DNS DNS DNS is a network service that

DNS

DNS DNS is a network service that enables clients to resolve names to IP address and vice-versa. Allows machines to be logically grouped by domain names. Provides email routing information.

DNS Internet Naming Hierarchy The silent dot at the end of all addresses . com . net . org . sidbi . in . ac. iitk www . co

DNS Setup DNS Operation A DNS server maintains the name to IP address mapping of the domain for which it is the name server. The DNS server for a domain is registered with the domain registrar and the entry is maintained by the Internet Root-Servers (13) or Country Level Root. Servers. Whenever a server is queried, if doesn’t have the answer, the root servers are contacted. The root servers refer to the DNS server for that domain (in case the domain is a top level domain) or the Country Root Server (in case the domain is country level domain).

DNS Setup DNS Configuration named daemon is used A DNS Server may be caching/master/slave server The named. ca file has information of all Root Servers. There is a Forward Zone file and a Reverse Zone file for every domain. Configuration file: /var/named/chroot/etc/named. conf Forward Zone File: /var/named/chroot/var/named/<forward_zone_file> Reverse Zone File: /var/named/chroot/var/named/<reverse_zone_file>

DNS Setup Sample Master named. conf zone ". " { type hint; file "named. ca"; }; zone "0. 0. 127. in-addr. arpa" { type master; file "named. local"; allow-query {any; }; }; zone "iitk. ac. in" { type master; file "hosts. db"; allow-query {any; }; }; zone "95. 200. 203. IN-ADDR. ARPA" { type master; file "hosts. rev. 203. 200. 95"; allow-query {any; }; }; zone "iitk. ernet. in" { type slave; file "hosts. iitk. ernet. in"; masters { 202. 141. 40. 10; }; allow-query {any; };

DNS Setup Sample Forward Zone File $TTL 86400 @ IN SOA ns. iitk. ac. in. root. ns. iitk. ac. in. ( 200605091 ; Serial 10800 ; Refresh - 3 hours 3600 ; Retry - 1 hour 1209600 ; Expire - 1 week 43200 ) ; Minimum TTL for negative answers - 12 hours IN NS ns. iitk. ac. in. IN NS proxy. iitk. ac. in. IN MX 5 mail 0. iitk. ac. in. IN MX 10 mail 1. iitk. ac. in. IN MX 20 mail 2. iitk. ac. in. $ORIGIN iitk. ac. in. ns IN A mail IN A proxy IN CNAME 203. 200. 95. 142 203. 200. 95. 144 mail

DNS Setup Sample Reverse Zone File $TTL 86400 $ORIGIN 200. 203. in-addr. arpa. 95 IN SOA ns 1. iitk. ac. in. root. ns 1. iitk. ac. in. ( 200605091 ; Serial 10800 ; Refresh - 5 minutes 3600 ; Retry - 1 minute 1209600 ; Expire - 1 weeks 43200 ) ; Minimum TTL for negative answers - 12 hours IN NS ns. iitk. ac. in. IN NS proxy. iitk. ac. in. $ORIGIN 95. 200. 203. in-addr. arpa. ; ; 142 IN PTR ns. iitk. ac. in. 144 IN PTR mail. iitk. ac. in.

DNS Setup Configuring Local Resolver /etc/resolv. conf server 127. 0. 0. 1

DNS Setup Test DNS nslookup host dig Test your DNS with the following DNS diagnostics web site: dnsstuff. com

DNS Setup Advanced BIND Features Access List Round Robin Load Sharing Dynamic DNS Update

DNS Setup Access Control List ACL is a list of semi-colon separated IP addresses or networks. Create ACLs and apply directives on specified ACLs acl “mynetwork” { 172. 31. 0. 0/16; 172. 30. 1. 1; }; allow-query {mynetwork; }; allow-transfer {mynetwork; }; allow-update {mynetwork; };

DNS Setup Dynamic DNS Update Allows the DNS server to update the Name and IP address of hosts on the network. To disable DDNS, use the directive: allow-update {none; };

DNS Setup Round Robin Load Sharing • Load Balancing can be achieved by use of multiple A records for the same name: www www IN IN IN A A A 203. 200. 95. 140 203. 200. 95. 141 203. 200. 95. 142