Linux

Domain Name System (DNS)

Domain Name System (DNS) converts the name of a Web site (www.google.com) to an IP address (209.85.175.103). This step is important, because the IP address of a Web site's server, not the Web site's name, is used in routing traffic over the Internet. This chapter will explain how to configure your own DNS server to help guide Web surfers to your site.
for full theory of DNS Server, you can download full document download

Installing a DNS Server

Installing the bind RPM of DNS servers. If your machine have already been installed bind RPM. Use command to know the rpm of DNS as shown in figure.
DNS server RPM
DNS server RPM

Dns service command

[root@server ~] service named start
[root@server ~] service named stop
[root@server ~] service named restart


Configure Linux dns server

The main configuration file for dns server is named.conf. By default this file is not created in /var/named/chroot/etc/ directory.You can get this file in /etc directory.

chroot features

The chroot feature is run named as user named, and it also limit the files named can see. When installed, named is fooled into thinking that the directory /var/named/chroot is actually the root or / directory. Therefore, named files normally found in the /etc directory are found in /var/named/chroot/etc directory instead, and those you would expect to find in /var/named are actually located in /var/named/chroot/var/named. The advantage of the chroot feature is that if a hacker enters your system via a BIND exploit, the hacker's access to the rest of your system is isolated to the files under the chroot directory and nothing else. This type of security is also known as a chroot jail.

named.conf

Different bind version create different formats of file. Mostly it looks like this.
zone "raj.com" IN {
	type master;
	file "raj.forward";
	allow-update { none; };
};
zone "0.168.192.in-addr.arpa" IN {
type master;
file "raj.reverse";
allow-update { none; };
};
Don't confuse if your named.conf file looks very small this. You would see Include "/etc/ namedrfc1912.zones"; at the bottom of the file. If you see the file include "/etc/rndc.key"; copy all the files which have been referenced by named.conf and paste in /var/named/chroot/etc/ directory.
First Entry for the Forward resolution, converts names into IP addresses,
Second Entry for the reverse resolution, converts IP addresses back into host names.

Our Aim is to create an address resolution for ip 192.168.0.3 and FQDN mohit.raj.com Now we have made the entry of FQDN in named.conf.

Configure zone file

We have defined two zone files raj.forward for forward zone and raj.reverse for reverse zone. These files will be store in /var/named/chroot/var/named/ location. Change directory to /var/named/chroot/var/named and write the raj.forward as shown in figure
DNS server forward Zone file
DNS server forward Zone file

Write another file raj.reverse in same directory
DNS server reverse Zone file
DNS server reverse Zone file

Digit 3 represent in last line mean last octet first 3 octet 192.168.0 already define in named.conf file.
Start the DNS service
[root@localhost ~]# service named restart
If you get OK you can check the DNS server by using command nslookup.
DNS server nslookup
DNS server nslookup

It means forward file zone is working fine( name to ip address resolution).
Check the reverse lookup.
DNS server reverse nslookup
DNS server reverse nslookup

The above figure shows that reverse zone is working fine(ip to name resolution) Named service use port no 53.
There is another command dig
Used as
[root@localhost~ ]# dig raj.com
What it's mean everything written in zone files
$TTL :Time to Live (TTL) value for the zone. This is the number, in seconds, given to nameservers that tells how long the zone's resource records should continue to be valid. This reduces the number of queries made concerning this zone, but it also lengthens the amount of time required to proliferate resource record changes.

SOA : Start of Authority record defining the key characteristics of the zone. The information regarding to SOA record is as follows:

Serial :Serial is start with any number. if the zone records changes ,increase the serialnumber to alert other servers that they need to get fresh data about your domain.

Refresh :Tells any slave servers how long to wait before asking the master nameserver if any changes have been made to the zone.(28,800 sec.=8 hours).

Retry :If the slave can't reach the master, it tries again after sample notes (not to be sold,copied or reprint) 61 this retry interval.(14,400 sec.=4 hours)

Expire: If the slave can't contact the master within the expire time, then the slave discards the data.(3,600,000 sec.=1,000 hours)

Minimum :defines the cache time to live for negative answers. (86,400 sec.=24 hours)

NS : NameServer record, which announces the authoritative nameservers for a particular zone.

PTR :Pointer record, designed to point to another part of the namespace. PTR records are primarily used for reverse name resolution, as they point IP addresses back to a particular name.

The mostly used class is the IN-class, which stands for Internet. It's also used, if no class is specified.
The following types are available:
NS - specifies a name server
A - associates a name with an IP address
CNAME - aliases one name to another
MX - specifies a mail exchanger (mail server)
TXT - sets a text-string
HINFO - provides additional host data
SRV - specifies the location of a service
"@" sign represents the mohit.raj.com.
dot(.) must appear at the end of the domain name. The dot represents the root server of Internet.

Some more amendment in zone files.
If you want to add mail server address in zone file do as shown in figure.
Forward zone file of DNS server
DNS server Forward zone
DNS server Forward zone

Priority define which mail server will use first small numerical value means high priority.
Now see the reverse zone file.
DNS server reverse zone
DNS server reverse zone

If you want to give IP range do as shown in figure below
Forward zone file
DNS server Forward zone  IP
DNS server Forward zone IP

I have defined a range between 4 to 250 if you still in doubt restart the service of named and use nslookup command like this
DNS server Forward zone  nslookup
DNS server Forward zone nslookup

I want to know the ip address of station50.raj.com it would give me 192.168.0.50.
Now reverse zone file
DNS server reverse zone IP
DNS server reverse zone IP

Same range I have defined here
Use nslookup command again.
DNS server reverse zone  nslookup
DNS server reverse zone nslookup

Named Virtual Hosting or Named based virtual hosting

In Web server we had done named virtual based hosting without dns. How dns support named based virtual hosting We will have to edit the named.conf and add new entry as shown in figure below.
DNS server named.conf
DNS server named.conf

Don't confuse to see the small file . You can also use this file if your named.conf give any error of unknow zone. Ok what changes we have done in named.conf to enter new entery. We have added new entry of indya.com and erase the reverse entry of raj.com. Now see the indya.forward file.
DNS server forward zone with new entry
DNS server forward zone with new entry

Same ip but different domain name. This is done to save the IP addresses because many website can be hosted on same IP.
I hope you have enjoyed the chapter, please like, share and give your comment.






admin