bgjdns an authoritative dns server with a gui interface with a relational database back-end
TRANSCRIPT
BGJDNSBGJDNS
An Authoritative DNS ServerAn Authoritative DNS Server
With a GUI interface with a With a GUI interface with a relational database back-endrelational database back-end
Why this project?Why this project?
►The 24x7 NOC wasn’t familiar with our The 24x7 NOC wasn’t familiar with our DNS.DNS.
►Emergency changes resulted in the Emergency changes resulted in the NOC calling UNIX administrators.NOC calling UNIX administrators.
►Computers were invented to make life Computers were invented to make life easier, not to wake sleeping people at easier, not to wake sleeping people at 1:30AM for trivial changes that could 1:30AM for trivial changes that could be performed by the 24x7 NOC.be performed by the 24x7 NOC.
DNS in 5 minutesDNS in 5 minutes
►DNS helps resolve logical addresses with DNS helps resolve logical addresses with physical addresses.physical addresses.
►DNS tells us which servers receive e-DNS tells us which servers receive e-mail.mail.
►DNS maps IP Addresses and hostnames. DNS maps IP Addresses and hostnames. (like: (like: www.g3.orgwww.g3.org <-> 216.37.18.21) <-> 216.37.18.21)
►DNS tells us how long we should believe DNS tells us how long we should believe such mappings.such mappings.
Format of Existing DNS DataFormat of Existing DNS Data
Zmonster.com:ns1.tmpw.net.:hostmaster.tmpw.net.::1800:600:604800:86400:600+monster.com:63.112.169.1:600+monster.com:63.121.29.1:[email protected]::mailsorter.in.tmpw.net.:20:[email protected]::mailsorter.ma.tmpw.net.:20:600&monster.com::ns1.tmpw.net.:4800&monster.com::ns2.tmpw.net.:4800Cchief.monster.com:www.akadns.monster.com.:600Cdover.de.monster.com:www.akadns.monster.com.:600Churricanerelief.monster.com:www.akadns.monster.com.:600Cnewjersey.monster.com:www.akadns.monster.com.:600Cnewmexico.monster.com:www.akadns.monster.com.:600Cvideo.monster.com:www.akadns.monster.com.:600^1.10.50.10.in-addr.arpa:jobsearch101.ma.monster.com.:3600::IN^2.10.50.10.in-addr.arpa:jobsearch102.ma.monster.com.:3600::IN^3.10.50.10.in-addr.arpa:jobsearch103.ma.monster.com.:3600::IN^1.10.10.10.in-addr.arpa:jobsearch01.in.monster.com.:3600::IN^2.10.10.10.in-addr.arpa:jobsearch02.in.monster.com.:3600::IN^3.10.10.10.in-addr.arpa:jobsearch03.in.monster.com.:3600::IN
Drawbacks of existing formatDrawbacks of existing format
►Concurrency issues with multiple Concurrency issues with multiple administrators editing the same file.administrators editing the same file.
► Intimidation of the dense colon-Intimidation of the dense colon-delimited format.delimited format.
►Difficult to teach non-UNIX people how Difficult to teach non-UNIX people how to modify the data.to modify the data.
First SchemaFirst Schema
Final SchemaFinal Schema
Data StatsData Stats
Table Name # Tuples
access_group 2
address 3,999
cname 7,542
domain_name 11,471
mx 537
ns 813
ptr 382
soa 403
subnet 36
HurdlesHurdles
►Couldn’t get java nor perl to interact with Couldn’t get java nor perl to interact with Oracle on firebird.cs.iupui.eduOracle on firebird.cs.iupui.edu
►Converting CREATE TABLE syntax to mysqlConverting CREATE TABLE syntax to mysql►Learning OpenLaszloLearning OpenLaszlo►Creatnig a DNS server from scratch (perl)Creatnig a DNS server from scratch (perl)►Evaluating best way to store IP AddressesEvaluating best way to store IP Addresses►Making sure to follow RFC 1035 standardMaking sure to follow RFC 1035 standard► Importing the data (perl)Importing the data (perl)
Typical QueriesTypical Queries
What is the IP address of “g3.org”? (an A record)What is the IP address of “g3.org”? (an A record)
SELECTSELECT
concat(ip_octet1,'.',ip_octet2,'.',ip_octet3,'.',ip_octet4) ip_addrconcat(ip_octet1,'.',ip_octet2,'.',ip_octet3,'.',ip_octet4) ip_addr
FROM address NATURAL JOIN domain_nameFROM address NATURAL JOIN domain_name
WHERE domain_name.name = 'g3.org';WHERE domain_name.name = 'g3.org';
What is the IP address of “www.g3.org”? (a CNAME record)What is the IP address of “www.g3.org”? (a CNAME record)
SELECTSELECT
concat(ip_octet1,'.',ip_octet2,'.',ip_octet3,'.',ip_octet4) ip_addrconcat(ip_octet1,'.',ip_octet2,'.',ip_octet3,'.',ip_octet4) ip_addr
FROMFROM
cname LEFT JOIN domain_name d2 ON (cname.target_name_id = d2.domain_name_id)cname LEFT JOIN domain_name d2 ON (cname.target_name_id = d2.domain_name_id)
LEFT JOIN domain_name d1 ON (cname.domain_name_id = d1.domain_name_id)LEFT JOIN domain_name d1 ON (cname.domain_name_id = d1.domain_name_id)
LEFT JOIN address ON (d2.domain_name_id = address.domain_name_id)LEFT JOIN address ON (d2.domain_name_id = address.domain_name_id)
WHERE d1.name = 'www.g3.org';WHERE d1.name = 'www.g3.org';
Complex QueryComplex QueryWhat is the IP address of “www.tmphosting.net” from my workstation at 10.10.17.21?What is the IP address of “www.tmphosting.net” from my workstation at 10.10.17.21?
SELECTSELECT concat(ip_octet1,'.',ip_octet2,'.',ip_octet3,'.',ip_octet4) ip_addrconcat(ip_octet1,'.',ip_octet2,'.',ip_octet3,'.',ip_octet4) ip_addrFROMFROM (address NATURAL JOIN domain_name)(address NATURAL JOIN domain_name) LEFT JOIN subnet ON (address.access_group_id = subnet.access_group_id)LEFT JOIN subnet ON (address.access_group_id = subnet.access_group_id)WHEREWHERE (domain_name.name = 'www.tmphosting.net') AND(domain_name.name = 'www.tmphosting.net') AND address.access_group_id =address.access_group_id = (SELECT access_group.access_group_id ag_id(SELECT access_group.access_group_id ag_id FROMFROM access_group NATURAL JOIN subnetaccess_group NATURAL JOIN subnet WHEREWHERE INET_NTOA(INET_NTOA( INET_ATON(INET_ATON( CONCAT(net_octet1,'.',net_octet2,'.',net_octet3,'.',net_octet4)CONCAT(net_octet1,'.',net_octet2,'.',net_octet3,'.',net_octet4) )) && INET_ATON(INET_ATON( CONCAT(mask_octet1,'.',mask_octet2,'.',mask_octet3,'.',mask_octet4)CONCAT(mask_octet1,'.',mask_octet2,'.',mask_octet3,'.',mask_octet4) )) )) == INET_NTOA(INET_NTOA( INET_ATON('10.10.17.21')INET_ATON('10.10.17.21') && INET_ATON(INET_ATON( CONCAT(mask_octet1,'.',mask_octet2,'.',mask_octet3,'.',mask_octet4)CONCAT(mask_octet1,'.',mask_octet2,'.',mask_octet3,'.',mask_octet4) )) )) ORDER BY net_octet1 DESCORDER BY net_octet1 DESC LIMIT 1LIMIT 1 ));;
The End is Near The End is Near
►Demonstrate DNS ServerDemonstrate DNS Server►Demonstrate GUIDemonstrate GUI►Q/AQ/A