KAPITEL 8 DNS Domain Name System

DNS Service Domain Name System (DNS) is a system that translates between domain names and IP addresses –For example from to www.ascom.no Makes it possible to assign new IP addresses to servers as the domain name is the same. DNS uses UDP port 53

DNS DNS is a hierarchical distributed naming system. Domain names consists of two parts –A host name: www A specific webserver located at ascom.no –A domain name: ascom.no A full domain name is also called a FQDN. –Fully Qualified Domain Name (FQDN).

DNS zones

Domain name: Host navn Second level domain Top level domain A domain name is read from the right side to the left side Dots (.) divides the domain name in sections A dot means authority is delegated to a operator. –The TLD no is operated by by the company norid ( –Norid delegates control of ascom.no to Ascom in norway. –Ascom in norway operates a DNS servers with an entry stating that that the IP address of is www.ascom.no

DNS zones There are 13 root-servers named a to m. –a.root-servers.net –… –m.root-servers.net The 13 root-servers has well known IP addresses The root-servers are the top level of the hierarchical distributed database.

DNS name rules Domain names maximum length is 63 characters including dots. The maximum length of FQDN names is 255 characters. No distingtion between upper or lower case in letters max. 63 kar. max. 255 kar.

Client DNS config Addresses on DNS servers the host will use for translating domain names. Often configured using DHCP

DNS- Example A user wants to see

1: Client ask local DNS Which IP address has

2: Local DNS asks root Lokale DNS spørger root server

2: root server knows.no Root server returns IP address of.no server in norway

3: Ask.no for dont know but it knows the next authority.ascom.no DNS server and returns the IP address of the ascom.no DNS serverwww.ascom.no

4: Then ask ascom.no The ascom.no DNS server knows and returns the IP address of the web server

5: The client get the answer is

6: Get the web-page The local DNS server will normally be a caching DNS server meaning it will remember what it learns reducing traffic and decreasing respond time. All information has a time-to-live. The information will be deleted when time-to-live expires.

Caching DNS information My computer – Windows 7 caches the information it learns from the DNS system Uses time-to-live to timeout the information

DNS Domain Name System –Oversætte mellem domænenave og IP adresser Windows DNS test kommando nslookup

DNS Records Flere oplysninger i DNS databaser –Kaldes DNS Record types DNS Klienter spørger DNS servere Record TypeForklaring AEn A-record anvendes til at binde et Hostnavn til en IPv4 adresse. AAAAEn AAAA-record anvendes til at binde et Hostnavn til en IPv6 adresse. MX MX eller Mail-eXchange anvendes til at finde et domænes mail- servere. SOASOA eller Start-of-Authority anvendes til at finde oplysninger om en Zone.

A-Record Er IPv4 Host navn –nslookup anvendt til at spørge om specifik type

AAAA-Record Er IPv6 Host navn –nslookup anvendt til at spørge om specifik type

Windows standard Windows spørger som standard på både A-Record og AAAA-Record

MX-Record MX eller Mail Exchange Recorden –Anvendes til at finde domænes mail-server –IP på mail findes med A og/eller AAAA

DNS Servere Tre typer af DNS servere findes Primær DNS server –Har ansvaret for en zone fx. tdc.dk Sekundær DNS server –Er slave til en primær –En ændring på primær overføres automatisk Caching DNS server –Gemmer lært DNS information midlertidigt

SOA Record SOA – Start Of Authority Record –Indeholder oplysninger om en zone

Caching DNS server Homebox Routere indeholder oftest Caching DNS server nslookup anvender homebox som DNS

Primær/Sekundær DNS Primære og sekundære DNS servere kan ses med nslookup

Bind /etc/bind/named.conf.options –Indeholder options og forwarders –forwarders { # Replace the address below with the address of your provider’s DNS server ; }; /etc/bind/named.conf.local –Indeholder zoner og config

Named.conf.local #Forward lookup zone for cluster.tekkom.dk zone “cluster.tekkom.dk” { type master; file “/etc/bind/zones/cluster.tekkom.dk.db”; }; #Revers lookup zone for x zone “ in-addr.arpa” { type master; file “/etc/bind/zones/ in-addr.arpa”; };

Zone filerne Mkdir /etc/bind/zones Nano /etc/bind/zones/cluster.tekkom.dk.db Nano /etc/bind/zones/ in- addr.arpa

Cluster.tekkom.dk. Zonen Nano /etc/bind/zones/cluster.tekkom.dk.db $TTL 1D cluster.tekkom.dk. IN SOA ns1.cluster.tekkom.dk. admin.cluster.tekkom.dk. ( ; // Do not modify the following lines! //Serial //Refresh 3600 //Retry //Expire //TTL ns1INA wwwINCNAMEns1

in-addr.arpa. Zonen Nano /etc/bind/zones/ in- addr.arpa $TTL IN SOA ns1.cluster.tekkom.dk. admin.cluster.tekkom.dk. ( ; // Do not modify the following lines! //Serial //Refresh 3600 //Retry //Expire //TTL 11INPTRns1.cluster.tekkom.dk.

Bind9 /etc/init.d/bind9 restart Dig cluster.tekkom.dk Nslookup ns1 tail -f /var/log/syslog