DNS & BIND

Chapter 24

This Chapter

• DNS Overview

DNS Overview

• DNS (Domain Name System) maps domain names to IP addresses, and vice versa

• It reduces the need for humans to work with IP addresses, which, with the introduction of IPv6, are complex

• BIND (Berkeley Internet Name Domain) is a popular open-source implementation of DNS

Overview

• DNS was specified in 1983 and BIND became part of BSD in 1985– Each node in the hierarchical DNS database is

called a domain and is labeled with a (domain) name

– the node at the top of the DNS hierarchy is called the root node or root domain

The DNS / BIND HierarchyPg. 775 in text

Reading the Hierarchy

A fully qualified domain name (FQDN) is the DNS equivalent of a file system’s absolute pathname: It is a pointer that positively locates a domain on the Internet.

The Resolver / Server Relationship

• The resolver - turns an unqualified domain name into an FQDN that is passed to DNS to be mapped to an IP address.

• The resolver always appends the root domain (.) to an unqualified domain name first, allowing you to type www.redhat.com instead of www.redhat.com. (including the trailing period) in a browser.

The Resolver / Server Relationship

• The Resolver passes the DNS request to the Name Server to begin the Process.

• The Resolver to Name Server communication is called the Recursive Query

• A recursive query sends a domain name to a DNS server and asks the server to return the IP address of the domain: The server may need to query other servers toget the answer.

The Recursive Query

The Resolver / Server Relationship

• If a name resolution request cannot be solved by DNS server it will pass the request on to “upstream servers” – this process is called an Iterative Query

• The Iterative Query sends a domain name to a DNS server and asks the server to return either the IP address of the domain or the name of the DNS server that is authoritative for the domain

The Iterative Query

Resource Records

• Information about nodes (domains) in the DNS database is stored in resource records

• There are more than 30 types of resource records exist, ranging from common types, such as address records that store the address of a host, to those that contain geographical information

Resource RecordsRecord FunctionA IPv4 Address—Maps a domain name to the IPv4 address of a host

AAAA IPv6 Address—Maps a domain name to the IPv6 address of a host

CNAME Canonical Name—Maps an alias or nickname to a domain name.

PTR Pointer—Maps an IP address to a domain name and is used for reverse name resolution

NS Name Server—Specifies the name of the system that provides domain service (DNS records) for the domain

SOA Start of Authority—Designates the start of a zone. Each zone must have exactly one SOA record. An authoritative server maintains the SOA record for the zone it is authoritative for

Installing DNS

• Install the following packages:• bind• bind-utils (provides dig among other utilities)• system-config-bind (optional)• bind-chroot (optional)

Starting and Checking the Service

• Run chkconfig to cause named to start when the system enters multiuser mode:# /sbin/chkconfig named on

• After you have configured named, start it with service:# /sbin/service named start

Named is the name of the DNS daemon

System-Config-BIND

Adding Zones

Adding Records

Summary

• DNS uses a hierarchical method for resoling Host names

• Recursive queries involve the Client/Server• Iterative queries involve the Server/Server• Linux DNS requires the manual create of

records• System-config-bind is the utility for viewing

DNS in GUI form

Excercise

• Ensure your system has a statically assigned IP• Install DNS• Add CNAME records for machines called

Chicago, Denver, Atlanta, and Vancouver using your static IP (it will be fine that they all have the same IP

• Try to use the ping utility to ping these machines by name