The name and address space : The name and address space George Macri
Research Institute for Informatics
Romania
4th Network Tehnologies Workshop
Introduction : Introduction The Berkeley Internet Name Domain (BIND) - Internet name server for UNIX operating systems.
BIND
server (or ``daemon'') called named
a resolver library
A name server (DNS)
network service
enables clients to name resources or objects
share this information with other objects in the network.
Distributed data base system for objects in a computer network
Introduction : Introduction BIND server runs in the background, servicing queries on a well known network port.
The standard port for UDP and TCP is specified in /etc/services.
The resolver is a set of routines residing in a system library that provides the interface that programs can use to access the domain name services.
BIND is fully integrated into Unix OS network programs for use in storing and retrieving host names and address.
Use BIND as a replacement to the older host table lookup of information in the network hosts file /etc/hosts.
The default configuration for UNIX systems is using BIND
IP addresses and names : IP addresses and names Disadvantages of an address
It is too long (192.162.16.201)
It has no representation for the organization where we want to connect
It is difficult to remember
Names
Human users prefer to use names instead of numbers
A name can be associated to any device that has an IP address
Example: ftp.ripe.net, kyoto-u.ac.jp, www.cisco.com
Advantages of names
They make reference to an organization name: www.ibm.com
They are easy to remember
Domain Name Hierarchy : Domain Name Hierarchy . edu Root domain com gov mil net org ro fr at . . . . . . jp ici rnc ase pub utt vsat roearn ns std cs lmn dsp ulise paul ac co gv or . . . uni-linz tuwien . . . . . . . eunet cc univie mat exp itc . . . . . . phytia alpha chris Top-Level-Domains Second Level Domains
Domain name structures : Domain name structures The root of system is unnamed
Top level domains are:
Within the United States of America
edu - educational institutions
com - commercial institutions
net - network support organizations
gov - government agencies
mil - military organizations
org - organizations that don’t fit in any of the above
country code according to ISO-3316 (uk, de, pl, sk, mk, ...)
Flat structure
Based on generic categories (ac, co, gv, or, nt, etc.)
Based on geographical locations (waw.pl, poznan.pl, etc.)
IANA (Internet Assigned Numbers Authority) : IANA (Internet Assigned Numbers Authority) IANA is the overall authority for:
IP addresses;
top-level-domains;
Autonomous Systems number;
other parameters (protocol numbers, port numbers, etc.)
See the file /etc/protocols on a UNIX machine
0 IP pseudo protocol number
1 ICMP
6 TCP
17 UDP
Well known TCP ports (see the file /etc/services on a UNIX machine):
21 - FTP server
23 - telnet server
25 - SMTP mail server
53 - domain nameserver
Setting up a Top-Level-Domain (TLD) : Setting up a Top-Level-Domain (TLD) Set up the primary nameserver for the top-level-domain;
Ask somebody to run secondary nameserver at different locations, different continents (RIPE, EUNET, UUNET, etc.);
Send mail to and to providing the Internic domain template, including:
administrative contact person
technical contact person
primary nameserver
secondary nameservers
for a template application form
ftp://ftp.rs.internic.net/template/domain-template.txt
whois program can be used to query if a top-level-domain is registered
example: whois -h rs.internic.net sk-dom
Whois -h whois.internic.net sk-dom : Whois -h whois.internic.net sk-dom Registrant:
Slovakia top-level domain (SK-DOM)
EUnet Slovakia
Comenius University
MFF UK, Computer Centre Mlynska dolina
842 15 Bratislava Slovakia
Domain Name: SK
Administrative Contact:
Buechler, Gejza (GB224) gejza@SLOVAKIA.EU.NET +421 7 538 4900 (FAX) +421 7 538 5403
Technical Contact, Zone Contact:
Lescak, Ivan (IL2) ivan@SLOVAKIA.EU.NET +421 7 5876 111 (FAX) +421 7 5876 211
Record created on 29-Mar-93.
Database last updated on 22-Aug-98 04:15:35 EDT.
Domain servers in listed order:
NS.EUNET.SK 192.108.130.33
NS.EU.NET 192.16.202.11
SUNIC.SUNET.SE 192.36.125.2 192.36.148.18
NS.UU.NET 137.39.1.3
SPARKY.ARL.MIL 128.63.58.18
Obtaining an IP address : Obtaining an IP address Originally, IP numbers were assigned by the Global Internet Registry (known as the InterNIC).
Today, day-to-day responsibility for assignment of IP addresses, Autonomous System Numbers is given to Internet registries (IR):
RIPE-NCC for Europe;
APNIC for Asia and Pacific Area.
RIPE has established local Internet Registries in countries in Europe
RIPE-NCC has been delegated the following address ranges:
192.162.0.0 - 192.162.255.0
192.164.0.0 - 192.168.255.0
193.0.0.0 - 193.255.255.0
194.0.0.0 - 194.255.255.0
Obtaining an IP address (continue) : Obtaining an IP address (continue) RIPE-NCC delegates blocks of numbers to local Internet Registry in a country
The local Internet Registry assigns IP numbers to users
The user sends his request to the local Internet Registry, providing information about network name, administrative and technical contact persons (try “whois -h whois.ripe.net 193.226.32.0” for an example, but follow your local Internet Registry instructions)
The local Internet Registry assigns an IP number and register the data to RIPE database, which is the only authoritative registry for the status of a particular network number from a RIPE-NCC delegated block
Requests sent by users for address space should be reasonable and accompanied by enough technical details to justify the amount of address space requested
How to query RIPE database : How to query RIPE database Using whois
whois -h whois.ripe.net help >ripe.help
whois -h whois.ripe.net
word-for-search:
IP address, person name, domain name, AS NUMBER
ftp ftp.ripe.net
mail to mailserv@ripe.net
Query the RIPE Databe:
whois -h whois.ripe.net 161.53.0.0
whois -h whois.ripe.net AS1755
whois.h whois.ripe.net at
whois -h whois.ripe.net
Whois -h whois.ripe.net 193.230.1.0 : Whois -h whois.ripe.net 193.230.1.0 inetnum: 193.230.1.0 - 193.230.1.255
netname: IPA
descr: Research Institute for Automation - Bucharest, Romania
country: RO
admin-c: SP72-RIPE
tech-c: GM76-RIPE
tech-c: BP30-RIPE
remarks: object maintained by ro.rnc local registry
notify: domain-admin@roearn.ici.ro
mnt-by: AS3233-MNT
changed: alina@u1.ici.ro 960206
changed: estaicut@linkguide.ici.ro 970803
source: RIPE
Slide14 :
person: Sanda Petrescu
address: Research Institute for Automation
address: 167 Calea Floreasca blvd., sect.1
address: Bucharest, Romania
phone: + 40-1-3129110
fax-no: + 40-1-3125392
e-mail: sanda@automation.ipa.ro
nic-hdl: SP72-RIPE
notify: domain-admin@roearn.ici.ro
changed: alina@u1.ici.ro 960206
source: RIPE
Whois -h whois.ripe.net at : Whois -h whois.ripe.net at domain: at
descr: Top Level Domain for the Republic of Austria
descr: managed by UniVie/ACOnet
admin-c: PR67
tech-c: WK42
zone-c: GW13-RIPE
nserver: ns1.univie.ac.at
nserver: ns2.univie.ac.at
nserver: alijku01.edvz.uni-linz.ac.at
nserver: ns.uu.net
nserver: ns.eu.net
nserver: ns.Austria.eu.net
remarks: ftp://ftp.univie.ac.at/netinfo/aconet/at-dom.template.ge
remarks: role mailbox for inquiries: mailto:domain-admin@univie.ac.at
mnt-by: AT-DOM-MNT
changed: panigl@cc.univie.ac.at 960126
changed: werner@evolution.co.at 960719
changed: woeber@cc.univie.ac.at 961113
changed: Andreas.Papst@univie.ac.at 970219
source: RIPE
Slide16 :
route: 193.230.0.0/17
descr: RNC, Romanian National Computer Network for Research and Education
origin: AS3233
mnt-by: AS3233-MNT
changed: estaicut@linkguide.ici.ro 961021
source: RIPE
Autonomous System Number : Autonomous System Number An Autonomous System Number (AS) is a set of routers under a single technical administration, using an interior gateway protocol and an exterior gateway protocol to route packets to other ASs.
An AS is a connected group of IP networks run by one or more network operators which has a single and defined routing policy.
AS number is a 16 bit number (65535 unique AS numbers).
It is a finite amount of address space.
Sometimes, the term AS is misunderstood and used for grouping together a set of prefixes which belong under the same administrative umbrella.
AS number are assigned by RIPE in Europe
Whois -h whois.ripe.net AS6715 : Whois -h whois.ripe.net AS6715 aut-num: AS6715
descr: Logic Telecom SA
descr: Bucharest, Romania
as-in: from AS5484 100 accept ANY
as-in: from AS6746 100 accept AS6746 AS2614 AS6845
as-out: to AS6746 announce AS6715
as-out: to AS5484 announce AS6715 AS6746
default: AS5484 100
admin-c: CT19-RIPE
tech-c: AD17-RIPE
mnt-by: AS6715-MNT
changed: cornel@logicnet.ro 961122
changed: cornel@logicnet.ro 970804
source: RIPE
Domain Name Servers : Domain Name Servers Usually host names are used in network commands (telnet, ftp, mail, gopher clients, www clients, etc. );
Network connections always take place based on the IP address;
The system always converts host names to addresses before the network connection is made;
How to associate names with addresses?
Host table
Domain Name Server
Host Table : Host Table host table is a simple text file (/etc/hosts) which contains associations between an IP address and a list of host names.
Example:
192.162.16.1 ciscoags1.ici.ro ciscoags1
192.162.16.2 roearn.ici.ro roearn
192.162.16.3 pcs1.ici.ro pcs1
192.162.16.4 std.ici.ro std
Disadvantage
The table should contain all the Internet hosts (over 10,000,000 entries);
The table is very large;
Difficult to update when new hosts are connected to Internet or IP addresses are changed
Domain Name Server (DNS) : Domain Name Server (DNS) Overcomes the weaknesses of the host table
It is a distributed database system
Host names are automatically disseminated to those who ask to have access
BIND - UNIX Name Service : BIND - UNIX Name Service In UNIX, DNS is implemented by the Berkeley Internet Name Domain (BIND) software;
It is a client/server software system;
The client is called “resolver”; it generates queries for domain name information that are sent to the server;
The server is a daemon called named.
The domain name is actually an argument used by the local resolver;
The resolver is responsible for hiding the distribution of data among nameservers from the user;
The resolver is part of the operating system.
DNS Operation : DNS Operation To establish a connection to a remore host, a user program sends a query to the resolover, asking the IP number of a specified hostname;
The resolver starts with knowledge of at least one nameserver;
The resolver processes a user query by asking a known nameserver for the information (IP for the remoete host);
If the remote host is in the zone delegated to it, it will answer with its IP number;
The local nameservers knows the addresses of other nameservers;
If the remote host is in a zone for which the local nameserver is not delegated, queries will be sent to other nameservers, starting with root servers to find out the delegated nameserver for the top-level-domain, the subdomain and so on;
The resolver/server model (diagram) : The resolver/server model (diagram) Authoritative
Nameserver Recursive Nameserver
CACHE Resolver Resolver
DNS Operation (continue) : DNS Operation (continue) To minimize the answer time for the next query to the same host name, the nameserver caches the information obtained by a query; the information cached is valid a certain time period as defined when that zone was configured.
Finally, the nameserver delegated for the zone containing the remote host is reached and the IP addresses is obtained and returned to the host which initiated the first query;
Remarks : Remarks DNS is essential for a proper operation of the network;
If DNS fails, connections to any remote host are no more possible;
To allow network operation in case of failures of a nameserver, each nameserver (called primary nameserver should have at least another nameserver (called secondary nameserver) which holds a copy of the zone file;
The secondary nameserver periodically queries the primary nameserver whether the zone was changed. In case of the change, it is transferred into its cache and also stored in a local file, which will be used next time at starting up as initial data;
When data about a new host should be added to the DNS database, or a change of address/name should be done, the entry is done only on the primary nameserver; the secondary nameserver will get it automatically.
Reverse Lookup : Reverse Lookup When a source host establishes a connection to a destination host, the TCP/IP packets carry out only IP addresses of the source host;
For authentication, access rights or accounting information, the destination host wants to know the name of the source host;
For this purpose, a special domain “id-addr.arpa” is used;
The reverse name is obtained by reversing the IP number and adding the name “in-addr.arpa”;
Example: address: 192.162.16.2
reverse name: 2.16.162.192.in-addr.arpa
Reverse domains form a hierarchical tree and are treated as any other Internet domain.
Reverse Domain Hierarchy : Reverse Domain Hierarchy 187 188 189 190 191 192 193 194 195 . . . . . . 157 158 159 160 165 166 167 168 . . . .in-addr .arpa 162 161 163 164 16 15 14 13 12 17 18 19 20 21 3 1 2 4 5
Hierarchy of nameservers : Hierarchy of nameservers Root nameserver - delegates nameservers for top-level-domains;
Nameserver for each top level domain - holds information about the top level domain, delegates nameservers for subdomains;
Nameserver for each subdomain
Nameserver for each reverse domain
Requirements for a nameserver : Requirements for a nameserver A query should be resolved as fast as possible;
It should be available 24 hours a day;
It should be reachable via fast communication lines;
It should be located in the central in the network topology;
It should run robust, without errors and interrupts.
Type of servers : Type of servers DNS server
primary for some zones
secondary for others,
only a primary, or only a secondary,
serve no zones and just answer queries via its ``cache''
Caching Only Server
All servers & not authoritative for any zone
Remote Server
/etc/resolv.conf file listing only remote hosts
does not run a name server of its own
Slave Server
always forwards queries it cannot satisfy from its cache, to a fixed list of forwarding servers; the queries to the forwarding servers are recursive queries.
Files : Files The name server uses several files to load its data base
This section covers the files and their formats needed for named
Boot File
file - first read when named starts up
tells the server what type of server it is, which zones it has authority over and where to get its initial data.
The default location /etc/named.boot
Can be changed by setting the BOOTFILE variable when you compile named or by specifying the location on the command line when named is started up.
Slide33 : named.boot File Sets general parameters using the commands:
directory
defines directory for all subsequent file references
domain
cache .
Points to the cache file which contains NS records and A records that provide the addresses of the root servers
ftp://ftp.ripe.net/tools/dns/named.root
primary
Declares the server as primary for the specified domain-name and at the startup it loads the name server data base from the specified file-name
Named.boot : Named.boot secondary
Declares the server as secondary for the domain-name, specifying the primary nameserver from which the zone will be downloaded and stored in the file identified by file-name
limit
Setting Name Server Limits
limit transfers-per-ns 2
Resolver Configuration : Resolver Configuration Configuration file name
/etc/resolv.conf.
Designates the name servers on the network that should be sent queries.
The resolver will try to contact a name server
The resolv.conf file contains directives
; comment
# another comment
domain local-domain
search search-list
nameserver server-address
sortlist sort-list
options option-list
Domain data files : Domain data files Two standard files for specifying the data for a domain
hosts
host.rev
These files use the Standard Resource Record Format (RR)
Note:
The file names are arbitrary; many network administrators prefer to name their zone files after the domains they contain, especially in the average case which is where a given server is primary and/or secondary for many different zones.
Hosts File : Hosts File This file contains all the data about the machines in this zone. The location of this file is specified in the boot file.
Declare in named.boot file
primary service
secondary service
Host.rev File : Host.rev File This file specifies the IN-ADDR.ARPA domain
Declared in Boot file
This is a special domain for allowing address to name mapping.
Special domain formed to allow inverse mapping
The IN-ADDR.ARPA domain has four labels preceding it. (4 octets of an Internet address)
E.g. Internet address 128.32.0.4
domain 4.0.32.128.IN-ADDR.ARPA.
Named.local : Named.local Specifies the PTR record for the local loopback interface (localhost)
network address is 127.0.0.1.
The location of this file is specified in the boot file
vitally important to the proper operation of every name server that the 127.0.0.1 address have a PTR record pointing back to the name ``localhost.''.
The name of this PTR record is always ``1.0.0.127.IN-ADDR.ARPA''.
This is necessary if you want your users to be able to use hostname-authentication (hosts.equiv or ~/.rhosts) on the name ``localhost''.
Standard Resource Record Format (RR) : Standard Resource Record Format (RR) The records in the name server data files are called resource records. The Standard Resource Record Format (RR) is specified in RFC1035.
General description of these records:
{name} {ttl} addr-class Record Type Record Specific data
the name may be left blank
The second field is an optional time to live field. (default ttl is specified in the Start Of Authority resource record).
The third field is the address classcurrently, only one class is supported: IN
IP address for a host : IP address for a host A record
Owner is host name
Data is IP address
; IP address of infoserver.xyz.com
infoserver.xyz.com. 86400 IN A 192.0.2.3
Information needed by the DNS infrastructure itself : Information needed by the DNS infrastructure itself SOA record
Each zone has exactly one SOA record
NS records
Each zone has several nameservers that are listed as having authoritative information about domains in the zone
One NS record for each such nameserver
SOA record : SOA record Every zone has exactly one SOA record
The domain name at the top of the zone owns the SOA record
Data portion of SOA record contains:
MNAME - name of master nameserver
RNAME - email address of zone administrator
SERIAL - serial number
REFRESH RETRY EXPIRE MINIMUM - timing parameters
NS record : NS record Each zone has several listed nameservers
One NS record for each listed nameserver
primary and secondaries
the data portion of each NS record contains the domain name of a nameserver
Does not contain IP address
Get that from an A record for the nameserver
SOA and NS record example : SOA and NS record example ; owner TTL class type data
xyz.com. 86400 IN SOA ns1.xyz.com. fred.xyz.com. (
199710161 ; serial
21600 ; refresh
3600 ; retry
2600000 ; expire
900 ) ; minimum
xyz.com. 86400 IN NS ns1.xyz.com.
xyz.com. 86400 IN NS ns2.xyz.com.
xyz.com. 86400 IN NS server.where.example.
SOA and NS example using some shortcuts : SOA and NS example using some shortcuts $ORIGIN xyz.com.
$TTL 86400
; owner TTL class type data
@ IN SOA ns1.xyz.com. fred.xyz.com. (
199710161 ; serial
21600 ; refresh
3600 ; retry
2600000 ; expire
900 ) ; minimum
NS ns1
NS ns2
NS server.where.example.
More about RRs above and below zone cuts : More about RRs above and below zone cuts RRs in the child zone (below the cut)
SOA and NS records (authoritative)
RRs in the parent zone (above the cut)
NS records (should be identical to those in the child zone)
glue records
the child zone’s nameservers sometimes need A records in the parent zone
Zone cut example - RRs in the child zone : Zone cut example - RRs in the child zone parent is COM zone; child is XYZ.COM zone
child zone has SOA and NS records, and A records for hosts
xyz.com. IN SOA xxx xxx xxx xxx xxx xxx xxx
NS ns1.xyz.com.
NS another.where.edu.
ns1.xyz.com. A 193.226.0.3
; the xyz.com zone does not have an A record
; for another.where.edu.
Zone cut example - RRs in the parent zone : Zone cut example - RRs in the parent zone parent is COM zone; child is XYZ.COM zone
parent zone has its own SOA and NS records, plus copies of child zone’s NS records, plus glue records
COM. IN SOA xxx xxx xxx xxx xxx xxx xxx
NS xxxxxxx
NS yyyyyyy
xyz.com. NS ns1.xyz.com.
NS another.where.ro.
ns1.xyz.com. A 192.0.2.3
; the com zone does not have an A record
; for another.elsewhere.edu.
Hostname for an IP address : Hostname for an IP address PTR record
Owner is IP address, mapped into the in-addr.arpa domain
Data is name of host with that IP address
; host name for IP address 192.0.3.2
3..0.226.193.in-addr.arpa. PTR infoserver.ici.ro.
Information about mail routing : Information about mail routing MX record
Owner is name of email domain
Data contains preference value, and name of host that receives incoming email
; send xyz.com’s email to mailserver or backupserver
xyz.com. MX 0 mail.xyz.ro.
xyz.com. MX 10 backup.xyz.ro.
Free form text : Free form text TXT record
Owner is any domain name
Data is any text associated with the domain name
Very few conventions about how to use it
.ro. TXT “George Macri - Tech-contact”
Alias to canonical name mapping : Alias to canonical name mapping CNAME record
Owner is non-canonical domain name (alias)
Data is canonical domain name
; ftp.rnc.ro is an alias
; info.ici.ro is the canonical name
ftp.rnc.ro. CNAME info.ici.ro.
A set of conventions for using the information : A set of conventions for using the information How to represent the relationship between host names and IP addresses
What records are used to control mail routing, and how the mail system should use those records
Many other things
Example - Resolver Configuration : Example - Resolver Configuration
domain ici.ro
nameserver 192.162.16.21
nameserver 192.162.16.31
nameserver 131.130.1.11
Example - named.boot : Example - named.boot ; boot file for name server ns.rnc.ro
directory /var/named
cache . named.ca
primary ro ro.zone
primary md md.zone
primary 0.0.127.in-addr.arpa named.local
primary 1.226.193.in-addr.arpa 193_226_1.revzone
secondary 226.193.in-addr.arpa 192.162.16.31 193_226_sec.revzone
secondary ase.ro 193.226.62.3 ase_ro_sec.zone
secondary 33.226.193.in-addr.arpa 192.162.16.31 193_226_33_sec.revzone
Example - named.ca : Example - named.ca ;Some root servers for initial startup
. 99999999 IN NS A.ROOT-SERVERS.NET.
99999999 IN NS B.ROOT-SERVERS.NET.
99999999 IN NS C.ROOT-SERVERS.NET.
99999999 IN NS D.ROOT-SERVERS.NET.
99999999 IN NS E.ROOT-SERVERS.NET.
99999999 IN NS F.ROOT-SERVERS.NET.
99999999 IN NS G.ROOT-SERVERS.NET.
99999999 IN NS H.ROOT-SERVERS.NET.
99999999 IN NS I.ROOT-SERVERS.NET.
; A records for root nameservers, initial cache for the first startup of named process
A.ROOT-SERVERS.NET. 99999999 IN A 198.41.0.4
B.ROOT-SERVERS.NET. 99999999 IN A 128.9.0.107
C.ROOT-SERVERS.NET. 99999999 IN A 192.33.4.12
D.ROOT-SERVERS.NET. 99999999 IN A 128.8.10.90
named.local example : named.local example ; Each zone starts with SOA (Start Of Authority)
@ IN SOA ns.ici.ro. domain-admin.roearn.ici.ro. (
1 ;serial
86400 ;refresh 24 hours
14400 ;retry 4 hours
2592000 ;expire 30 days
345600 ) ;minimum TTL 4 days
; The NS record defines the name of the nameserver
; for a domain, in this case the domain is 0.0.127.in-addr.arpa)
IN NS ns.ici.ro.
; The PTR (Pointer) translate an IP address into a hostname
1 IN PTR localhost.
Zone file for a top level domain : Zone file for a top level domain ; Pathname: /var/named/ro.zone - ns.rnc.ro
@ IN SOA ns.rnc.ro. estaicut.roearn.ici.ro. (
97062100 ; Serial
86400 ; Refresh 24 hours
14400 ; Retry 4 hours
2592000 ; Expire 30 days
345600 ) ; Minimum TTL 4 days
IN NS ns.ici.ro.
IN NS ns1.univie.ac.at.
IN NS ns.eu.net.
IN NS sunic.sunet.se.
IN NS ns.uu.net.
IN NS sparky.arl.mil.
IN NS ns.eunet.co.at.
Zone file for a top level domain (Continue) : Zone file for a top level domain (Continue) ; MX specifies that the mail for a host/domain
; should be sent to another host
roearn.ici.ac IN MX 100 roearn.ici.ro.
adcon 86400 IN NS ns.EU.net.
86400 IN NS ns.Austria.EU.net.
agir IN MX 100 ns.ici.ro.
; The A (Address) translates a hostname into an IP number
crc.ase IN A 193.226.62.3
u2.ici IN A 192.162.16.31
ns.ici IN A 192.162.16.21
Zone file for a subdomain : Zone file for a subdomain ; ZONE: ici.ro on u2.ici.ro
@ IN SOA u2.ici.ro. domain-admin.roearn.ici.ro. (
5 ; Serial
86400 ; Refresh 24 hours
14400 ; Retry 4 hours
2592000 ; Expire 30 days
345600 ) ; Minimum TTL 4 days
IN NS u2.ici.ro.
IN NS ns.ici.ro.
europanet IN A 193.226.46.1
IN A 193.172.12.18
pcrt1 IN A 192.162.16.1
Zone file for a subdomain (Continue) : Zone file for a subdomain (Continue) roearn IN A 192.162.16.2
in hinfo Vaxserver-3100 VMS
in wks 192.162.16.2 tcp telnet ftp smtp
in wks 192.162.16.2 udp domain
pcs3 IN A 192.162.16.3
std IN A 192.162.16.4
rtd2 IN A 192.162.16.6
IN A 193.226.2.192
rticerp IN A 192.162.16.8
indis IN A 192.162.16.30
; CNAME defines an allias (nickname) for a host
www IN CNAME indis.ici.ro.
Reverse zone file for 226.193.in-addr.arpa domain : Reverse zone file for 226.193.in-addr.arpa domain ; ZONE: 226.193.in-addr.arpa on ns-a.rnc.ro
@ IN SOA ns-a.rnc.ro. domain-admin.listserv.rnc.ro. (
8 ; Serial
86400 ; Refresh 24 hours
7200 ; Retry 2 hours
604800 ; Expire
86400 ) ; Minimum TTL 24 hours
IN NS u2.ici.ro. ; ns for 226.193.in-add.arpa
IN NS ns.ici.ro. ; ns for 226.193.in-add.arpa
IN NS ns.ripe.net.
1 IN NS ns.ici.ro. ; ns for 1.226.193.in-add.arpa
IN NS ns1.univie.ac.at. ; ns for 1.226.193.in-add.arpa
Reverse zone files for 33.226.193.in-addr.arpa domain : Reverse zone files for 33.226.193.in-addr.arpa domain ; ZONE: 33.226.193.in-addr.arpa on ns-a.rnc.ro
@ IN SOA ns-a.rnc.ro. domain-admin.listserv.rnc.ro. (
8 ; Serial
36000 ; Refresh 10 hours
7200 ; Retry 2 hours
604800 ; Expire
86400 ) ; Minimum TTL
IN NS ns-a.rnc.ro.
IN NS ns.rnc.ro.
1 IN PTR alpha.rmri.ro. ;name associated with 193.226.33.1
2 IN PTR cisco.rmri.ro. ;name associated with 193.226.33.2
Domain Management : Domain Management Starting named
Named signaling processing
Debugging DNS
Starting named : Starting named After constructing the required files, named is started using the command:
named [-d level] [-p port] [[-b] bootfile]
with the options:
-d debugging level
-p port (default is UDP/TCP port 53)
-b configuration file (the default is /etc/named.boot)
Normally the named is started at boot time from a startup script file
etc/rc.local to start up named at system boot
if [ -f /usr/sbin/named ]; then
/usr/sbin/named [options] & echo -n ' named' >/dev/console
fi
Named signaling processing : Named signaling processing SIGHUP
Causes named to re-read the named.boot file and reload the nameserver database
SIGINT
Causes named to dump its cache to /var/named_dump.db
SIGUSR1
Turn on debugging (output debugging data to /var/tmp/named.run)
SIGUSR2
Turn off debugging
Debugging DNS : Debugging DNS Tools:
ping
traceroute
telnet 53
nslookup
host
dig
inaddrtool-??????.tar.gz
Tool for checking validity of reverse delegation requests
Checking DNS using nslookup : Checking DNS using nslookup nslookup commands:
server ; set the server to be queried set type = NS ;queries NS resources set type = SOA ;queries SOA resources set type = A ;queries A resources set type = MX ;queries MX resources set type = CNAME ;queries CNAME resources set type = PTR ;queries PTR resources set type = ANY ;queries ANY resources ls ;lists the zone ls > ;gets the zone into the
file view ;views the file
Checking DNS using host : Checking DNS using host host !you will get the help information host ! you will get IP address for host sun1.workshop.carnet.hr
host ftp.univie.ac.at
host ! you will get name for
host 161.53.74.11
host -t ! query for a specific type of records (NS, SOA, MX, A, CNAME, PTR)
host -t ns www.stuba.sk host -t soa workshop.carnet.hr
host -a !query for all record of a domain, verbose mode host -a carnet.hr host -a hr. Host -a workshop.carnet.hr host -l a !list all the zone for a domain host -l -a workshop.carnet.hr
BIND 8 Highlights : BIND 8 Highlights DNS Dynamic Updates (RFC 2136)
DNS Change Notification (RFC 1996)
Completely new configuration syntax
Flexible, categorized logging system
IP-address-based access control for queries, zone transfers, and updates that may be specified on a zone-by-zone basis
More efficient zone transfers
Improved performance for servers with thousands of zones
The server no longer forks for outbound zone transfers
Many bug fixes
Statements : Statements
A BIND 8 configuration consists of statements and comments.
Statements end with a semicolon.
Statements supported:
acl
defines a named IP address matching list, for access control and other uses
include
includes a file
key
specifies key information for use in authentication and authorization
logging
specifies what the server logs, and where the log messages are sent
options
controls global server configuration options and sets defaults for other statements
server
zone
Example Config File : Example Config File /* A simple BIND 8 configuration */
options {
directory "/var/named";
};
logging {
category lame-servers { null; };
category cname { null; };
};
zone ”rnc.ro" in {
type master;
file "master/isc.org";
};
Example Config File (cont.) : Example Config File (cont.) zone ”ici.ro" in {
type slave;
file "slave/vix.com";
masters { 192.162.16.31; };
};
zone "." in {
type hint;
file "named.cache";
};
zone "0.0.127.in-addr.arpa" in {
type master;
file "master/127.0.0";
};
REFERENCES : REFERENCES Christian Huitema, Routing in the Internet, Prentice Hall, ISBN 013-132192-7, 1996
Kevin Dowd, “Getting Connected, Internet at 56K and Up”, O’Reilly & Associates, Inc., Bonn, 1996
Booktexts of Network Technology Workshop, National Network Management Track, Honolulu, June 1995
Craig Hunt, “TCP/IP Network Administration, O’Reilly & Associates, Inc., Sebastopol, 1993
Internetworking Technology Overview, Cisco Systems, Inc., 1993
Booktexts of the 4th Network Seminar and Intensive Course for Scientists and Network Managers from Central Europe, Feb. 1993, Vienna University Computer Center
E. Comer, “Internetworking with TCP/IP”, Vol I, Principles, Protocols and Architecture, Prentice Hall, Englewood Cliffs, New Jersey, 1991.
William Stallings, Data and Computer Communications, Macmillan Publishing Company, New York, 1985.