KAPITEL 8 DNS Domain Name System. DNS Service Domain Name System (DNS) is a system that translates between domain names and IP addresses –For example.

Præsentationer af emnet: "KAPITEL 8 DNS Domain Name System. DNS Service Domain Name System (DNS) is a system that translates between domain names and IP addresses –For example."— Præsentationens transcript:

1 KAPITEL 8 DNS Domain Name System

2 DNS Service Domain Name System (DNS) is a system that translates between domain names and IP addresses –For example from www.ascom.no to 195.191.133.67www.ascom.no Makes it possible to assign new IP addresses to servers as the domain name is the same. DNS uses UDP port 53

3 DNS DNS is a hierarchical distributed naming system. Domain names consists of two parts www.ascom.nowww.ascom.no –A host name: www A specific webserver located at ascom.no –A domain name: ascom.no A full domain name is also called a FQDN. –Fully Qualified Domain Name (FQDN).

4 DNS zones

5 Domain name:www.ascom.no Host navn Second level domain Top level domain A domain name is read from the right side to the left side Dots (.) divides the domain name in sections A dot means authority is delegated to a operator. –The TLD no is operated by by the company norid (www.norid.no)www.norid.no –Norid delegates control of ascom.no to Ascom in norway. –Ascom in norway operates a DNS servers with an entry stating that that the IP address of www.ascom.no is 195.191.133.67www.ascom.no

6 DNS zones There are 13 root-servers named a to m. –a.root-servers.net –… –m.root-servers.net The 13 root-servers has well known IP addresses The root-servers are the top level of the hierarchical distributed database.

7 www.ascom.no

8 DNS name rules Domain names maximum length is 63 characters including dots. The maximum length of FQDN names is 255 characters. No distingtion between upper or lower case in letters www.asom.no max. 63 kar. max. 255 kar.

9 Client DNS config Addresses on DNS servers the host will use for translating domain names. Often configured using DHCP

10 DNS- Example A user wants to see www.ascom.no

11 1: Client ask local DNS Which IP address has www.ascom.no?

12 2: Local DNS asks root Lokale DNS spørger root server

13 2: root server knows.no Root server returns IP address of.no server in norway

14 3: Ask.no for www.ascom.no.no dont know www.ascom.no but it knows the next authority.ascom.no DNS server and returns the IP address of the ascom.no DNS serverwww.ascom.no

15 4: Then ask ascom.no The ascom.no DNS server knows www.ascom.no and returns the IP address of the web server www.ascom.no

16 5: The client get the answer www.ascom.nowww.ascom.no is 195.191.133.67

17 6: Get the web-page The local DNS server will normally be a caching DNS server meaning it will remember what it learns reducing traffic and decreasing respond time. All information has a time-to-live. The information will be deleted when time-to-live expires.

18 Caching DNS information My computer – Windows 7 caches the information it learns from the DNS system Uses time-to-live to timeout the information

19 DNS Domain Name System –Oversætte mellem domænenave og IP adresser Windows DNS test kommando nslookup

20 DNS Records Flere oplysninger i DNS databaser –Kaldes DNS Record types DNS Klienter spørger DNS servere Record TypeForklaring AEn A-record anvendes til at binde et Hostnavn til en IPv4 adresse. AAAAEn AAAA-record anvendes til at binde et Hostnavn til en IPv6 adresse. MX MX eller Mail-eXchange anvendes til at finde et domænes mail- servere. SOASOA eller Start-of-Authority anvendes til at finde oplysninger om en Zone.

21 A-Record Er IPv4 Host navn –nslookup anvendt til at spørge om specifik type

22 AAAA-Record Er IPv6 Host navn –nslookup anvendt til at spørge om specifik type

23 Windows standard Windows spørger som standard på både A-Record og AAAA-Record

24 MX-Record MX eller Mail Exchange Recorden –Anvendes til at finde domænes mail-server –IP på mail findes med A og/eller AAAA

25 DNS Servere Tre typer af DNS servere findes Primær DNS server –Har ansvaret for en zone fx. tdc.dk Sekundær DNS server –Er slave til en primær –En ændring på primær overføres automatisk Caching DNS server –Gemmer lært DNS information midlertidigt

26 SOA Record SOA – Start Of Authority Record –Indeholder oplysninger om en zone

27 Caching DNS server Homebox Routere indeholder oftest Caching DNS server nslookup anvender homebox som DNS

28 Primær/Sekundær DNS Primære og sekundære DNS servere kan ses med nslookup

29 Bind /etc/bind/named.conf.options –Indeholder options og forwarders –forwarders { # Replace the address below with the address of your provider’s DNS server 172.16.4.66; }; /etc/bind/named.conf.local –Indeholder zoner og config

30 Named.conf.local #Forward lookup zone for cluster.tekkom.dk zone “cluster.tekkom.dk” { type master; file “/etc/bind/zones/cluster.tekkom.dk.db”; }; #Revers lookup zone for 192.168.0.x zone “0.168.192.in-addr.arpa” { type master; file “/etc/bind/zones/0.168.192.in-addr.arpa”; };

31 Zone filerne Mkdir /etc/bind/zones Nano /etc/bind/zones/cluster.tekkom.dk.db Nano /etc/bind/zones/0.168.192.in- addr.arpa

32 Cluster.tekkom.dk. Zonen Nano /etc/bind/zones/cluster.tekkom.dk.db $TTL 1D cluster.tekkom.dk. IN SOA ns1.cluster.tekkom.dk. admin.cluster.tekkom.dk. ( ; // Do not modify the following lines! 2007031001 //Serial 28800 //Refresh 3600 //Retry 604800 //Expire 38400 //TTL ) @INNSns1.cluster.tekkom.dk. ns1INA192.168.0.11 wwwINCNAMEns1 http://support.microsoft.com/kb/163971

33 0.168.192.in-addr.arpa. Zonen Nano /etc/bind/zones/0.168.192.in- addr.arpa $TTL 1D @ IN SOA ns1.cluster.tekkom.dk. admin.cluster.tekkom.dk. ( ; // Do not modify the following lines! 2007031001 //Serial 28800 //Refresh 3600 //Retry 604800 //Expire 38400 //TTL ) @INNSns1.cluster.tekkom.dk. 11INPTRns1.cluster.tekkom.dk.

34 Bind9 /etc/init.d/bind9 restart Dig cluster.tekkom.dk Nslookup ns1 tail -f /var/log/syslog