| Goals for this chapter: | rpm packages covered in this chapter:
|
|
|
|
The DNS - Domain Name Service was design and developed by Paul Mockapetris. The main goal in those days (1984), was the impossibility to list all the Web server in a single file. Before, the DNS, the mode that these services are handled was rudimental. In the same way, today, we list all our local systems in the file, "/etc/hosts", in 1984, before the DNS, all the existent Internet servers are handled in the same "/etc/host", including all the Internet hosts, about 1,000,000.
Also, in those days, the mode to send emails was different and un-efficient. For example, to send an email to a remote host, the standard mode was: user@host, where host is the username in the host machine, listed in all the "/etc/hosts".
Today, to send an email we use the following notation: user@do.ma.in, that support the IP notation and use SMTP, that is the mode to use the TCP/IP protocol, to send emails.
The documentation for the DNS belong to the following DNS:
Today, DNS is the standard mode to translate an alphanumeric address in an valid numeric IP address (X.Y.Z.T), respecting the class nomeclature introduced in Networking Chapter.This translation is made using the DNS Server. A DNS Server make this translation. When you hit, http://www.futuretg.com, the WebServer contact the WebServers listed in your local
Also your Linux system must become a DNS Server, to transmit the information about the local WebServers.
The most important files was written by Paul Mockapetris. Only minor updates had been made like the program "nslookup". Using this program is possible to get "any" information about the IP. We can get type of information IP adress, DNS server, mail (MX) and other information.
[root@www /root]# nslookup
Default Server: dns.interbusiness.it
Address: 151.99.125.2
> set type=any
> www.futuretg.com
Server: dns.interbusiness.it
Address: 151.99.125.2
www.futuretg.com
internet address = 209.41.12.115
www.futuretg.com
preference = 50, mail exchanger = mail-fwd.rapidsite.netfuturetg.com
nameserver = ns.nameservers.net
futuretg.com nameserver
= ns2.nameservers.net
futuretg.com nameserver
= ns3.nameservers.net
mail-fwd.rapidsite.net internet address
= 207.158.192.58
mail-fwd.rapidsite.net internet address
= 207.158.192.60
mail-fwd.rapidsite.net internet address
= 207.158.192.65
ns.nameservers.net
internet address = 207.158.192.40
ns2.nameservers.net
internet address = 209.41.31.13
ns3.nameservers.net
internet address = 209.41.31.14
> (Ctrl-D)
[root@www /root]#
or for example only the SOA (Start Of a zone of Authority):
[root@www /root]# nslookup
Default Server: dns.interbusiness.it
Address: 151.99.125.2
> set type=soa
> www.futuretg.com
Server: dns.interbusiness.it
Address: 151.99.125.2
Authoritative answers can be found from:
futuretg.com
origin = ns.nameservers.net
mail addr = hostmaster.rapidsite.net
serial = 2000082823
refresh = 86400 (1D)
retry = 3600 (1H)
expire = 604800 (1W)
minimum ttl = 345600 (4D)
> exit
[root@www /root]#
Another interesting program is the dig, a program that sends domain name query packets to name servers, (the name servers listed in "/etc/resolv.conf", of course).
A simple dig command is the following:
[root@www /root]# dig query-type=soa www.futureg.com
; <<>> DiG 8.2 <<>> query-type=soa
www.futureg.com
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status:
NOERROR, id: 4
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 3, AUTHORITY:
0, ADDITIONAL: 0
;; QUERY SECTION:
;; www.futureg.com,
type = A, class = IN
;; ANSWER SECTION:
www.futureg.com.
0S IN CNAME www.futureg.com.
www.futureg.com.
1H IN MX 10 mail.domainsarefree.com.
www.futureg.com.
1H IN A 192.41.34.36
;; Total query time: 525 msec
;; FROM: www.futuretg.com to SERVER: default
-- 151.99.125.2
;; WHEN: Mon Oct 9 11:57:40 2000
;; MSG SIZE sent: 33 rcvd: 132
or a more classic:
[root@www /root]# dig @ns.internic.net ns
; <<>> DiG 8.2 <<>> @ns.internic.net
ns
; Bad server: ns.internic.net -- using default
server and timer opts
; (3 servers found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status:
NOERROR, id: 6
;; flags: qr rd ra; QUERY: 1, ANSWER: 13,
AUTHORITY: 0, ADDITIONAL: 13
;; QUERY SECTION:
;; ., type
= NS, class = IN
;; ANSWER SECTION:
.
5d22h48m14s IN NS M.ROOT-SERVERS.NET.
.
5d22h48m14s IN NS I.ROOT-SERVERS.NET.
.
5d22h48m14s IN NS E.ROOT-SERVERS.NET.
.
5d22h48m14s IN NS D.ROOT-SERVERS.NET.
.
5d22h48m14s IN NS A.ROOT-SERVERS.NET.
.
5d22h48m14s IN NS H.ROOT-SERVERS.NET.
.
5d22h48m14s IN NS C.ROOT-SERVERS.NET.
.
5d22h48m14s IN NS G.ROOT-SERVERS.NET.
.
5d22h48m14s IN NS F.ROOT-SERVERS.NET.
.
5d22h48m14s IN NS B.ROOT-SERVERS.NET.
.
5d22h48m14s IN NS J.ROOT-SERVERS.NET.
.
5d22h48m14s IN NS K.ROOT-SERVERS.NET.
.
5d22h48m14s IN NS L.ROOT-SERVERS.NET.
;; ADDITIONAL SECTION:
M.ROOT-SERVERS.NET.
6d22h48m14s IN A 202.12.27.33
I.ROOT-SERVERS.NET.
6d22h48m14s IN A 192.36.148.17
E.ROOT-SERVERS.NET.
6d22h48m14s IN A 192.203.230.10
D.ROOT-SERVERS.NET.
6d22h48m14s IN A 128.8.10.90
A.ROOT-SERVERS.NET.
6d22h48m14s IN A 198.41.0.4
H.ROOT-SERVERS.NET.
6d22h48m14s IN A 128.63.2.53
C.ROOT-SERVERS.NET.
6d22h48m14s IN A 192.33.4.12
G.ROOT-SERVERS.NET.
6d22h48m14s IN A 192.112.36.4
F.ROOT-SERVERS.NET.
6d22h48m14s IN A 192.5.5.241
B.ROOT-SERVERS.NET.
6d22h48m14s IN A 128.9.0.107
J.ROOT-SERVERS.NET.
6d22h48m14s IN A 198.41.0.10
K.ROOT-SERVERS.NET.
6d22h48m14s IN A 193.0.14.129
L.ROOT-SERVERS.NET.
6d22h48m14s IN A 198.32.64.12
;; Total query time: 39 msec
;; FROM: www.futuretg.com to SERVER: default
-- 151.99.125.2
;; WHEN: Mon Oct 9 12:00:56 2000
;; MSG SIZE sent: 17 rcvd: 436
[root@www /root]#
You can got also "SERVFAIL" messages, when the server is down or not well configured.
[root@www /root]# dig query-type=soa www.linuxwebcampus.com
; <<>> DiG 8.2 <<>> query-type=soa
www.linuxwebcampus.com
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status:
SERVFAIL, id: 4
;; flags: qr rd ra; QUERY: 1, ANSWER: 0,
AUTHORITY: 0, ADDITIONAL: 0
;; QUERY SECTION:
;; www.linuxwebcampus.com,
type = A, class = IN
;; Total query time: 31 msec
;; FROM: www.futuretg.com to SERVER: default
-- 151.99.125.2
;; WHEN: Mon Oct 9 12:01:57 2000
;; MSG SIZE sent: 40 rcvd: 40
[root@www /root]#
In this section we will cover how to install the DNS Server.
The DNS Daemon: named, must send to other DNS Servers the latest information in the Web. The period to send or get information is handled in the REFRESH value inside the DNS configuration.
Each DNS using the phone connection receive and refresh its data about the Web.
At startup is necessary to activate the named daemon that is the DNS daemon. We present here the classical RedHat program:
We can also check if the daemon is running or not.
[root@www /root]# ps ax | grep named
753 ? S
0:00 named -u named
754 ? S
0:00 named -u named
758 ? S
0:10 named -u named
759 ? S
0:00 named -u named
760 ? S
0:03 named -u named
[root@www /root]#
Now, we know what is the daemon we need to run to start the DNS services on our server.
The first file to check is named.conf. In this file we will have the directory where the DNS record will be present.
[root@www /root]# more /etc/named.conf
// generated by named-bootconf.pl
options {
directory
"/etc/named";
/*
* If there
is a firewall between you and nameservers you want
* to talk to,
you might need to uncomment the query-source
* directive
below. Previous versions of BIND always asked
* questions
using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address
* port 53;
};
//
// a caching only nameserver config
//
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none;
};
};
// 213.82.126.2
zone "futuretg.com" {
type master;
file "named.futuretg";
};
// 213.82.126.3
zone "ftlinuxcourse.com" {
type master;
file "named.ftlinuxcourse";
};
// 213.82.126.4
zone "linuxutilities.org" {
type master;
file "named.linuxutilities";
};
// 213.82.126.5
zone "linuxwebcampus.com" {
type master;
file "named.linuxwebcampus";
};
This files define what are the DNS records and where are located. For example we have the zone:
// 213.82.126.2
zone "futuretg.com" {
type master;
file "named.futuretg";
};
And the zone:
// 213.82.126.3
zone "ftlinuxcourse.com" {
type master;
file "named.ftlinuxcourse";
};
Then, in the directory: "/etc/named" (the directory specified in the
named.conf), are present the DNS records that define a Web zone.
[root@www /root]# cd /etc/named
[root@www named]# ls -al
total 84
drwxr-xr-x 2 root
root 4096 Sep 7 10:16
.
drwxr-xr-x 60 root root
8192 Oct 30 14:33 ..
-rw-r--r-- 1 root
root 211 Nov
1 2000 127.0.0
-rw-r--r-- 1 root
root 536 Nov
2 2000 named.bye_bye
-rw-r--r-- 1 root
root 2769 Feb 3
2000 named.ca
-rw-r--r-- 1 root
root 309 May 16 17:08
named.ftlinuxcourse
-rw-r--r-- 1 root
root 314 Apr 16
2001 named.ftosx_apps
-rw-r--r-- 1 root
root 399 May 16 17:06
named.futuretg
-rw-r--r-- 1 root
root 305 Mar 10
2001 named.linuxcourse
-rw-r--r-- 1 root
root 336 Nov 21
2000 named.linuxdistributors
-rw-r--r-- 1 root
root 311 May 16 17:08
named.linuxutilities
-rw-r--r-- 1 root
root 311 May 16 17:07
named.linuxwebcampus
-rw-r--r-- 1 root
root 422 Feb
3 2000 named.local
-rw-r--r-- 1 root
root 249 Oct 31
2000 named.local.2liv
-rw-r--r-- 1 root
root 423 Jun 28
1999 named.local.rpmsave
-rw-r--r-- 1 root
root 305 May 16 17:09
named.marinelinux
-rw-r--r-- 1 root
root 312 Sep
7 09:54 named.rpmparadaise
-rw-r--r-- 1 root
root 307 Nov 21
2000 named.thunderlinux
-rw-r--r-- 1 root
root 301 May 16 17:08
named.yourlinux
-rw-r--r-- 1 root
root 2119 Nov 1
2000 root.cache
[root@www named]#
Create a DNS record is simple:
For example the "main" record that regards the futuretg.com is the following:
[root@www named]# more named.futuretg
@
IN SOA dns.futuretg.com.
hostmaster.www.futuretg.com. (
2001051602 ; serial
86400 ; refresh
7200 ; retry
2592000 ; expire
432000 ; default_ttl
)
IN NS www.futuretg.com.
IN NS dns.futuretg.com.
IN MX 10 mail.futuretg.com.
www.futuretg.com. IN
A 213.82.126.2
dns.futuretg.com. IN
A 213.82.126.10
mail.futuretg.com. IN
A 213.82.126.11
ftp.futuretg.com. IN
A 213.82.126.15
[root@www named]#
The explanation to the previous entries is as follows:
@ stand for record
SOA is Start of Zone of Authority. means that this territory is
mine and belong to my address.
Is necessary a DNS IP Address to work. The DNS address, for our server:
[root@www named]# ping dns.futuretg.com
PING dns.futuretg.com (213.82.126.10) from 213.82.126.10 : 56(84)
bytes of data.
Warning: time of day goes back, taking countermeasures.
64 bytes from dns.futuretg.com (213.82.126.10): icmp_seq=0 ttl=255
time=1.273 msec
64 bytes from dns.futuretg.com (213.82.126.10): icmp_seq=1 ttl=255
time=76 usec
64 bytes from dns.futuretg.com (213.82.126.10): icmp_seq=2 ttl=255
time=74 usec
64 bytes from dns.futuretg.com (213.82.126.10): icmp_seq=3 ttl=255
time=74 usec
64 bytes from dns.futuretg.com (213.82.126.10): icmp_seq=4 ttl=255
time=72 usec
64 bytes from dns.futuretg.com (213.82.126.10): icmp_seq=5 ttl=255
time=77 usec
64 bytes from dns.futuretg.com (213.82.126.10): icmp_seq=6 ttl=255
time=72 usec
--- dns.futuretg.com ping statistics ---
7 packets transmitted, 7 packets received, 0% packet loss
round-trip min/avg/max/mdev = 0.072/0.245/1.273/0.419 ms
[root@www named]#
This entry will feedback with other DNS and in seconds will create and inform the Web about each DNS record you have.
Therefore the entry:
@ IN SOA dns.futuretg.com. hostmaster.www.futuretg.com. (
Means:
Record in SOA for dns.futuretg.com located at hostmaster.www.futuretg.com
We also have:
2001051602 ; serial
This is the actual date in the format YYYYMMDDSS, YYYY is the Year, MM is the month, DD is the Day and SS is the number of times we update the record: 01, first time, 02 second time.
86400 ; refresh
86400 is period in second, where the record must be updated.
7200 ; retry
7200 is period in second, the second server must retry if the first connection fails.
2592000 ; expire
2592000 is maximum limit in second, that the second server must relay
the data before to refresh.
432000 ; default_ttl
TTL is the "Time to Live" ... textually from the RFC1033 ... "It specifies
how long a domain resolver should cache the RR before it throws it out
and asks a domain server again. See the section on TTL's. If
you leave
the TTL field blank it will default to the minimum time specified in
the SOA record (described later)".
These info was introduced in: RFC 1033, RFC 1034, RFC 1035.
After the record in SOA, we have the MX (Mailer) record
IN MX 10 mail.futuretg.com.
and other nomal records:
www.futuretg.com. IN
A 213.82.126.2
dns.futuretg.com. IN
A 213.82.126.10
mail.futuretg.com. IN
A 213.82.126.11
ftp.futuretg.com. IN
A 213.82.126.15
Is important to note the dot "." after the domain name haves a special means. This means that there are no other information about the domain name.
Of course is necessary that the IP address haves its entry.
Secondary virtual hosts have a minor difference regarding the main Web site.
[root@www named]# more named.ftlinuxcourse
@
IN SOA www.ftlinuxcourse.com.
hostmaster.www.futuretg.com. (
2001051602 ; serial
86400 ; refresh
7200 ; retry
2592000 ; expire
432000 ; default_ttl
)
@
IN MX 5
www.futuretg.com.
@
IN NS www.futuretg.com.
@
IN NS dns.futuretg.com.
@
IN NS www.ftlinuxcourse.com.
www
IN A
213.82.126.3
[root@www named]#
Here we resume some minimal information and terms about DNS.
A - the host address associated with the domain name
MF - identifies a mail forwarder for the domain
MD - identifies a mail destination for the domain
NS - the authoritative name server for the domain
SOA - identifies the start of a zone of authority
CNAME - identifies the canonical name of an alias
This memo uses the following classes in its examples:
IN - the ARPA Internet system
CS - the CSNET system
The first type
of resource record holds a host name to host
address binding.
Its fields are:
+--------+--------+--------+--------------//----------------------+
|<owner> | A
| <class>| <class specific address>information |
+--------+--------+--------+--------------//----------------------+
These info is present in: RFC
1033, RFC
1034, RFC
1035.
Read the answers
to the exercises.
Check the Interactive Exam Cram WebMaster: 
Internet Resources for this Chapter.