20.5. Objective 5: Set Up and Configure Basic DNS ServicesThe DNS is the distributed database of name-to-IP-address translations. Technically, it isn't necessary to use host and domain names such as www.lpi.org, because it's the actual IP address that the computer requires to establish communications. DNS was created to allow the use of more convenient global domain names instead. For example, when a user enters a DNS name as part of a URL in a browser, the name portion is sent to a DNS server to be resolved into an IP address. Once the address is found, it is used to rewrite the URL and directly fetch the web page.
The server daemon that implements DNS is named, the name daemon, which is part of the Berkeley Internet Name Daemon package (BIND). It is named's job to respond to requests from the resolver and return an IP address. 20.5.1. The ResolverThe code that resolves names to IP addresses using DNS for client programs is implemented in system libraries collectively called the resolver. The resolver uses one of several means to determine an IP address from a hostname or domain name:
When the resolver determines that a DNS query is required, it sends a request containing a domain name to one of the DNS servers listed in /etc/resolv.conf. The DNS server uses its own records to find the domain or may resort to escalating to other DNS servers if the information isn't readily available. When a result is found by the DNS servers, the IP address corresponding to the requested name is returned to the originating client. 20.5.1.1. Domain registrationDomain names are assigned through a registration process with one of the domain name registrars available on the Internet (http://www.internic.net/regist.html). Originally, a single authority managed domain names. As commercial uses for domain names spread, additional entities sought the ability to charge for the service of domain registration, and today there are a number of qualified registrars (a search for domain registrar on one of the popular search engines will yield a daunting list). Once a domain name is registered, it is listed in a worldwide database along with contact information for the owners or their agents. The name servers that contain DNS information for the domain can go along with this record. Most registrants offer a domain name search service, so you can test desired domain names for availability. If the domain name you're seeking is available, you can provide payment information to a registrant and purchase rights to use the name, usually for one or two years. 20.5.1.2. Using named as a local caching-only name servernamed is often configured to serve DNS requests even when it does not have local information for a domain. Instead, it is used for its caching ability. When a client program requests an address resolution from the local named, the daemon first checks its local cache. If it doesn't find the domain there, it goes to other DNS servers as usual. If the cache does contain the domain, it is returned immediately to the client from the cache, which speeds the resolution process. Some Linux distributions come with a caching-only named configuration pre-installed. If this isn't the case for you, simply follow the brief instructions in Section 3 of the DNS HOWTO available from http://www.tldp.org. Part of the configuration includes setting your local system as the default DNS server in /etc/resolv.conf: nameserver 127.0.0.1 You can test the configuration using the nslookup utility: # nslookup Default Server: localhost Address: 127.0.0.1 > lpi.org Server: localhost Address: 127.0.0.1 Name: lpi.org Address: 209.167.177.93 > lpi.org Server: localhost Address: 127.0.0.1 Non-authoritative answer: Name: lpi.org Address: 209.167.177.93 > exit In this example, nslookup attaches to the default server localhost (127.0.0.1). In the first query for lpi.org, the local named must find the address from external DNS servers. However, the result is found in the cache on the second try, as indicated by the Non-authoritative answer response. If this behavior isn't seen, there may be a problem with the named configuration in /etc/named.conf. Some debugging information can be found in /var/log/messages. For example, the bold line in this short excerpt shows an error in the configuration file: smp named[216]: starting. named smp named[216]: cache zone "" (IN) loaded (serial 0) smp named[216]: Zone "0.0.127.in-addr.arpa" (file named.local): No default TTL set using SOA minimum instead smp named[216]: master zone "0.0.127.in-addr.arpa" (IN) loaded (serial 1997022700) smp named[216]: /etc/named.conf:18: can't redefine channel 'default_syslog' smp named[216]: listening on [127.0.0.1].53 (lo) smp named[216]: listening on [192.168.1.30].53 (eth0) smp named[216]: Forwarding source address is [0.0.0.0].1855 smp named[216]: Ready to answer queries. Note that configuration of a caching-only name server is beyond the scope of the LPIC Level 1 Exams but is a useful exercise in understanding the configuration of named. 20.5.1.3. DNS query utilitiesA few tools exist to verify the operation of DNS name resolution. Here's a brief synopsis of nslookup and host, both specifically mentioned in this Objective. The host utility does not offer interactive mode but uses a syntax similar to nslookup.
20.5.1.4. BIND Version 4 versus Version 8 configuration filesIt's likely that a Linux administrator will maintain or install systems running BIND v4.x as well as the newer v8.x. This LPI Objective requires an understanding of the differences between the configuration files for these two BIND versions. Under BIND v4, the configuration file was called /etc/named.boot. Example 20-6 shows a trivial BIND v4 configuration file. Example 20-6. BIND v4 named.boot file
In BIND v8, the configuration file was renamed /etc/named.conf. Example 20-7 shows the equivalent configuration in the BIND v8 format. Example 20-7. BIND v8 named.conf file
As you can see, the information contained in the files is largely the same, but the v8 format contains a more formal structure. For those upgrading to Version 8, the Perl script named-bootconf.pl is included in the v8 package to upgrade named.boot to named.conf.
|