Zoneso域名

DomainNameServicePage1Oct1999Prof.
WeiserMSTM,OSUTCOM5350DomainNameServiceProf.
Weiserv.
0.
5Introduction:Thislabimplementstheresultsofyourhomeworkassignment.
Becausedifferentsectionofthelabwillhavedifferentconfigurationstoachieve,youwillnotbeledthroughtheexercisestep-by-step,butinstead,willbegivensomehintsanddirectionandbeallowedtousethebuilt-inmenusystemtoaccomplishthegoals.
Objectives:1)Toimplementinhardwarealogicaldesign2)Togetsomehands-onrouterexperience,muckingaroundinsideNetBuilderII's3)ApplyconceptsfromTCOM5123.
Prelab:1)Readthishandout.
2)ReadWeiser,IPSubnetPrimerLecture:Theinstructorwillpresenta20-60minutelecturecoveringselectedaspectsofthislab,andthegoalsthatyoushouldbestrivingtomeetduringtheactualexperiments.
RulesofEngagement:YouwillneedtowaitfordirectionfromtheProfessororTA,indicatingwhichportionofthisexerciseyouaretocomplete.
Everygroupwillhaveapieceofthepuzzletofitin,andwewillendeavortokeepthenetworkfunctioningatalltimesduringthetransition.
Todothis,wewillnotonlyneedtoimplementthedesign,butconsidertheappropriateorderforthechanges.
FirstThingsFirst:Let'stakealookatthefilesthatmakeDNSwork:ThereareseveralbasictextfilesthatprovideinformationtotheDNSdaemon.
Bydefault,Linux,startsasimplecachingDNSdaemonwithsomeverybasicinformation.
Forthemostpartaserver'sDNSknowsaboutitselfandhowtofindtherootnameservers.
Ineffect,whenyoupointaclientattheunmodifiedDNS,ifthetargethostnameisnottheserveritself,theDNSthenqueriesdirectlytotherootnameservers,downthetree,andfinallyreturnstheinformationthatwasdeterminedfromtheauthoritativeserver.
ThegoodthingisthattheinformationisthencachedintheDNS.
Bydoingthis,asitethatisfrequentedbytheusersofalocalDNSwillnotneedtobelookedupveryfrequently.
DomainNameServicePage2Oct1999Prof.
WeiserMSTM,OSUTakealookatthefollowingfiles'contents,andnotewhatyoubelieveeachdoes:/etc/named.
conf/etc/hosts/var/named/named.
ca/var/named/named.
localEstablishingaNewZoneDomainsaredelegatedbyNICasaresultofarequest.
Inordertoqualifyformanagementofadomain,atleasttwoauthoritativenameserversmustberegistered.
Thelocationsofthesenameserversarerecordedineachoftherootnameservers.
Thelocationsoftherootnameserversispublicinformationandisrecordedinallnon-rootDNSservers.
Forinstance,OSUmaintainsnameserversat139.
78.
100.
1and139.
78.
200.
1.
Eachoftherootnameserverspointsanyqueriesendinginokstate.
edutotheseOSUnameservers.
Asauthoritativeservers,theymusthaveinformationaboutallvalidhostsdirectly,orbeabletoindicateanothernameserverthatdoeshavetheinformation.
Althoughmostorganizationsmanagingadomainwillonlyneedonezone,larger,distributedorganizationsmayprefertodelegatecontroloftheportionsofthedomaintoothernameservers.
Eachofthese"areas"ofthetotalhostnamespacewithinthedomainiscalledazone.
Individualzonesmaybemanagedbydifferentserversandagivenservermaybemasterforsomezonesandslavesforothers.
BecausetheDNSthatyouestablishwillnotberegisteredwitheitheroftheUniversity'sauthoritativeservers,wewillcreateafictitiousdomainthatwillonlyshowupifahostusesyourDNSforalookup.
WewillpretendthatyouhavebeenassignedthedomainbenchX.
cxm,whereXistheletterofroomtowhichyou'reassigned.
Forinstancetheserverin104Dwillservicethedomainbenchd.
cxm.
DomainNameServicePage3Oct1999Prof.
WeiserMSTM,OSUFirst,youwillneedtopointyourDNSdaemontothespecificfilewheretheindividualhostnamesreside.
Edit/etc/named.
confbyaddingthefollowingtexttotheendofthefile:zone"benchX.
cxm"{typemaster;file"named.
benchX.
cxm";};ThisadditionwilltellthedaemonthatifanyonequeryingthisserverislookingforaddressesendinginbenchX.
cxm,thisserverhasauthoritativeinformationandthedetailscanbefoundinthefilenamed.
benchX.
cxm.
mastermeansthatthisistheserverwhoseinformationwillalwaysbeconsideredtothemostcurrent.
Thereisonlyonemasterperzone,buttheremaybeseveralslaveswhichreadthedatafromthemaster.
CreatingtheZoneDataFile:Zonedatamaybestoredinanyaccessiblelocationonanyfilesystem.
Thelocationofthosefilescanbefoundatthetopofthe/etc/named.
conffileintheoptionssection.
Allzonefilesshouldbeplacedinthatdirectory.
Ifyouarehavingahardtimeseeingthetopofafilewhenyoulistoutthecontents,youcanpipemostcommandsthatsendinformationtothescreentothemoreprogrambyaddingtotheendofthecommand"|more"(noquotes).
moresimplytakestheinformationitreceivesanddisplaysitonscreen-fulls.
Togetthenextscreen,pressthespacebar.
Basedupontheoptionsinformationandthelinesthatyouaddedtothenamed.
conffile,you'llneedtocreateanewzonefile.
Onegoodwaytodothisistostartwithafilethatalreadyfunctionsandmodifyitforthenewzone.
cd/var/namedcp.
/named.
local.
/named.
benchX.
cxmNowyoucanloadupthisnewfileintothevieditor.
Noticethattheinformationisinafewdifferentsectionsasfollows:StartofAuthority(SOA)Namesthezone,nameserver,andcontactinformationoftheresponsibleparty,aswellasspecifiesdefaultinformationthatappliestotheentiresite.
NameServer(NS)SpecifiestheauthoritativenameserversforthedomainAddressRecord(A)TranslationsfromhostnamestoIPaddressesMailExchanger(MX)EnablesspecificationofthehoststhatareinchargeofreceivingmailfromtheoutsideDomainNameServicePage4Oct1999Prof.
WeiserMSTM,OSUCanonicalName(CNAME)Aliasesthatpointtoaddressrecordssothatasinglehostmaybeknownbydifferenthostnames.
DocumentationEntries(RPandTXT)ContactinformationandcommentsPointerRecord(PTR)Reverseresolutionrecord,sothatsomeonecanlookupahostnamefromanIPaddressTheveryfirstcharacterinthefileisan@sign.
Anywhereinthefilethissignappearsisthesameasincludingtheentiredomainnamethatappearsinthenamed.
conffile.
Replacelocalhost.
withbenchX.
cxm.
onthefirstlinetospecifythedomainforwhichthisfileisauthoritative.
Onthislineandotherswhereanaddressendsinaperiod,besureyourchangesalsoendinaperiod.
Thisspecifiestheaddressisabsolute,ratherthanrelativetothedomainrepresentedby@.
Replaceroot.
localhost.
withyoure-mailaddress.
Ratherthanusingthe@sign(whichisreservedforanotherpurpose),usea".
"Arbitrarilyassignthenameshost1,host2,host3,andhost4tothesystemsinyourroom.
OnthelinewithNS,replacelocalhost.
withthenameyouselectedforthehostonwhichthenameserverresides.
Addan"A"recordforeachofyourhostsinthefollowingformat:hostnameINAIP.
add.
res.
sWewillalsomakeawebaliasthatpointstotheserver:wwwINCNAMEhostnamewherehostnameisthehostnamethatyouassignedintheArecordandwanttoalsobereferredtoaswww.
benchX.
cxmNoneofthisinformationiscurrent,becauseitisreadwhenthedaemonisstarted.
Tohavethistakeeffect,you'llneedtorestartthedaemonwiththecommand,/etc/rc.
d/init.
d/namedrestartTestyourconfigurationtomakesureitallworks,includingallhostsandaliasesservedbythisDNSandanyotherhostnameontheInternetGettheTAorProfessortoinitialintheboxtotheright,indicatingthatyouhavesuccessfullyconfiguredabasicDNSforafictitiousdomain,includingaliasrecords.
DomainNameServicePage5Oct1999Prof.
WeiserMSTM,OSUNowwe'llgoalittledeeper.
Aftereachofthefollowingthreeareas,restartthedaemon,testandtrouble-shoot.
AddamailrecordThiswillallowyoutoreceivemailatlogin@bench0.
cxm,ratherthanlogin@hostY.
bench0.
cxmEdityourzonefiletoincludethefollowinglineimmediatelyaftertheNameServerline:INMX10mailserverHostOnlyusetheunqualifiedhostname(iedev156).
TherestoftheaddresswillberesolvedbytheArecord.
AddaforwarderAforwardersstatementcanpointtospecificothernameserversthatmaybeabletoresolvenamesthatcannotberesolvedlocally,butmaybeabletoberesolvedwithoutgoingtotherootserver.
We'lluseforwarderstoeachoftheothergroups'masternameserver.
Edittheoptionslineofthe/etc/named.
conf,addingthefollowingstatementforwarders{xxx.
xxx.
xxx.
xxx;yyy.
yyy.
yyy.
yyy;};includingeachoftheIP'srepresentingtheothernameserverswithinthebracesOperateslavesSlavesarealsoauthoritativeandserveeitherasabackupforthemaster,orcanlocalizedatafromafrequentlyaccesseddomain.
SlavesmaybecreatedsolelyfromtheslaveDNS,withoutpermissionorconfigurationfromthemaster.
Theretrievalofthecurrentfile,however,iseithertriggeredbyatimerexpirationintheslave,ormanuallybytheslave'sadministrator.
Ifthemasterisconfigured,itcanNOTIFYtheslaveanytimeanupdateoccurs,guaranteeingalmostidenticaldatainbothservers.
Addthefollowinglinesto/etc/named.
conf:zonedomain.
cxm"{typeslave;file"slave.
domain.
cxm";masters{xxx.
xxx.
xxx.
xxx;};};wheredomain.
cxmisthenameofthedomainforwhichthisisaslave,andxxx.
xxx.
xxx.
xxxistheIPaddressofthemasterDNSforthatdomain.
GettheTAorProfessortoinitialintheboxtotheright,indicatingthatyounowunderstandmanyoftheadditionalcomplexitiesinvolvedinadministeringaDNS.