DNS Concepts

Written by Chetan on November 16, 2008 – 4:07 pm -

What this is and isn’t …

DNS is the Domain Name System. DNS converts machine names to the IP addresses that all machines on the net have. It translates (or “maps” as the jargon would have it) from name to address and from address to name, and some other things.

A mapping is simply an association between two things, in this case a machine name, like ftp.linux.org, and the machine’s IP number (or address) 199.249.150.4. DNS also contains mappings the other way, from the IP number to the machine name; this is called a “reverse mapping”. Fortunately DNS isn’t really that hard, this blog will try to make a few things clearer. It describes how to set up a simple DNS name server, starting with a caching only server and going on to setting up a primary DNS server for a domain.

Before you start on this you should configure your machine so that you can telnet in and out of it, and successfully make all kinds of connections to the net, and you should especially be able to do telnet 127.0.0.1 and get your own machine (test it now!). You also need good /etc/nsswitch.conf, /etc/resolv.conf and /etc/hosts files as a starting point, let me give a small idea about these files :)

1) The /etc/nsswitch.conf file is used to configure which services are to be used to determine information such as hostnames, password files, and group files.

2) resolv.conf : Name resolution means translating a string such as ‘gateway.enterprise.net’ into an IP address such as 194.72.194.1. When your machine is connected to the Internet, you need to be able to do this for addresses all over the world.

You do this through the Internet’s Domain Name Service, which is a decentralized system for address translation. You will not usually run a nameserver yourself, unless you are managing extensive sub-networks. The nameserver is run by your ISP.

You have to tell your software where to find the name servers. This is done in /etc/resolv.conf, which looks like this:

domain trulymanaged.com
nameserver 208.164.186.1
nameserver 208.164.186.2

The domain is your own domain name, corresponding to the suffixes in /etc/hosts. The nameservers are the primary and secondary nameservers of my ISP, Enterprise plc. The IP addresses are specified, rather than the names, because you would need a nameserver to translate the names to IP addresses. If you try to use an address which is not in your local domain, the name resolver will ask the primary nameserver for its IP address. If that fails, it will try the secondary nameserver before giving up.

3) /etc/hosts: As your machine gets started, it will need to know the mapping of some hostnames to IP addresses before DNS can be referenced. This mapping is kept in the /etc/hosts file.

When I say `your machine’ I mean the machine you are trying to set up DNS on, not any other machine you might have that’s involved in your networking effort. Name serving on Unix is done by a program called named. This is a part of the “BIND” package which is coordinated by The Internet Software Consortium. Named is included in most Linux distributions and is usually installed as /usr/sbin/named, usually from a package called BIND.

If you have a named you can probably use it otherwise please install bind 8 or 9 module. You can check installed bind version, if the named man page talks about (at the very end, in the FILES section) named.conf you have BIND 8; if it talks about named.boot you have BIND 4. If you have 4 and are security conscious you really ought to upgrade to the latest version of BIND 8 Nnw. DNS is a net?wide database. Take care about what you put into it. If you put junk into it, you, and others, will get junk out of it. Keep your DNS tidy and consistent and you will get good service from it. Learn to use it, admin it, debug it and you will be another good admin keeping the net from falling to its knees by mismanagement.


Posted in Dedicated Server Hosting | 2 Comments »

2 Comments to “DNS Concepts”

  1. domain name system working | Digg hot tags Says:

    [...] Vote DNS Concepts [...]

  2. server dns Says:

    [...] you need to enumerate 2. Techniques 2.1 DNS enumeration techniques 2.2 Banner grabbing 2.3 SSL/TLSDNS Concepts |What this is and isn’t … DNS is the Domain Name System. DNS converts machine names to the IP [...]

Leave a Comment

RSS

  • Subscribe Me

  • Tag Cloud

  • Archives