Friday 14 June 2013

Domain Name Server - A Simple Name Resolving Model

DNS (Domain Name System), also known as a nameserver, is a network system that associates hostnames with their respective IP addresses. For users, this has the advantage that they can refer to machines on the network by names that are usually easier to remember than the numerical network addresses called IPs. For system administrators, using the nameserver allows them to change the IP address for a host without ever affecting the name-based queries, or to decide which machines handle these queries.


DNS is usually implemented using one or more centralized servers that are authoritative for certain domains. When a client host requests information from a nameserver, it usually connects to port 53. The nameserver then attempts to resolve the name requested. If it does not have an authoritative answer, or does not already have the answer cached from an earlier query, it queries other nameservers, called root nameservers, to determine which nameservers are authoritative for the name in question, and then queries them to get the requested name. Nameserver Zones:In a DNS server such as BIND (Berkeley Internet Name Domain), all information is stored in basic data elements called resource records (RR). The resource record is usually a fully qualified domain name (FQDN) of a host, and is broken down into multiple sections organized into a tree-like hierarchy. This hierarchy consists of a main trunk, primary branches, secondary branches, and so on.Here is a simple guide to install DNS on RHEL6. Consider a fresh installation of redhat enterprise linux on a machine, to make it simple.BIND consists of a set of DNS-related programs. It contains a nameserver called named, an administration utility called rndc, and a debugging tool called dig.


Note the following:


Host machine IP Address: 10.14.153.24

Hostname: desktop24.example.com


Make following enteries in the following files:


# vim /etc/resolv.conf


nameserver 10.14.153.24

search example.com


# vim /etc/hosts
10.14.153.24 desktop24.example.com desktop24

127.0.0.1 localhost.localdomain localhost


Make sure to assign static IP address to the machine.First check the Ethernet LAN port on which the machine is connected using following commands:


# mii-tools# ethtool eth0


After that edit the network file:


# vim /etc/sysconfig/network-scripts/ifcfg-eth0


DEVICE=eth0

TYPE=Ethernet

BOOTPROTO=static

ONBOOT=yes

IPADDR=10.14.153.24

NETMASK=255.255.255.0

GATEWAY=10.14.153.1


save and quit


Now stop the service of NetworkManager and restart the service of network.


# /etc/init.d/NetworkManager stop;chkconfig NetworkManager off

#/etc/init.d/network restart;chkconfig network on


Now, make sure YUM is working on your machine.

Install the following packages on the machine using YUM.

# yum install -y bind*
When installation is completed, we proceed with the configuration,main configuration files are:

/etc/named/named.conf

/var/named/chroot/etc/named.conf

also we need to include some files, we discuss about them later.Edit the configuration file as:

# vim /var/named/chroot/etc/named.conf

//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//

 options {
        listen-on port 53 { 127.0.0.1;10.14.153.24; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { localhost; };
        recursion yes;

         dnssec-enable yes;
        dnssec-validation yes;
        dnssec-lookaside auto;

         /* Path to ISC DLV key */
        bindkeys-file "/etc/named.iscdlv.key";
};

 logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

 zone "." IN {
        type hint;
        file "named.ca";
};

 zone "example.com" IN {
        type master;
        file "forward.zone";
        allow-update { none; };
};
zone "153.14.10.in-addr.arpa" IN {
        type master;
        file "reverse.zone";
        allow-update { none; };
};

Save and quit the file.

Write only the above lines in the file, if you don't know how to customize DNS.
Also create the new files that you have added in the above file:
# vim /var/named/chroot/var/named/forward.zone
$TTL 1D
@       IN SOA  desktop24.example.com. root.desktop24.example.com. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        NS      desktop24.example.com.
desktop24       A       10.14.153.24

desktop23       A       10.14.153.23


 save and quit.

# vim /var/named/chroot/var/named/reverse.zone
$TTL 3H
@       IN SOA  desktop24.example.com. root.desktop24.example.com. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        NS      desktop24.example.com.
24      PTR     desktop24.

Save and quit.


Make sure that the firewall and SELinux is off, also the owner ship of the above two files is as:

# cd /var/named/chroot/var/named/

# chown root.named reverse.zone

 # chown root.named forward.zone

These lines may be at any sequence.
Now restart the service and send query to the DNS.

# /etc/init.d/named restart;chkconfig named on
Stopping named:                                            [  OK  ]
Starting named:                                            [  OK  ]

[root@desktop24 ~]# nslookup desktop24.example.com
Server:         10.14.153.24
Address:        10.14.153.24#53

Name:   desktop24.example.com
Address: 10.14.153.24

[root@desktop24 ~]# dig desktop24.example.com

; <<>> DiG 9.7.0-P2-RedHat-9.7.0-5.P2.el6 <<>> desktop24.example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22786
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;desktop24.example.com.         IN      A

;; ANSWER SECTION:
desktop24.example.com.  86400   IN      A       10.14.153.24

;; AUTHORITY SECTION:
example.com.            86400   IN      NS      desktop24.example.com.

;; Query time: 0 msec
;; SERVER: 10.14.153.24#53(10.14.153.24)
;; WHEN: Sat Oct  4 05:18:13 2014
;; MSG SIZE  rcvd: 69

[root@desktop24 ~]# dig desktop23.example.com

 ; <<>> DiG 9.7.0-P2-RedHat-9.7.0-5.P2.el6 <<>> desktop23.example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14385
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

 ;; QUESTION SECTION:
;desktop23.example.com.         IN      A

 ;; ANSWER SECTION:
desktop23.example.com.  86400   IN      A       10.14.153.23

 ;; AUTHORITY SECTION:
example.com.            86400   IN      NS      desktop24.example.com.

 ;; ADDITIONAL SECTION:
desktop24.example.com.  86400   IN      A       10.14.153.24

 ;; Query time: 0 msec
;; SERVER: 10.14.153.24#53(10.14.153.24)
;; WHEN: Sat Oct  4 05:19:32 2014
;; MSG SIZE  rcvd: 95

If some reply is received, means your dns is resolving.

save and quit.





Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)