Difference between revisions of "BIND&DNS Notes"

From CDOT Wiki
Jump to: navigation, search
(Caching ONLY name server)
(What are the components in the DNS?)
 
(6 intermediate revisions by one other user not shown)
Line 11: Line 11:
 
* Domains and Domain Names
 
* Domains and Domain Names
 
* Zones
 
* Zones
 +
* [http://www.zytrax.com/books/dns/ch2/index.html#recursive Recursive and iterative queries] (with diagram)
 +
 
= DNS Servers =
 
= DNS Servers =
 
== Authoritative Name Servers ==
 
== Authoritative Name Servers ==
Line 20: Line 22:
 
A name server which performs recursive lookups for local clients. Recursive name servers normally cache the results of the lookups they perform to improve performance.
 
A name server which performs recursive lookups for local clients. Recursive name servers normally cache the results of the lookups they perform to improve performance.
 
* Forwarder
 
* Forwarder
Some a caching name server may not perform the recursive lookup all by itself. It can forward some or all of the queries to another caching name server, commonly referred to as a forwarder.
+
Sometimes a caching name server may not perform the recursive lookup all by itself. It can forward some or all of the queries to another caching name server, commonly referred to as a forwarder.
  
 
= BIND Configuration File =
 
= BIND Configuration File =
 
== Caching ONLY name server ==
 
== Caching ONLY name server ==
 +
Minimal Configuration
 
<pre>
 
<pre>
 
acl intnet { 192.168.99.0/24; 172.16.0.0/16; };
 
acl intnet { 192.168.99.0/24; 172.16.0.0/16; };
Line 36: Line 39:
 
};
 
};
 
</pre>
 
</pre>
 +
 
== Authoritative Primary Name Server ==
 
== Authoritative Primary Name Server ==
 +
Minimal Configuration
 +
<pre>
 +
options {
 +
        directory "/var/named";
 +
        allow-query { any; };
 +
        recursion no;
 +
};
 +
 +
zone "ops335.com" {
 +
        type master;
 +
        file "ops335.com.db";
 +
        notify yes;
  
 +
        allow-transfer {
 +
            192.168.99.54;
 +
        };
 +
};
 +
</pre>
 
== Authoritative Secondary Name Server ==
 
== Authoritative Secondary Name Server ==
 +
Minimal Configuration
 +
<pre>
 +
options {
 +
        directory "/var/named";
 +
        allow-query { any; };
 +
        recursion no;
 +
};
  
 +
zone "ops335.com" {
 +
        type slave;
 +
        file "ops335.com.bk";
 +
        masters { 192.168.99.53; };
 +
};
 +
</pre>
 
== Mix-mode Name Server ==
 
== Mix-mode Name Server ==
 +
Minimal Configuration
 +
<pre>
 +
acl intnet { 192.168.99.0/24; 172.16.0.0/16; };
 +
options {
 +
        directory "/var/named";
 +
        allow-query { intnet; };
 +
};
 +
 +
zone "." {
 +
        type hint;
 +
        file "named.cache";
 +
};
 +
zone "ops335.com" {
 +
        type slave;
 +
        file "ops335.com.bk";
 +
        masters { 192.168.99.53; };
 +
 +
</pre>
  
 
= Root Zone and Root Name Server =
 
= Root Zone and Root Name Server =

Latest revision as of 09:56, 8 October 2015

What is DNS (Domain Name System)?

  • a hierarchical, distributed database
  • for mapping Internet host names to IP addresses and vice versa
  • provides mail routing information

What are the components in the DNS?

  • DNS Clients
  • resolver library
  • DNS server

DNS clients (e.g. Web browser is one of those) look up information in the DNS by calling a resolver library, which sends queries to one or more name servers and interprets the response.

DNS Servers

Authoritative Name Servers

A name server which contains the complete data for a zone.

  • The primary master DNS server: maintains the master copy of the zone data
  • Slave DNS servers: (aka secondary servers) load the zone contents from another server using a replication process known as zone transfer.

Non-authoritative Name Servers

  • Caching Name Server, or recursive name server

A name server which performs recursive lookups for local clients. Recursive name servers normally cache the results of the lookups they perform to improve performance.

  • Forwarder

Sometimes a caching name server may not perform the recursive lookup all by itself. It can forward some or all of the queries to another caching name server, commonly referred to as a forwarder.

BIND Configuration File

Caching ONLY name server

Minimal Configuration

acl intnet { 192.168.99.0/24; 172.16.0.0/16; };
options {
        directory "/var/named";
        allow-query { intnet; };
};

zone "." {
         type hint;
         file "named.cache";
};

Authoritative Primary Name Server

Minimal Configuration

options {
        directory "/var/named";
        allow-query { any; };
        recursion no;
};

zone "ops335.com" {
         type master;
         file "ops335.com.db";
         notify yes;

         allow-transfer {
             192.168.99.54;
         };
};

Authoritative Secondary Name Server

Minimal Configuration

options {
        directory "/var/named";
        allow-query { any; };
        recursion no;
};

zone "ops335.com" {
         type slave;
         file "ops335.com.bk";
         masters { 192.168.99.53; };
};

Mix-mode Name Server

Minimal Configuration

acl intnet { 192.168.99.0/24; 172.16.0.0/16; };
options {
        directory "/var/named";
        allow-query { intnet; };
};

zone "." {
         type hint;
         file "named.cache";
};
zone "ops335.com" {
         type slave;
         file "ops335.com.bk";
         masters { 192.168.99.53; };

Root Zone and Root Name Server

Root Name Servers

  • named.cache or
  • named.root

Root Zone

  • root.zone and
  • root.zone.gz (gzip of root.zone)