Open main menu

CDOT Wiki β

Changes

OPS335 DNS Lab

287 bytes removed, 12:11, 3 September 2015
m
Updates for fall 2015
In this lab you will configure a Linux machine to be a DNS server for the rest of the machines in your intranet. You'll use your learn ID as your domain with IP addresses in the range 192.168.X.1 - 192.168.X.254. The server will handle all queries for names in the <learnid>.org domain and all reverse lookups for addresses in the given range of local IP numbers. The server will pass DNS queries for other names and addresses out to the Internet (i.e. to Seneca's DNS server).
===Instructions===
Prior to beginning this lab ensure that the iptables firewall rules you created for your virtual machines in lab 2 are loading when they boot. If they are not, repair them now. You will be building on those rules for the rest of the course. Remove the rules that are preventing your host from using ssh and ping to contact your VMs.
You're going to populate your server with the following records:
directory "/var/named/";
allow-query {127.0.0.1; 192.168.X.0/24;};
forwarders { 142.204.133.2; 142.204.43.4354;};
};
zone "localhost" {
type master;
file "named.localhost.zone";
notify NO;
};
* Set the filesystem permissions for the above file to 644
* Create the file /var/named/localhost.zone and enter the following (note: if you copy-paste this code, there should be NO leading spaces before the "@" or the "$"):
$TTL 3D
@ IN SOA vm1.<learnid>.org. webmaster.<learnid>.org. (
1 ; Serial
8H ; Refresh
2H ; Retry
1W ; Expire
1D ; Negative Cache TTL
);
@ IN NS localhost.
IN A 127.0.0.1
*Now edit /var/named/mydb-for-<learnid>-org and enter the following: But use your own X value where applicable. (note: if you copy-paste this code, there should be NO leading spaces before the "@" or the "$"):
$TTL 3D
*or
systemctl status named.service
 
*Set the service to start automatically when this virtual machine boots.
*When starting or restarting your name server view the log file (/var/log/messages) to ensure it started without error.
*You'll notice that only the queries for vm1 worked. That's because you only have the resource records for vm1. Go back to the zone files and add the appropriate records for your other machines.
**Once you have done so, restart the service and try querying for those records again.
*Add rules to Modify your iptables firewall to allow the other machines in your network to query your new DNS server.
===DNS client configuration===
*If you have made any changes to the /etc/hosts file, undo them. Your machines must be relying on your DNS server.
*Ensure that your machines can ping and SSH to each other by IP address and by name (hostname only, and hostname with domain).
*Add PEERDNS=no to Modify the ifcfg file on your host. This tells so that it to will still get a DHCP address, but ignore the DNS information given to it by the DHCP server, so it will use in favour of the domain and DNS information you provide it.
==Completing the Lab==
Upon completion of this lab you should have a DNS server in your network. Ensure that the service starts automatically when the VM boots and that your other machines are able to use every machine is using it to resolve internal and external hostnames and ip addresses.  You have now gained experience with some common configuration settings for named, as well as common resource records. Note: Due to the changes made in this lab, you will now need your VM 1 running in order for you host to be able to contact any other machines.
Exploration questions:
932
edits