AFNOG NTW 2000 - T1The Domain Name System1. AFNOG NTW 2000 - T1The Domain Name System2 Some DNS topics zWhat the Internet’s DNS isWhat the Internet’s.

Slides:



Advertisements
Similar presentations
ISOC NTW T2The Domain Name System1. ISOC NTW T2The Domain Name System2 Some DNS topics zWhat the Internet’s DNS isWhat the Internet’s DNS.
Advertisements

Web Server Administration
2.1 Installing the DNS Server Role Overview of the Domain Name System Role Overview of the DNS Namespace DNS Improvements for Windows Server 2008 Considerations.
Web Server Administration Chapter 4 Name Resolution.
Domain Name System. DNS is a client/server protocol which provides Name to IP Address Resolution.
DNS Session 4: Delegation and reverse DNS Joe Abley AfNOG 2006 workshop.
1 DNS. 2 BIND DNS –Resolve names to IP address –Resolve IP address to names (reverse DNS) BIND –Berkeley Internet Name Domain system Version 4 is still.
The Domain Name System. CeylonLinux DNS concepts using BIND 2 Hostnames IP Addresses are great for computers –IP address includes information used for.
20101 The Application Layer Domain Name System Chapter 7.
Domain Name System (DNS) Network Information Center (NIC) : HOSTS.TXT.
The Domain Name System Unix System Administration Download PowerPoint Presentation.
Domain Name System: DNS
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 5 Introduction to DNS in Windows Server 2008.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 19 Domain Name System (DNS)
TCP/IP Protocol Suite 1 Chapter 17 Upon completion you will be able to: Domain Name System: DNS Understand how the DNS is organized Know the domains in.
Domain Name Services Oakton Community College CIS 238.
Name Resolution and DNS. Domain names and IP addresses r People prefer to use easy-to-remember names instead of IP addresses r Domain names are alphanumeric.
11.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,
Domain Name System (DNS) Ayitey Bulley Session-1: Fundamentals.
DNS. Introduction What is DNS? –Hierarchy or Tree –Dot used as a separator.
New SA Training Topic 7: DNS and DHCP To implement the underlying basis for our organizations networking, we rely on two fundamental services  DNS – the.
TELE 301 Lecture 11: DNS 1 Overview Last Lecture –Scheduled tasks and log management This Lecture –DNS Next Lecture –Address assignment (DHCP)
Chapter 16 – DNS. DNS Domain Name Service This service allows client machines to resolve computer names (domain names) to IP addresses DNS works at the.
Domain Names System The Domain Name System (DNS) is a hierarchical distributed naming system for computers, services, or any resource connected to the.

DNS and C# SWE 344 Internet Protocols & Client Server Programming.
Domain names and IP addresses Resolver and name server DNS Name hierarchy Domain name system Domain names Top-level domains Hierarchy of name servers.
Domain Name System William Tevie network computer systems.
14 DNS : The Domain Name System. 14 Introduction - Problem Computers are used to work with numbers Humans are used to work with names ==> IP addresses.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2000 Network Protocols Chapter 25 (Data Communication & Networking Book): Domain Name System (DNS) 1.
Chapter 17 Domain Name System
1 The name and address space Network Training Workshop San Jose, June 1999 Track1: Host Based Internetworking.
October 8, 2015 University of Tulsa - Center for Information Security Microsoft Windows 2000 DNS October 8, 2015.
CITA 310 Section 1 Name Resolution (Textbook Chapter 4)
Internet and Intranet Protocols and Applications Lecture 5 Application Protocols: DNS February 20, 2002 Joseph Conron Computer Science Department New York.
1 Kyung Hee University Chapter 18 Domain Name System.
Domain Name System Refs: Chapter 9 RFC 1034 RFC 1035.
Configuring Name Resolution and Additional Services Lesson 12.
Domain Name System (DNS). DNS Server Service Overview of Domain Name System What Is a Domain Namespace? Standards for DNS Naming.
1 Internet Network Services. 2 Module - Internet Network Services ♦ Overview This module focuses on configuring and customizing the servers on the network.
DNS DNS overview DNS operation DNS zones. DNS Overview Name to IP address lookup service based on Domain Names Some DNS servers hold name and address.
Linux Operations and Administration
AfNOG-2003 Domain Name System (DNS) Ayitey Bulley
Web Server Administration Chapter 4 Name Resolution.
1 CMPT 471 Networking II DNS © Janice Regan,
OPTION section It is the first section of the named.conf User can use only one option statement and many option-value pair under the section. Syntax is.
2/26/2003 Lecture 4 Computer System Administration Lecture 4 Networking Startup/DNS.
Domain Name System (DNS) Joe Abley AfNOG Workshop, AIS 2014, Djibouti Session-1: Fundamentals.
TCP/IP Protocol Suite 1 Chapter 17 Upon completion you will be able to: Domain Name System: DNS Understand how the DNS is organized Know the domains in.
Internet Naming Service: DNS* Chapter 5. The Name Space The name space is the structure of the DNS database –An inverted tree with the root node at the.
WHAT IS DNS??????????.
Basics of the Domain Name System (DNS) By : AMMY- DRISS Mohamed Amine KADDARI Zakaria MAHMOUDI Soufiane Oujda Med I University National College of Applied.
Domain Name System DPNM Lab. Seongho Cho
KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY IT375 Window Enterprise Administration Course Name – IT Introduction to Network Security Instructor.
AfNOG-2003 Domain Name System (DNS) Ayitey Bulley Setting up an Authoritative Name Server.
1 Internet Service DNS & BIND OPS335 Seneca College of Applied Technology.
DNS and Inbound Load Balancing
Understand Names Resolution
Domain Name System (DNS)
Networking Applications
Domain Name System: DNS
Module 5: Resolving Host Names by Using Domain Name System (DNS)
IMPLEMENTING NAME RESOLUTION USING DNS
LINUX ADMINISTRATION 1
Chapter 19 Domain Name System (DNS)
Domain Name System (DNS)
Domain Name System Refs: Chapter 9 RFC 1034 RFC 1035.
DNS : Domain Name System
Domain Name System: DNS
Presentation transcript:

AFNOG NTW T1The Domain Name System1

AFNOG NTW T1The Domain Name System2 Some DNS topics zWhat the Internet’s DNS isWhat the Internet’s DNS is zConfiguring a resolver on a Unix-like systemConfiguring a resolver on a Unix-like system zConfiguring a nameserver on a Unix-like systemConfiguring a nameserver on a Unix-like system zExercise: Create and install a simple zoneExercise: Create and install a simple zone

AFNOG NTW T1The Domain Name System3 What the Internet’s DNS is zA systematic namespace called the domain name spaceA systematic namespace called the domain name space zDifferent people or organisations are responsible for different parts of the namespaceDifferent people or organisations are responsible for different parts of the namespace zInformation is associated with each nameInformation is associated with each name zA set of conventions for using the informationA set of conventions for using the information zA distributed database systemA distributed database system zProtocols that allow retrieval of information, and synchronisation between serversProtocols that allow retrieval of information, and synchronisation between servers

AFNOG NTW T1The Domain Name System4 A systematic namespace - the domain name space zSeveral components (called labels) ywritten separated by dots yoften written terminated by a dot zHierarchical structure yLeftmost label has most local scope yRightmost label has global scope yTerminal dot represents root of the hierarchy zDomain names are case independent

AFNOG NTW T1The Domain Name System5 Why use hierarchical names? zInternet hosts and other resources need globally unique names zDifficult to keep unstructured names unique ywould require a single list of all names in use zHierarchical names are much easier to make unique ycat.abc.at. is different from cat.abc.au.

AFNOG NTW T1The Domain Name System6 What are domain names used for? zTo identify computers (hosts) on the Internet xaustin.ghana.com zTo identify organisations xafnog.org zTo map other information to a form that is usable with the DNS infrastructure xIP addresses, Telephone numbers, AS numbers

AFNOG NTW T1The Domain Name System7 Examples of domain names z. zCOM. zGH. zCO.ZA. zwww.afnog.org. zin-addr.arpa.

AFNOG NTW T1The Domain Name System8 Domain Name Hierarchy. edu Root domain comgovmilnetorg rofrat... jp icirncasepubuttvsat roearn ns std cslmndsp ulise paul accogvor... uni-linztuwien eunet cc univie matexpitc phytia alpha chris Top-Level-Domains Second Level Domains

AFNOG NTW T1The Domain Name System9 Different uses of the term “domain” zSometimes, the term “domain” is used to refer to a single name ysuch as zSometimes, the term “domain” is used to refer to all the names (subdomains) that are hierarchically below a particular name yin this usage, the afnog.org domain includes ws.afnog.org, t1.ws.afnog.org, etc.

AFNOG NTW T1The Domain Name System10 Other information mapped to domain names zAlmost any systematic namespace could be mapped to the domain name space zNeed an algorithm agreed to by all people who will use the mapping

AFNOG NTW T1The Domain Name System11 Different people responsible for diff. parts zAdministrator responsible for a domain may delegate authority for a subdomain zEach part that is administered independently is called a zone zDomain or zone administrator may choose to put subdomains in same zone as parent domain, or in different zone, depending on policy and convenience

AFNOG NTW T1The Domain Name System12 What is a zone? (1) zThink of the namespace as a tree or graph of nodes joined by arcs yEach node represents a domain name

AFNOG NTW T1The Domain Name System13 What is a zone? (diagram 1). A B X.A Y.A Z.A J.B K.BL.B CAT.K.B DOG.K.B

AFNOG NTW T1The Domain Name System14 What is a zone? (2) zThink of the namespace as a tree or graph of nodes joined by arcs yEach node represents a domain name zNow cut some of the arcs yEach cut represents a delegation of administrative control

AFNOG NTW T1The Domain Name System15 What is a zone? (diagram 2). A B X.A Y.A Z.A J.B K.BL.B CAT.K.B DOG.K.B Zone cut

AFNOG NTW T1The Domain Name System16 What is a zone? (3) zEach zone consists of a set of nodes that are still joined to each other through paths that do not involve arcs that have been cut yThe name “CAT.K.B” is in the “B” zone yThe name “DOG.K.B” is in the “DOG.K.B” zone yThe “DOG.K.B” zone is a child of the “B” zone

AFNOG NTW T1The Domain Name System17 What is a zone? (diagram 3). A B X.A Y.A Z.A J.B K.BL.B CAT.K.B DOG.K.B Zone Zone cut Root zone A zone B zone DOG.K.B zone

AFNOG NTW T1The Domain Name System18 Information is associated with each domain name zSeveral types of records (Resource Records, RRs), all with a similar formatSeveral types of recordsall with a similar format zEach RR contains some information that is associated with a specific domain name zEach domain name can have several RRs of the same type or of different types

AFNOG NTW T1The Domain Name System19 General format of RRs zOwner name - the domain name that this record belongs to zTTL - how long copies of this RR may be cached (measured in seconds) zClass - almost always IN zType - there are many typesType - there are many types zData - different RR types have different data formats

AFNOG NTW T1The Domain Name System20 Several types of RRs zIP address for a hostIP address for a host zInformation needed by the DNS infrastructure itselfInformation needed by the DNS infrastructure itself zHostname for an IP addressHostname for an IP address zInformation about mail routingInformation about mail routing zFree form textFree form text zAlias to canonical name mappingAlias to canonical name mapping zMany more (but less commonly used)

AFNOG NTW T1The Domain Name System21 IP address for a host zA record zOwner is host name zData is IP address ; IP address of austin.gh.com austin.ghana.com IN A

AFNOG NTW T1The Domain Name System22 Information needed by the DNS infrastructure itself zSOA recordSOA record yEach zone has exactly one SOA record zNS recordsNS records yEach zone has several nameservers that are listed as having authoritative information about domains in the zone yOne NS record for each such nameserver zZone cuts are marked by these RRsZone cuts are marked by these RRs

AFNOG NTW T1The Domain Name System23 SOA record zEvery zone has exactly one SOA record zThe domain name at the top of the zone owns the SOA record zData portion of SOA record contains: yMNAME - name of master nameserver yRNAME - address of zone administrator ySERIAL - serial number yREFRESH RETRY EXPIRE MINIMUM - timing parameters

AFNOG NTW T1The Domain Name System24 NS record zEach zone has several listed nameservers zOne NS record for each listed nameserver ymaster/primary and slaves/secondaries zthe data portion of each NS record contains the domain name of a nameserver zDoes not contain IP address yGet that from an A record for the nameserver

AFNOG NTW T1The Domain Name System25 SOA and NS record example ; owner TTL class type data ghana.com IN SOA austin.gh.com. support.gh.com. ( ; serial ; refresh 3600 ; retry ; expire 900 ) ; minimum ghana.com IN NS ns1.ghana.com. ghana.com IN NS ns2.ghana.com. ghana.com IN NS server.elsewhere.example.

AFNOG NTW T1The Domain Name System26 SOA and NS example using some shortcuts $ORIGIN ghana.com. $TTL ; owner TTL class type IN SOA austin.gh.com. Support.gh.com. ( ; serial ; refresh 3600 ; retry ; expire 900 ) ; minimum NS ns1 NS ns2 NS server.elsewhere.example.

AFNOG NTW T1The Domain Name System27 More about RRs above and below zone cuts zRRs in the child zone (below the cut) ySOA and NS records (authoritative) zRRs in the parent zone (above the cut) yNS records (should be identical to those in the child zone) zglue records ythe child zone’s nameservers sometimes need A records in the parent zone

AFNOG NTW T1The Domain Name System28 Zone cut example - RRs in the child zone zparent is COM zone; child is GHANA.COM zone zchild zone has SOA and NS records, and A records for hosts ghana.com. IN SOA xxx xxx xxx xxx xxx xxx xxx NS ns1.ghana.com. NS another.elsewhere.edu. ns1.ghana.com. A ; the ghana.com zone does not have an A record ; for another.elsewhere.edu.

AFNOG NTW T1The Domain Name System29 Zone cut example - RRs in the parent zone zparent is COM zone; child is XYZ.COM zone zparent zone has its own SOA and NS records, plus copies of child zone’s NS records, plus glue records COM. IN SOA xxx xxx xxx xxx xxx xxx xxx NS xxxxxxx NS yyyyyyy ghana.com. NS ns1.ghana.com. NS another.elsewhere.edu. ns1.ghana.com. A ; the com zone does not have an A record ; for another.elsewhere.edu.

AFNOG NTW T1The Domain Name System30 Hostname for an IP address zPTR record zOwner is IP address, mapped into the in- addr.arpa domain zData is name of host with that IP address ; host name for IP address in-addr.arpa. PTR austin.ghana.com.

AFNOG NTW T1The Domain Name System31 Reverse Lookup zWhen a source host establishes a connection to a destination host, the TCP/IP packets carry out only IP addresses of the source host; zFor authentication, access rights or accounting information, the destination host wants to know the name of the source host; zFor this purpose, a special domain “in-addr.arpa” is used; zThe reverse name is obtained by reversing the IP number and adding the name “in-addr.arpa”; zExample: address: reverse name: in-addr.arpa zReverse domains form a hierarchical tree and are treated as any other Internet domain. zRfc2317 Classless In-ADDR.ARPA delegation

AFNOG NTW T1The Domain Name System32 Reverse Domain Hierarchy in-addr.arpa

AFNOG NTW T1The Domain Name System33 Information about mail routing zMX record zOwner is name of domain zData contains preference value, and name of host that receives incoming ; send ghana.com’s to mailserver or backupserver ghana.com. MX 0 mail.ghana.com. ghana.com. MX 10 backupmail.ghana.com.

AFNOG NTW T1The Domain Name System34 Free form text zTXT record zOwner is any domain name zData is any text associated with the domain name zVery few conventions about how to use it net.ghana.com. TXT “NETWORKS R US”

AFNOG NTW T1The Domain Name System35 Alias to canonical name mapping zCNAME record zOwner is non-canonical domain name (alias) zData is canonical domain name ; ftp.xyz.com is an alias ; ftp.ghana.com is the canonical name ftp.ghana.com. CNAME austin.ghana.com

AFNOG NTW T1The Domain Name System36 A set of conventions for using the information zHow to represent the relationship between host names and IP addresses zWhat records are used to control mail routing, and how the mail system should use those records zHow to use the DNS to store IP netmask information zMany other things

AFNOG NTW T1The Domain Name System37 The DNS is a distributed database system zWhat makes it a distributed database?What makes it a distributed database? zHow is data partitioned amongst the servers?How is data partitioned amongst the servers? zWhat about reliability?What about reliability?

AFNOG NTW T1The Domain Name System38 What makes it a distributed database? zThousands of servers around the world zEach server has authoritative information about some subset of the namespace zThere is no central server that has information about the whole namespace zIf a question gets sent to a server that does not know the answer, that is not a problem

AFNOG NTW T1The Domain Name System39 Requirements for a nameserver zA query should be resolved as fast as possible; zIt should be available 24 hours a day; zIt should be reachable via fast communication lines; zIt should be located in the central in the network topology; zIt should run robust, without errors and interrupts.

AFNOG NTW T1The Domain Name System40 How is data partitioned amongst the servers? zThe namespace is divided into zones zEach zone has two or more authoritative nameservers yOne primary or master yOne or more secondaries or slaves ySlaves periodically update from master zEach server is authoritative for any number of zones (zero or more)

AFNOG NTW T1The Domain Name System41 What about reliability? zIf one server does not reply, clients will ask another server zThat’s why there are several servers for each zone zZone administrators should choose servers that are not all subject to a single point of failure

AFNOG NTW T1The Domain Name System42 DNS Protocols zClient/server question/answer yWhat kinds of questions can clients ask?What kinds of questions can clients ask? yThe resolver/server modelThe resolver/server model yWhat if the server does not know the answer?What if the server does not know the answer? zMaster and slave serversMaster and slave servers yConfiguration by zone administrator yPeriodic update of slaves from master

AFNOG NTW T1The Domain Name System43 What kinds of questions can clients ask? zAll the records of a particular type for a particular domain name yAll the A records, or all the MX records zAll records of any type for a particular domain name zA complete zone transfer of all records in a particular zone yUsed to synchronise slave with master server

AFNOG NTW T1The Domain Name System44 The resolver/server model zuser software asks resolver a question zresolver asks server zserver gives answer, error, or referral to a set of other servers zserver may recurse, or expect resolver to recurse zcaching zauthoritative/non-authoritative answers

AFNOG NTW T1The Domain Name System45 The resolver/server model (diagram) Authoritative Nameserver Recursive Nameserver CACHE Resolver First query is forwarded, and reply is cached Next query is answered from cache

AFNOG NTW T1The Domain Name System46 What if the server does not know the answer? zServers that receive queries for which they have no information can return a referral to another server zReferral may include SOA, NS records and A records zClient can recursively follow the referral zServer may recurse on behalf of client, if client so requests and server is willing

AFNOG NTW T1The Domain Name System47 Master and slave servers za.k.a. primary and secondary zzone administrator sets up primary/master zasks friends or ISPs to set up slaves/secondaries zslave periodically checks with master to see if data has changed ztransfers new zone if necessary zserial number in SOA record in each zone

AFNOG NTW T1The Domain Name System48 Location of servers zone master and at least one slave zon different networks zavoid having a single point of failure zRFC SELECTION AND OPERATION OF SECONDARY DNS SERVERS zRFC2181- CLARIFICATIONS TO THE DNS SPECIFICATION

AFNOG NTW T1The Domain Name System49 Configuring a resolver on a Unix-like system zUnix-like systems use /etc/resolv.conf file zresolver is part of libc or libresolv, compiled into application programs zresolv.conf says which nameservers should be used by the resolver zresolv.conf also has other functions, see the resolver or resolv.conf man pages

AFNOG NTW T1The Domain Name System50 resolv.conf example z/etc/resolv.conf file contains the following lines domain ghana.com nameserver nameserver

AFNOG NTW T1The Domain Name System51 Configuring a nameserver on a Unix-like system zBIND is the most common implementation zup to version 4.9.* use /etc/named.boot file zfrom version 8.* use /etc/named.conf file zcache name zprimary/master zone name and file name zsecondary/slave zone name, master IP address, backup file name

AFNOG NTW T1The Domain Name System52 named.boot example z/etc/named.boot contains the following lines directory /etc/namedb ; type zone master file name cache. root.cache primary t1.ws.afnog.org afnog.org secondary gh.com sec/gh.com

AFNOG NTW T1The Domain Name System53 named.conf example z/etc/named.conf contains the following lines options { directory "/etc/namedb"; }; zone "." { type ; file "root.cache"; }; zone ”t1.ws.afnog.org" { type master; file ”afnog.org"; }; zone ”gh.com" { type slave; masters { ; }; file "sec/gh.com"; };

AFNOG NTW T1The Domain Name System54 Checking DNS using nslookup znslookup commands: server ; set the server to be queried set type = NS ;queries NS resources set type = SOA ;queries SOA resources set type = A ;queries A resources set type = MX ;queries MX resources set type = CNAME ;queries CNAME resources set type = PTR ;queries PTR resources set type = ANY ;queries ANY resources ls ;lists the zone ls > ;gets the zone into the file

AFNOG NTW T1The Domain Name System55 Checking DNS using dig zDig yTool to manage DNS settings ySyntax is: dig [query-type]

AFNOG NTW T1The Domain Name System56 Questions

AFNOG NTW T1The Domain Name System57 Exercise zEach student choose a domain name ymake it a subdomain of t1.ws.afnog.org zChoose two nameservers zCreate a zone master file ySOA, NS and A records zEdit named.conf appropriately zCheck that resolv.conf is sensible zTest using nslookup or dig

AFNOG NTW T1The Domain Name System58 Exercise zEach row choose a domain name ymake it a subdomain of t1.ws.afnog.org yany reasonable name ymust be unique

AFNOG NTW T1The Domain Name System59 Exercise zChoose two nameservers yOne in your cell yOne in another cell yGet the other cell’s permission zRegister with administrator of parent domain yneed to get nameservers working before registration is finished

AFNOG NTW T1The Domain Name System60 Exercise zCreate a zone master file y/etc/namedb/your-file-name ySOA record yNS records y“glue” A records if necessary yA records for your hosts yany other records you want

AFNOG NTW T1The Domain Name System61 Exercise zEdit named.conf appropriately y/etc/named.conf yAdd a section for your master zone yAdd sections for any slave zones, if another cell asks you to be a secondary for them zStart your nameserver yndc restart yor run named by hand

AFNOG NTW T1The Domain Name System62 Exercise zEnable named in freebsd yedit /etc/rc.conf yadd a section for named yNAMED_ENABLE= “YES” yNAMED_PROGRAM=“/USR/SBIN/NAMED” zStart your nameserver yndc restart yor run named by hand/usr/sbin/named

AFNOG NTW T1The Domain Name System63 Exercise zCheck that resolv.conf is sensible ynameserver xxx.xxx.xxx.xxx zThis allows applications on your host to do DNS lookups

AFNOG NTW T1The Domain Name System64 Exercise zTest with nslookup or dig yourdomain.t1.ws.afnog.org. SOA ycheck for sensible answer with AA flag yalso your secondary server yalso dig for NS records

AFNOG NTW T1The Domain Name System65 Exercise Checking DNS using dig zdig command: # dig [query-type] zExercises y# t1.ws.afnog.org A y# t1.ws.afnog.org NS y# t1.ws.afnog.org MX zWhat information does this give you? You can check other domains, known to you.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.