only domain that is not also a sub-domain is the root
domain. Suppose two domains. one.example.com and two.example.com. Here, both the domains are
the sub-domains of the main domain example.com and the example.com is also a subdomain of the com
top level domain.
The common types of DNS Resource Records are given below. There are many other resources
also.
✓ SOA
✓ NS
✓ A
✓ PTR
✓ CNAME
✓ MX
✓ SRV
SOA Record
Every zone file will have a SOA record. It will be present at the beginning of the zone. The SOA
stands for Start of Authority. Normally, this type of record holds information about the zone itself and
about other records. Each zone will be having only one SOA record. The SOA record contains the
following fields.
Eg: IN SOA nameserver.place.dom. postmaster.place.dom.
NS Record
The NS record stands for nameserver record. This shows the authoritative servers the zone. They
indicate primary and secondary servers for the zone specified in the SOA record. Zones can contain
many NS records, but it should contain at least one NS record for a DNS zone.
For example, when the administrator on abc.com delegated authority for the noam.abc.com
subdomain to noamdc1.noam.abc.com., the following line was added to the zone abc.com and
noam.abc.com:
noam.abc.com. IN NS noamdc1.noam.abc.com.
A Record
The next resource record we are going to see is the A record. The A record stands for Address
record. It maps a domain name to an IP address so that the resolver can request the corresponding IP
address for the domain. As an example, the following A resource record, located in the zone abc.com,
maps the FQDN of the server to its IP address.
abc.com IN A 172.16.48.1
PTR Records
The PTR record stands for the pointer record. It functions reversely as that of the A record. It
maps a domain name to an IP address. We are familiar with the term reverse dns. This record is used to
achieve the reverse dns. An example is given below.
1.48.16.172.in-addr.arpa. IN PTR abc.com.
Once a DNS client queries for the A resource record for ftp.abc.com, the DNS server finds the
CNAME resource record. Then it resolves the query for the A resource record for ftp1.abc.com, and
returns both the A and CNAME resource records to the client. This is how CNAME record works.
MX Resource Records
The MX record stands for the mail exchange record. The mail exchange (MX) resource record
specifies a mail exchange server for a DNS domain name. A mail exchange server is a host that will
either process or forward mail for the DNS domain name. Processing the mail means either delivering it
to the addressee or passing it to a different type of mail transport. Forwarding the mail means sending it
to its final destination server. It will Simple Mail Transfer Protocol (SMTP) to another mail exchange server
that is closer to the final destination, or queuing it for a specified amount of time. Only mail exchange
servers use MX records.
We can have multiple MX resource records for that domain. The following example shows MX
resource records for the mail servers for the domain noam.abc.com.:
*. noam.abc.com. IN MX 0 mailserver1.noam.abc.com.
*. noam.abc.com. IN MX 10 mailserver2.noam.abc.com.
*. noam.abc.com. IN MX 10 mailserver3.noam.abc.com.
SRV Records
With MX records, we can have multiple mail servers in a DNS domain, and when a mailer needs
to send mail to a host in the domain, it can find the location of a mail exchange server. Service (SRV)
resource records enable you to specify the location of the servers for a specific service, protocol, and
DNS domain. Thus, if you have two Web servers in your domain, you can create SRV resource records
specifying which hosts serve as Web servers, and resolvers can then retrieve all the SRV resource
records for the Web servers.
IP Version 6 Address record (AAAA Record)—stores a hostname and its corresponding IPv6 address.
Certificate record (CERT Record)—stores encryption certificates—PKIX, SPKI, PGP, and so on.
To configure DNS Server in Mikrotik you could be setting it via the command line or via winbox.
Here is an example of command giving 8.8.8.8 DNS Server (DNS has Google):
servers: 8.8.8.8
dynamic-servers:
allow-remote-requests: yes
max-udp-packet-size: 4096
cache-size: 2048KiB
cache-max-ttl: 1w
cache-used: 9KiB
In the command above mean allow-remote-requests = yes is going to make your Mikrotik Router
as a DNS server also. So that the DNS configuration on the user’s computer is quite directed to Mikrotik
Router, and no longer point to Google’s DNS server or ISP, or other. It can save your bandwidth usage
for DNS questions will only be given to your Mikrotik Router.
NVSU-FR-ICD-05-00 (081220) Page 5 of 8
“In accordance with section 185. Fair use of copyrighted works of Republic Act 8293, the copyrighted works included in this material may be reproduced for educational purposes
only and not for commercial distribution.”
Republic of the Philippines
NUEVA VIZCAYA STATE UNIVERSITY
Bayombong, Nueva Vizcaya
INSTRUCTIONAL MODULE
IM No.: SAM101-1st-SY2020-2021
To more easily you can use to configure the DNS Server Winbox in Mikrotik via the menu IP ->
DNS -> Settings button, it will appear like this:
We recommend that you configure more than one DNS server so that when the first server is
down, we can still use the second server. You can enter its DNS server as shown above or via the
command line with the following command:
[Admin @ MikroTik]> set ip dns servers = 8.8.8.8,8.8.4.4 allow-remote-requests = yes
[Admin @ MikroTik]> set ip dns servers = 8.8.8.8,8.8.4.4 allow-remote-requests = yes
After the DNS server has been configured in Mikrotik. Mikrotik Router then it should already be connected
to the internet. Check the connection to the Internet by pinging website such as google.com.
1. From DNS Settings window, click on Static button. DNS Static window will appear.
2. Click on PLUS SIGN (+). New DNS Static Entry window will appear.
3. Put your host name (such as ftp) in Name input field and put the IP Address of the host in Address
input field.
4. Click Apply and OK button.
5. Similarly, you can put as many host entries as you want following the above steps.
1. Go to IP > Firewall, menu and click on PLUS SIGN (+). New Firewall Rule window will appear.
2. From General tab, choose input from Chain drop down menu and choose udp from Protocol
dropdown menu and put 53 in Dst. Port input box and then choose your WAN Interface (such as
ether1) from In. Interface dropdown menu.
3. Click on Action tab and choose drop option from Action dropdown menu.
4. Click Apply and OK button.
5. Similarly, click on PLUS SIGN (+) again and choose input from Chain dropdown menu and choose
tcp from Protocol dropdown menu and put 53 in Dst. Port input box and then choose your WAN
Interface from In. Interface dropdown menu.
6. Click Apply and OK button.
7. ASSIGNMENT
Read the following supplemental materials
✓ https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml
✓ https://wiki.mikrotik.com/wiki/Manual:IP/DNS
8. REFERENCES
Fadıl, &; Fadıl. (2019, July 10). How to Configure Mikrotik DNS Server. Technology Software Center.
https://techsoftcenter.com/how-to-configure-mikrotik-dns-server/.
Sayeed, A. (2020, January 4). MikroTik DNS Client and Caching DNS Server Configuration. System
Zone. https://systemzone.net/mikrotik-dns-client-and-caching-dns-server-configuration/.