Saturday, July 27, 2013

DNS Server using Bind on CentOS 6.4 - 1



DNS Server using BIND on CentOS 6.4

Part I  Essential DNS Functions 1
 Chapter 1 DNS Service
 Chapter 2 DNS Server Software
 Chapter 3 Terms (Resource Records)
 Chapter 4 Bind Installation and startup

Part II  Essential DNS Functions 2
 Chapter 5 Creating zones- Forward & Reverse
 Chapter 6 Adding More zone
 Chapter 7 DNS Load Sharing
 Chapter 8 Master/Slave name server

Part III  Advanced DNS Functions
 Chapter 9 BIND ACL
 Chapter 10 Spilt DNS: VIEW
 Chapter 11 Dynamic DNS Update (DDNS)
 Chapter 12 How to use Client tools   - nslookup, dig, host

Part IV  DNS Security
 Chapter 13 TSIG and DNSSEC
 Chapter 14 RNDC service
 Chapter 15 Some DNS Security Issues
 Chapter 16 DNS Cache Poisoning

Part V  DNS Bind GUI Tools

Chapter 1  DNS Service
1. Domain Name System (DNS)
       Resolves hostnames into IP addresses (forward lookup)
         Name (Human being friendly)  -> IP address (Computer friendly)
       Resolves IP addresses into hostnames (reverse lookup)
          IP address -> Name
       Allows machines to be logically grouped by name domains
       Provides email routing information
2. Zones, Domains and Delegation
       A domain is a complete sub-tree of the hierarchical namespace
       A zone is the part of the domain managed by a particular server
       Subdomains may be delegated into additional zones
       A zone may directly manage some subdomains
3. Name Server Types
a. Master name server (Primary)
    Contains the master copy of data for a zone
b. Slave name server (Secondary)
§   Provides a backup to the master name server
§   All slave servers maintain synchronization with their master name server
c. Caching–only Name Server
§   forwards queries and caches results.
§   provides Internet root server 'hints' or references via named.ca
§   /etc/resolv.conf should include nameserver 127.0.0.1 

4. DNS Hierarchy




5. DNS Name Resolution Process













Chapter 3 DNS Server Terms 

Authoritative server
A DNS server that hosts a primary or secondary copy of zone data
Non-authoritative server
do not contain copies of any domains but have a cache file that is constructed from all the DNS lookups performed in the past for which it has gotten an authoritative response
FQDN
A DNS name that uniquely identifies a node in a DNS namespace. Fully qualified domain name
Iterative query
A query made by a client to a DNS server for an authoritative answer that can be provided by the server without generating additional server-side queries to other DNS servers
Recursive query
A query made by either a client or a DNS server on behalf of a client, the response to which can be an authoritative answer or a referral to another server
CNAME
Canonical Name record is used to create aliases that point to other names
Address (A) record
associates a domain name with an IP address
Pointer (PTR) record
provides data for reverse DNS, which is used for logging the domain name and verification purposes
Name Servers (NS)
identifies the authoritative DNS servers for a domain
Mail Servers (MX):
identifies the server to which e-mail is directed
Text Record (TXT)
can be used for any kind of documentation
First Record (SOA)
the first record in the zone file to contains the name of the primary DNS server, which must correspond to an NS record in the file
Serial :
Number to  increment when any resource record in the zone file is updated. A slave (Secondary) server will read the master DNS SOA record periodically
Refresh :
Indicates the time when the slave will try to refresh the zone from the master
Retry:
Defines the time between retries if the slave (secondary) fails to contact the master when refresh (above) has expired
Expire :
Indicates when the zone data is no longer authoritative. Used by Slave or (Secondary) servers only
Minimum:
redefined this value to be the negative caching time - the time a NAME ERROR = NXDOMAIN result may be cached by any resolver
TTL (Time to Live) :
defines the duration in seconds that the record may be cached


Chapter 4  Bind Installation & Startup
1. Package Installation
# rpm –qa | grep bind
      bind-utils-9.8.2-0.17.rc1.el6.i686          - Utilities for querying DNS
      bind-libs-9.8.2-0.17.rc1.el6.i686            - Libraries
      bind-9.8.2-0.17.rc1.el6.i686        - The Berkeley Internet Name Domain (BIND)
      bind-chroot-9.8.2-0.17.rc1.el6.i686    - Chroot runtime environment
      bind-devel-9.8.2-0.17.rc1.el6.i686           - Header files and libraries
# yum install bind-utils bind-libs bind-chroot bind-devel bind -y

2. Service Startup
# service named start
# ps –ef | grep named
# netstat –nat | grep 53
# tail –f /var/log/messages
3. Service Registration
# chkconfig –add named
# chkconfig named on
# chkconfig –list named
 



Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)