What is DNS?
It is a well known fact that Human brains are more capable of remebering names compared to numbers. Simply put, a DNS or Domain Name System is an internet service that works as a translator. A translator that resolves Humen Readable names called Domains into IP address. As we all know every computer or device connected to internet is identified by a series of numbers known as IP (Internet Protocol) address. Thus, as we type in (eg.) www.google.com/www.yahoo.com in the address bar of our browsers, it is the DNS (or the Domain Naming Service) which resolves the Domain Name into their corresponding IP addresses to connect to the appropriate servers of google/yahoo. BIND ( (Berkeley Internet Name Daemon) is by far the most widely used DNS software on the Internet.
The Root (.), story begins here
What happens when you type in www.google.com in your browser?
Do you really know the URL transforms itself to www.google.com. Notice the Dot (.) following the domain name. The mysterious dot or the Root !!
The sequence of events that take place thereafter;
1. Browser asks OS if it has the IP address of www.google.com.
2. OS looks its host (in Linux, it is determined by the entries in "/etc/host.conf", assuming the order is host
bind) and Cache to find if it has the IP of www.example.com.
3. Then, it goes to the Resolving name server as specified in the system (in the file /etc/resolv.conf)
4. Resolving name server (local to your system) has the information about the root (the dot .) name server. Asks the Root name sever about www.google.com
5. Root Name Server (the dot .) would reply with information about the details as where to find COM (TLD or Top Level Domain) name server.
Resolver caches all these info and goes to TLD i.e. COM name server in this case to ask the same
question about www.google.com
6. TLD or Top Level Domain name server would serve with details about where to find the Authoritative
Name server or ANS for www.google.com)
(TLDs are updated with the details about which Authoritative Name server needs to used at the time of Domain registration by the domain name registrar like godady etc.)
Resolver caches all these info and goes on to ask the Authoritative Name server or ANS, to ask the
same question about www.google.com
7. Authoritative Name server or ANS (google.com) contains the Address record or "A" record (IP)
of the domanin www.google.com Thus, it returns the IP address of the www.google.com to the
Resolving Name server query.
Therefore, Authoritative Name server or ANS in this case "google.com" would return the resolving
name server an IP address like xxx.xx.xx.xxx
8. Resolving name server takes all these information and gives the information to the OS. The OS in turn
gives the information to the browser.
The browser then makes the connection to the IP address xxx.xx.xx.xxx !!
Google page is served ! ;)
Configuring BIND
Following are the steps to Configure BIND on CentOS-6 systems (it should work on other Linux based system as well )
Test Environment:
(I) IPs:
Bind server IP: 172.16.20.174
Client IP: 172.16.20.175
(II) SeLinux and IPTables were turned off on both the systems.
Note: Name, IP Address are all used for test purpose only
A. On Bind server:
1. Install the following bind packages:
# yum install bind bind-libs bind-utils
# rpm -qa | grep ^bind
bind-utils-9.8.2-0.10.rc1.el6_3.2.i686
bind-9.8.2-0.10.rc1.el6_3.2.i686
bind-libs-9.8.2-0.10.rc1.el6_3.2.i686
2. Start the "named" service to check if it is working;
# service named start
3. Create the forward and reverse zone files under /var/named/ directory for the domain which
needs to be set up:
# cd /var/named
A. Forward zone file (for test purpose eg; linuxdomain-tux.com)
# vim linuxdomain-tux.com.fwd
$ORIGIN linuxdomain-tux.com.
$TTL 3D
@ SOA linuxdomain-tux.com. admin.linuxdomain-tux.com. (12 4h 1h 1w 1h)
@ IN NS linuxdomain-tux.com.
linuxdomain-tux.com. IN A 172.16.20.174
www IN A 172.16.20.174 ; you may exclude this. Tested to see if domain name is resolved if preceded by "www"
B. Reverse zone file (for test purpose eg; linuxdomain-tux.com)
# vim linuxdomain-tux.com.rev
$ORIGIN 20.16.172.in-addr.arpa.
$TTL 3D
@ SOA linuxdomain-tux.com. admin.linuxdomain-tux.com. (12 4h 1h 1w 1h)
@ IN NS linuxdomain-tux.com.
174 IN PTR linuxdomain-tux.com. ; used only the last octet of the IP
4. Change the group of zone files to "named" :
# chgrp named linuxdomain-tux.com.*
5. Now, make changes/append the content in /etc/named.conf (defaults were commented. Keep rest of file intact);
// listen-on port 53 { 127.0.0.1; }; //You may use specific ip addresses as well
listen-on port 53 { any; };
// allow-query { localhost; }; //You may use specific ip addresses as well
allow-query { any; };
zone "linuxdomain-tux.com" {
type master;
file "linuxdomain-tux.com.fwd";
};
zone "20.16.172.in-addr.arpa" {
type master;
file "linuxdomain-tux.com.rev";
};
6. Restart the "named" service:
# service named restart
7. Now, need to tell the resolver to resolve this domain "linuxdomain-tux.com". Edit
/etc/resolve.conf and make the entry for this IP:
# vim /etc/resolv.conf
nameserver 172.16.20.174
B. Test (On Bind server; you may use any tool):
1. # host linuxdomain-tux.com
linuxdomain-tux.com has address 172.16.20.174
2. # nslookup linuxdomain-tux.com
Server: 172.16.20.174
Address: 172.16.20.174#53
Name: linuxdomain-tux.com
Address: 172.16.20.174
3. # nslookup 172.16.20.174
Server: 172.16.20.174
Address: 172.16.20.174#53
174.20.16.172.in-addr.arpa name = linuxdomain-tux.com.
4. # nslookup www.linuxdomain-tux.com (This is since "www" entry was made in the zone file)
Server: 172.16.20.174
Address: 172.16.20.174#53
Name: www.linuxdomain-tux.com
Address: 172.16.20.174
5. # dig linuxdomain-tux.com
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.2 <<>> linuxdomain-tux.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11793
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;linuxdomain-tux.com. IN A
;; ANSWER SECTION:
linuxdomain-tux.com. 259200 IN A 172.16.20.174
;; AUTHORITY SECTION:
linuxdomain-tux.com. 259200 IN NS linuxdomain-tux.com.
;; Query time: 0 msec
;; SERVER: 172.16.20.174#53(172.16.20.174)
;; WHEN: Wed Aug 22 16:57:17 2012
;; MSG SIZE rcvd: 70
C. On Client:
1. Edit /etc/resolv.conf to have one entry that points to "linuxdomain-tux.com"
vim /etc/resolv.conf
nameserver 172.16.20.174
D. Test (On client; you may use any tool):
1. # host linuxdomain-tux.com
linuxdomain-tux.com has address 172.16.20.174
2. # nslookup linuxdomain-tux.com
Server: 172.16.20.174
Address: 172.16.20.174#53
Name: linuxdomain-tux.com
Address: 172.16.20.174
3. # nslookup 172.16.20.174
Server: 172.16.20.174
Address: 172.16.20.174#53
174.20.16.172.in-addr.arpa name = linuxdomain-tux.com.
4. # nslookup www.linuxdomain-tux.com
Server: 172.16.20.174
Address: 172.16.20.174#53
Name: www.linuxdomain-tux.com
Address: 172.16.20.174
It is a well known fact that Human brains are more capable of remebering names compared to numbers. Simply put, a DNS or Domain Name System is an internet service that works as a translator. A translator that resolves Humen Readable names called Domains into IP address. As we all know every computer or device connected to internet is identified by a series of numbers known as IP (Internet Protocol) address. Thus, as we type in (eg.) www.google.com/www.yahoo.com in the address bar of our browsers, it is the DNS (or the Domain Naming Service) which resolves the Domain Name into their corresponding IP addresses to connect to the appropriate servers of google/yahoo. BIND ( (Berkeley Internet Name Daemon) is by far the most widely used DNS software on the Internet.
The Root (.), story begins here
What happens when you type in www.google.com in your browser?
Do you really know the URL transforms itself to www.google.com. Notice the Dot (.) following the domain name. The mysterious dot or the Root !!
The sequence of events that take place thereafter;
1. Browser asks OS if it has the IP address of www.google.com.
2. OS looks its host (in Linux, it is determined by the entries in "/etc/host.conf", assuming the order is host
bind) and Cache to find if it has the IP of www.example.com.
3. Then, it goes to the Resolving name server as specified in the system (in the file /etc/resolv.conf)
4. Resolving name server (local to your system) has the information about the root (the dot .) name server. Asks the Root name sever about www.google.com
5. Root Name Server (the dot .) would reply with information about the details as where to find COM (TLD or Top Level Domain) name server.
Resolver caches all these info and goes to TLD i.e. COM name server in this case to ask the same
question about www.google.com
6. TLD or Top Level Domain name server would serve with details about where to find the Authoritative
Name server or ANS for www.google.com)
(TLDs are updated with the details about which Authoritative Name server needs to used at the time of Domain registration by the domain name registrar like godady etc.)
Resolver caches all these info and goes on to ask the Authoritative Name server or ANS, to ask the
same question about www.google.com
7. Authoritative Name server or ANS (google.com) contains the Address record or "A" record (IP)
of the domanin www.google.com Thus, it returns the IP address of the www.google.com to the
Resolving Name server query.
Therefore, Authoritative Name server or ANS in this case "google.com" would return the resolving
name server an IP address like xxx.xx.xx.xxx
8. Resolving name server takes all these information and gives the information to the OS. The OS in turn
gives the information to the browser.
The browser then makes the connection to the IP address xxx.xx.xx.xxx !!
Google page is served ! ;)
 |
| How DNS works |
Following are the steps to Configure BIND on CentOS-6 systems (it should work on other Linux based system as well )
Test Environment:
(I) IPs:
Bind server IP: 172.16.20.174
Client IP: 172.16.20.175
(II) SeLinux and IPTables were turned off on both the systems.
Note: Name, IP Address are all used for test purpose only
A. On Bind server:
1. Install the following bind packages:
# yum install bind bind-libs bind-utils
# rpm -qa | grep ^bind
bind-utils-9.8.2-0.10.rc1.el6_3.2.i686
bind-9.8.2-0.10.rc1.el6_3.2.i686
bind-libs-9.8.2-0.10.rc1.el6_3.2.i686
2. Start the "named" service to check if it is working;
# service named start
3. Create the forward and reverse zone files under /var/named/ directory for the domain which
needs to be set up:
# cd /var/named
A. Forward zone file (for test purpose eg; linuxdomain-tux.com)
# vim linuxdomain-tux.com.fwd
$ORIGIN linuxdomain-tux.com.
$TTL 3D
@ SOA linuxdomain-tux.com. admin.linuxdomain-tux.com. (12 4h 1h 1w 1h)
@ IN NS linuxdomain-tux.com.
linuxdomain-tux.com. IN A 172.16.20.174
www IN A 172.16.20.174 ; you may exclude this. Tested to see if domain name is resolved if preceded by "www"
B. Reverse zone file (for test purpose eg; linuxdomain-tux.com)
# vim linuxdomain-tux.com.rev
$ORIGIN 20.16.172.in-addr.arpa.
$TTL 3D
@ SOA linuxdomain-tux.com. admin.linuxdomain-tux.com. (12 4h 1h 1w 1h)
@ IN NS linuxdomain-tux.com.
174 IN PTR linuxdomain-tux.com. ; used only the last octet of the IP
4. Change the group of zone files to "named" :
# chgrp named linuxdomain-tux.com.*
5. Now, make changes/append the content in /etc/named.conf (defaults were commented. Keep rest of file intact);
// listen-on port 53 { 127.0.0.1; }; //You may use specific ip addresses as well
listen-on port 53 { any; };
// allow-query { localhost; }; //You may use specific ip addresses as well
allow-query { any; };
zone "linuxdomain-tux.com" {
type master;
file "linuxdomain-tux.com.fwd";
};
zone "20.16.172.in-addr.arpa" {
type master;
file "linuxdomain-tux.com.rev";
};
6. Restart the "named" service:
# service named restart
7. Now, need to tell the resolver to resolve this domain "linuxdomain-tux.com". Edit
/etc/resolve.conf and make the entry for this IP:
# vim /etc/resolv.conf
nameserver 172.16.20.174
B. Test (On Bind server; you may use any tool):
1. # host linuxdomain-tux.com
linuxdomain-tux.com has address 172.16.20.174
2. # nslookup linuxdomain-tux.com
Server: 172.16.20.174
Address: 172.16.20.174#53
Name: linuxdomain-tux.com
Address: 172.16.20.174
3. # nslookup 172.16.20.174
Server: 172.16.20.174
Address: 172.16.20.174#53
174.20.16.172.in-addr.arpa name = linuxdomain-tux.com.
4. # nslookup www.linuxdomain-tux.com (This is since "www" entry was made in the zone file)
Server: 172.16.20.174
Address: 172.16.20.174#53
Name: www.linuxdomain-tux.com
Address: 172.16.20.174
5. # dig linuxdomain-tux.com
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.2 <<>> linuxdomain-tux.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11793
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;linuxdomain-tux.com. IN A
;; ANSWER SECTION:
linuxdomain-tux.com. 259200 IN A 172.16.20.174
;; AUTHORITY SECTION:
linuxdomain-tux.com. 259200 IN NS linuxdomain-tux.com.
;; Query time: 0 msec
;; SERVER: 172.16.20.174#53(172.16.20.174)
;; WHEN: Wed Aug 22 16:57:17 2012
;; MSG SIZE rcvd: 70
C. On Client:
1. Edit /etc/resolv.conf to have one entry that points to "linuxdomain-tux.com"
vim /etc/resolv.conf
nameserver 172.16.20.174
D. Test (On client; you may use any tool):
1. # host linuxdomain-tux.com
linuxdomain-tux.com has address 172.16.20.174
2. # nslookup linuxdomain-tux.com
Server: 172.16.20.174
Address: 172.16.20.174#53
Name: linuxdomain-tux.com
Address: 172.16.20.174
3. # nslookup 172.16.20.174
Server: 172.16.20.174
Address: 172.16.20.174#53
174.20.16.172.in-addr.arpa name = linuxdomain-tux.com.
4. # nslookup www.linuxdomain-tux.com
Server: 172.16.20.174
Address: 172.16.20.174#53
Name: www.linuxdomain-tux.com
Address: 172.16.20.174
