Dns perfect

  • 201 views
Uploaded on

 

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
201
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
8
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. DNS: Domain Name System (DNS) is a database system that translates a computer's fully qualified domain name into an IP address. Networked computers use IP addresses to locate and connect to each other, but IP addresses can be difficult for people to remember. For example, on the web, it's much easier to remember the domain name www.eukhost.com than it is to remember its corresponding IP address (213.175.192.12). DNS allows you to connect to another networked computer or remote service by using its user-friendly domain name rather than its numerical IP address. Conversely, Reverse DNS (rDNS) translates an IP address into a domain name…. Types of DNS: Domain name system translate domain name to ip address. There are different types of DNS server available we can install any of them as per our requirement. 1) BIND -> BIND is the reference implementation of a DNS server and usually serves as the base for experimentation with DNS protocol extensions. BIND is free and has been ported to many operating systems; see the respective entries in the index. Most BIND servers run on some variant of UNIX, although BIND on Windows is also available. URL: - http://www.bind9.net/download 2) djbdns: - The two main name server functions of caching and acting as an authoritative server are sensibly split into two separate programs (dnscache and tinydns). The djbdns package is free, and comes with a $500 security guarantee. .http://http://www.djbdnsrocks.org/single/download.htm 3) ANS/CNS: - ANS/CNS full form is Authoritative Name Server/ Caching Name Server. ANS/CNS are commercial DNS servers from Nominum, for enterprise applications that need maximum performance. Url: - http://www.nominum.com/products.php?id=6 4) PowerDNS:- Powers has developed a complete suite of technologies surrounding Internet Naming and email. Internet Naming is at the core of all online activities and is involved in each and every transaction on the net. Url:- http://www.powerdns.com/ 5) NSD:- NSD full form is Name Server Daemon. NSD is an authoritative only, high performance, simple and open source name server. Url:-http://www.nlnetlabs.nl/ 6) MaraDNS:- MaraDNS is a package that implements the Domain Name Service (DNS), an essential internet service. MaraDNS is easy to use highly secure. Url:http://www.maradns.org/ 7) MyDNS:- MyDNS is a free DNS server for UNIX. MyDNS does not include recursive name service, nor a resolver library. It is primarily designed for organizations with many zones and/or resource records who desire the ability to perform real-time dynamic updates on their DNS data via MySQL. Url:- http://mydns.bboy.net/ 8) RBLDNSD :- Meaning is “DNS daemon suitable for running DNS-based blacklists”. rbldnsd is a small DNS-protocol daemon which is designed to handle queries to DNSbased IP-listing or NAME-listing services. Such services are a simple way to share/publish a list of IP addresses or (domain) names which are “listed” for for some
  • 2. reason, for example in order to be able to refuse a service to a client which is “listed” in some blacklist. Url:- http://www.corpit.ru/mjt/rbldnsd.html 9) Pdnsd:- pdnsd is a proxy DNS server that caches entries permanently to disk. pdnsd allows you to configure one address as the DNS server for all your internet software. This can be localhost, but I personally use a separate machine that I’ve configured as a gateway to the internet for my home LAN. pdnsd can then be configured to contact your ISP’s DNS servers when you make a dial-up connection. Url:http://www.phys.uu.nl/~rombouts/pdnsd.html 10) Dents:- Dents is a from scratch implementation of the server side of the Domain Name System (DNS) protocol and it shares no code with any other project. Among its several features are compatibility with the named DNS daemon, a modular driver system and an extensible control facility which allows the administrator to control the running server. Url:http://sourceforge.net/projects/dents/ orhttp://www.europe.redhat.com/do cumen....1-1.i386.php3 11) Microsoft’s DNS server :- The DNS server in Windows 2003 has seen increasing adoption since its first release for Windows 2000 in 1999. It is regarded as stable and is well-integrated with Microsoft’s server administration tools. Url:- http://www.microsoft.com/downloads/d...displaylang=en 12) Simple DNS Plus:- Simple DNS Plus is commercial software for Windows (any version from Windows 95 to 2003). It seems fully functional and targeted to small sites and home users with permanent Internet connections. It has some innovative features, but I have no first hand experience with it. Url:http://www.simpledns.comQuestion: What Is 'DNS'? (What Is Internet Domain Name System?) Answer: Domain Name System, or DNS, is the fundamental system for assigning named addresses to internet web servers (aka "internet host machines"). Somewhat like international phone numbers, the domain name system helps to give every Internet server a memorable and easy-to-spell address. Simultaneously, the domain names keep the really technical IP address invisible for most viewers. Why is DNS important? DNS is like a phone book for the Internet. If you know a person’s name but don’t know their telephone number, you can simply look it up in a phone book. DNS provides this same service to the Internet. When you visit http://dyn.com in a browser, your computer uses DNS to retrieve the website’s IP address of 204.13.248.115. Without DNS, you would only be able to visit our website (or any website) by visiting its IP address directly, such ashttp://204.13.248.115.
  • 3. How does DNS work? When you visit a domain such as dyn.com, your computer follows a series of steps to turn the human-readable web address into a machine-readable IP address. This happens every time you use a domain name, whether you are viewing websites, sending email or listening to Internet radio stations like Pandora. Step 1: Request information The process begins when you ask your computer to resolve a hostname, such as visiting http://dyn.com. The first place your computer looks is its local DNS cache, which stores information that your computer has recently retrieved. If your computer doesn’t already know the answer, it needs to perform a DNS query to find out. Step 2: Ask the recursive DNS servers If the information is not stored locally, your computer queries (contacts) your ISP’s recursive DNS servers. These specialized computers perform the legwork of a DNS query on your behalf. Recursive servers have their own caches, so the process usually ends here and the information is returned to the user. Step 3: Ask the root name servers If the recursive servers don’t have the answer, they query the root name servers. A name server is a computer that answers questions about domain names, such as IP addresses. The thirteen root name servers act as a kind of telephone switchboard for DNS. They don’t know the answer, but they can direct our query to someone that knows where to find it. Step 4: Ask the TLD name servers The root name servers will look at the first part of our request, reading from right to left — www.dyn.com — and direct our query to the Top-Level Domain (TLD) name servers for .com. Each TLD, such as .com, .org, and .us, have their own set of name servers, which act like a receptionist for each TLD. These servers don’t have the information we need, but they can refer us directly to the servers that do have the information. Step 5: Ask the authoritative DNS servers The TLD name servers review the next part of our request — www.dyn.com — and direct our query to the name servers responsible for this specific domain. These authoritative name servers are responsible for
  • 4. knowing all the information about a specific domain, which are stored in DNS records. There are many types of records, which each contain a different kind of information. In this example, we want to know the IP address for www.dyndns.com, so we ask the authoritative name server for the Address Record (A). Step 6: Retrieve the record The recursive server retrieves the A record for dyn.com from the authoritative name servers and stores the record in its local cache. If anyone else requests the host record for dyn.com, the recursive servers will already have the answer and will not need to go through the lookup process again. All records have a time-tolive value, which is like an expiration date. After a while, the recursive server will need to ask for a new copy of the record to make sure the information doesn’t become out-of-date. Step 7: Receive the answer Armed with the answer, recursive server returns the A record back to your computer. Your computer stores the record in its cache, reads the IP address from the record, then passes this information to your browser. The browser then opens a connection to the webserver and receives the website. This entire process, from start to finish, takes only milliseconds to complete. How Does DNS Affect the Everyday User? DNS affects you in two ways: 1. Domain names are what you will type to visit a web page. (e.g. www.fbi.gov) 2. Domain names can be purchased so that you can have your own website somewhere. (e.g. www.paulsworld.co.uk) Some example internet domain names: 1. about.com 2. nytimes.com How Domain Names Are Spelled: 1) Domain names are organized right to left, with general descriptors to the right, and specific descriptors to the left. It is like family surnames to the right, specific person names to the left. These descriptors are called "domains". 2) The "top level domains" (TLD, or parent domain) is to the far right of a domain name. Mid-level domains (children and grandchildren) are in the middle. The machine name, often "www", is to the far left. 3) Levels of domains are separated by periods ("dots").
  • 5. A Domain Name is not the same as URL to be technically correct, a domain name is commonly part of a larger Internet address called a "URL". A URL goes into much more detail than domain name, providing much more information, including the specific page address, folder name, machine name, and protocol language. Example Uniform Resource Locator pages, with their domain names bolded: 1. http://horses.about.com/od/basiccare/a/healthcheck.htm What Is Authoritative Name Server? Authority’s means the name server knows about a domain and it's configured to server it. An authoritative name server is a name server that gives answers that have been configured by an original source, for example, the domain administrator or by dynamic DNS methods, in contrast to answers that were obtained via a regular DNS query to another name server. An authoritative-only name server only returns answers to queries about domain names that have been specifically configured by the administrator. An authoritative name server can either be a master server or a slave server. A master server is a server that stores the original (master) copies of all zone records. A slave server uses an automatic updating mechanism of the DNS protocol in communication with its master to maintain an identical copy of the master records. An authoritative name server provides actual answer to your DNS queries such as – mail server IP address or web site IP address (A resource record). It provides original and definitive answers to DNS queries. It does not provides just cached answers that were obtained from another name server. Therefore it only returns answers to queries about domain names that are installed in its configuration system. There are two types of Authoritative Name Servers: 1. Master server (primary name server) A master server stores the original master copies of all zone records. A host master only make changes to master server zone records. Each slave server gets updates via special automatic updating mechanism of the DNS protocol. All slave servers maintain an identical copy of the master records. 2. Slave server (secondary name server) A slave server is exact replica of master server. It is used to share DNS server load and to improve DNS zone availability in case master server fails. It is recommend that you should at least have 2 slave servers and one master server for each domain name. Any answer that originates from the DNS Server which has the complete zone file information available for the domain is said to be authoritative answer. In many cases, DNS servers will not have the complete zone file information available for a given domain. Instead, it maintains a cache file which has the results of all queries performed in the past for which it has gotten authoritative response. When a DNS query is given, it searches the cache file, and return the information available as “Non-Authoritative Answer”.
  • 6. What is non-authoritative dns serve? Non authoritative name servers do not contain copies of any domains. Instead they have a cache file that is constructed from all the DNS lookups it has performed in the past for which it has gotten an authoritative response. When a non-authoritative server queries an authoritative server and receives an authoritative answer, it passes that answer along to the querier as an authoritative answer. Thus, nonauthoritative servers can answer authoritatively for a given resolution request. However, nonauthoritative servers are not authoritative for any domain they do not contain specific zone files for. Most often, a non-authoritative server answers with a previous lookup from its lookup cache. Any answer retrieved from the cache of any server is deemed non-authoritative because it did not come from an authoritative server. Non authoritative servers do not contain copies of any domains. Instead they have a cache file that is constructed from all the DNS lookups it has performed in the past for which it has gotten an authoritative response. When a non-authoritative server queries an authoritative server and receives an authoritative answer, it passes that answer along to the queried as an authoritative answer. Thus, nonauthoritative servers can answer authoritatively for a given resolution request. However, nonauthoritative servers are not authoritative for any domain they do not contain specific zone files for. Most often, a non-authoritative server answers with a previous lookup from its lookup cache. Any answer retrieved from the cache of any server is deemed non-authoritative because it did not come from an authoritative server. DNS architecture diagrams: The following diagrams illustrate how the DNS Client and Server services work and provide additional information about name resolution, update, and administration operations. e first diagram illustrates the DNS Client service architecture in its name resolution and update operations. In this diagram, name resolution architecture is demonstrated using a Web browser and Microsoft Outlook and updates are represented by the DHCP client. DNS Client Service Architecture DNS architecture is a hierarchical distributed database and an associated set of protocols that define: A mechanism for querying and updating the database. A mechanism for replicating the information in the database among servers. A schema of the database. How the DNS domain namespace is organized Any DNS domain name used in the tree is technically a domain. Most DNS discussions, however, identify names in one of five ways, based on the level and the way a name is commonly used. For example, the DNS domain name registered to Microsoft (microsoft.com.) is known as a second-level domain. This is because the name has two parts (known as labels) that indicate it is located two levels below the root or top of the tree. Most DNS domain names have two or more labels, each of which indicates a new level in the tree. Periods are used in names to separate labels. The five categories used to describe DNS domain names by their function in the namespace are described in the following table, along with an example of each name type.
  • 7. Types of DNS domain names Name Type Description Example Root domain This is the top of the tree, representing an unnamed level; it is sometimes shown as two empty quotation marks (""), indicating a null value. When used in a DNS domain name, it is stated by a trailing period (.) to designate that the name is located at the root or highest level of the domain hierarchy. In this instance, the DNS domain name is considered to be complete and points to an exact location in the tree of names. Names stated this way are FQDNs. A single period (.) or a period used at the end of a name, such as “example.microsoft.com.” Top-level domain A name used to indicate a country/region or the type of organization using a name. ““.com”, which indicates a name registered to a business for commercial use on the Internet. Second-level domain Variable-length names registered to an individual or organization for use on the Internet. These names are always based on an appropriate toplevel domain, depending on the type of organization or geographic location where a name is used. ““microsoft.com. ”, which is the second-level domain name registered to Microsoft by the Internet DNS domain name registrar. Subdomain Additional names that an organization can create that are derived from the registered second-level domain name. These include names added to grow the DNS tree of names in an organization and divide it into departments or geographic locations. ““example.microsoft.com. ”, which is a fictitious subdomain assigned by Microsoft for use in documentation example names. Host or resource name Names that represent a leaf in the DNS tree of names and identify a specific resource. Typically, the leftmost label of a DNS domain name identifies a specific computer on the network. For example, if a name at this level is used in a host ““host-a.example.microsoft.com.”, where the first label (“host-a”) is the DNS host name for a specific computer on the network.
  • 8. (A) resource record, it is used to look up the IP address of computer based on its host name. DNS and Internet domains The Internet Domain Name System is managed by a Name Registration Authority on the Internet, responsible for maintaining top-level domains that are assigned by organization and by country/region. These domain names follow the International Standard 3166. Some of the many existing abbreviations, reserved for use by organizations, as well as two-letter and three-letter abbreviations used for countries/regions are shown in the following table: Some DNS top-level domain names (TLDs) DNS Domain Name Type of Organization com Commercial organizations edu Educational institutions org Non-profit organizations net Networks (the backbone of the Internet) gov Non-military government organizations mil Military government organizations arpa Reverse DNS “xx” Two-letter country code (for example, us, au, ca, fr)
  • 9. The following diagram illustrates the DNS Server service architecture with its administration tools and the Windows Management Instrumentation (WMI) interface. DNS Server Service Architecture Reverse Lookup Zone vs Forward Lookup Zone: Domain Name System (DNS) is a naming system that is used by any resource connected to internet. DNS translates domain names, which are more meaningful to humans, in to IP addresses associated with internet resources to locate them throughout the world. Each time an IP address is used, the DNS translates the name in to the corresponding IP address. Forward lookup zone holds host name to IP address relations. When a computer requests an IP address for a specific host name, the
  • 10. forward lookup zone is queried to get the result. On the other hand, Reverse lookup zone contains the IP address to host name mapping. When a computer requests a host name for a specific IP address, the reverse lookup zone is queried to get the answer. What is forward lookup zone? Forward lookup zone contains a mapping between host names and IP addresses. When a computer requests an IP address by providing a host name (that is more user friendly), the forward lookup zone is queried to find the IP address for the given host name. For example, when you type www.cnn.com in your browser, the forward lookup zone will be queried and the IP address 157.166.255.19 will be returned, which is actually the IP address of that site. When a forward lookup is sent to the DNS server, the DNS server searches for an A type resource record associated with the host name provided by the request. An A type resource is a DNS record that can be used to point the domain name and host names to a static IP address. If the DNS server finds a matching A type resource record, it will return that to the client, else it will forward the query to another DNS server. What is reverse lookup zone? Reverse lookup zone contains a mapping that relates IP addresses to host names. When a computer requests for a domain name by providing an IP address, the reverse lookup zone is queried to find the host name for the IP address given. For example, if a client wants to find the host name for the IP address 157.166.255.19, the reverse lookup zone will be queried and it will return the host name www.cnn.com. The reverse lookup zone contains PTR resource records. A PTR record allows doing a reverse lookup by pointing the IP address to a host/domain name. When doing reverse lookups, these PTR records are used to point to A resource records. What is the difference between Reverse Lookup Zone and Forward Lookup Zone? The main difference between forward lookup zone and reverse lookup zone is that forward lookup zone is used to resolve forward lookup queries where the client requests an IP address by providing the host name, while reverse lookup zone is used for resolving reverse lookup queries where a client requests a host name by providing an IP address. The forward lookup zone contains A type resource records that can point out an IP address for a given host name. The reverse lookup zone contains PTR records that can point out a host name for a given IP address. Read more: http://www.differencebetween.com/difference-between-reverse-lookup-zone-and-vsforward-lookup-zone/#ixzz1wNg4IHRd What is DNS Record? DNS means Domain Name Service. First and foremost we should be aware of the terms Internet names and Internet address. Internet names are those names used to mention the hosts on the internet for example: www.globaliway.com. Here global way is referred to as internet names used in the browser. Internet address are the address normally the numbers which are being used to move traffic across the internet for example 74.53.110.114. Where name stands for internet names and numbers stands for internet address. DNS service translates its service between internet names and internet address. Usually this service is provided by the hosting company or given by the registrar where the domain is registered. DNS records or Zone files are used for mapping URLs to an IPs. These records are located in the DNS server. It connects your website with the outside world. When the URL is typed on the browser it is being forwarded to your DNS servers and then get pointed to webservers. These webservers serve the website mentioned in the URL or the Email server which handles the incoming email. A Record The majority of DNS records are "A" records. A records allow for you to point different sections of your domain to different IP addresses or servers. For example, this would be useful for having
  • 11. "www.domain.com" point to your web server's IP address and "mail.domain.com" point to your mail server's IP address. Each record includes a "Host Name" value and a corresponding IP Address. Record field: The record name for that A record. The host name will precede the ".domain.com". For example, adding a host name of "www" would translate to "www.domain.com". The "www" would point to the specified IP address in the A record. Address field: The IP address you wish for the A record to point to. For example, an A record name of "www" could point to "169.77.41.220", while an A record name of "mail" could point to "169.18.30.78". Examples A records: www, mail, ftp, webmail, www2, secure, store, dev CNAME Record CNAME records point to domain names, as opposed to specific IP addresses. This is very useful in that you can point a CNAME record to a domain name, change the record value for that domain name, and the CNAME record will reflect the updated record value. This is most commonly used when dealing with several top level domain versions (.com, .net, .org, etc.) of the same domain name. For example, if you own "domain.com" and "domain.net", instead of having to keep both domain name's records in sync with each other so that they resolve to the same IP address, you can simply create CNAME records for "domain.net" to mimic the "domain.com" records. That way, when changing records for "domain.com", it will automatically be reflected on "domain.net" as well. Record field: The host name for that CNAME record. The host name will precede the ".domain.com". For example, adding a CNAME record name of "www" would translate to "www.domain.com". The "www" would point to the same IP address of the domain name value entered for the CNAME record. Address field: The domain name you wish for the CNAME record to mimic. For example, a CNAME record of "www" could point to "dev.anotherdomain.com". This allows "www.domain.com" to always point to "dev.anotherdomain.com" even when the IP address is changed or updated. Example CNAME record: Record: webmail Address: mail.hostedmail.com MX Record An important part of the email delivery system is "MX" records. MX records essentially tell the world what server to send mail to for a particular domain name. Priority field: The priority preference for that MX record. MX records are processed in order starting with the one with the lowest priority value and working towards high priority records. In situations where you have multiple email servers, or backup email servers, set a lower priority value for your primary mail server and a higher priority value for your backup server. Record field: You can specify a 3rd level mail domain here, but typically you will want to leave it as "@" to specify the record is for the root domain name. Address field: The address of the target mail server. It is recommended to use a domain name value here as opposed to an IP address. Typically you would first create an "A" record of "mail" pointing to the IP address of your mail server, and specify "mail.domain.com" here as the address entry for the MX record.
  • 12. Example MX records: Priority: 10 Record: @ Address: mail.domain.com Priority: 20 Record: @ Address: mail2.domain.com TXT Record Typically a TXT record is used to get information about a domain. They can be used to specify what email servers are allowed to send mail for your domain with what is known as a "Sender Policy Framework (SPF)" record - which is very useful in combating spammers from falsely marking spam emails as from your domain name. They can also be used to provide a public "Domain Key" to be used to further prove the identity of emails being sent from your mail server to prove to spam filters that your domain's email is legitimate email. Record field: The name of the TXT record. For example, to create an SPF record you would want to leave it as "@" to specify the record is for the root domain name. Domain Keys require a more detailed record name. Address field: This is the value of the TXT record. Example TXT records: Record: @ Address: v=spf1 a mx -all Record: dkDomain._domainKey Address: p=MHwwDQYJKoZIhvcNAQEBBQADawAwaAJhANZY Recursive and Iterative Queries: With a recursive name query, the DNS client requires that the DNS server respond to the client with either the requested resource record or an error message stating that the record or domain name does not exist. The DNS server cannot just refer the DNS client to a different DNS server. Thus, if a DNS server does not have the requested information when it receives a recursive query, it queries other servers until it gets the information, or until the name query fails. Recursive name queries are generally made by a DNS client to a DNS server, or by a DNS server that is configured to pass unresolved name queries to another DNS server, in the case of a DNS server configured to use a forwarder. An iterative name query is one in which a DNS client allows the DNS server to return the best answer it can give based on its cache or zone data. If the queried DNS server does not have an exact match for the queried name, the best possible information it can return is a referral (that is, a pointer to a DNS server authoritative for a lower level of the domain namespace). The DNS client can then query the DNS server for which it obtained a referral. It continues this process until it locates a DNS server that is authoritative for the queried name, or until an error or time-out condition is met. This process is sometimes referred to as "walking the tree," and this type of query is typically initiated by a DNS server that attempts to resolve a recursive name query for a DNS client. Figure 5.4 shows an example of iterative and recursive queries. This example assumes that none of the servers have the requested information in their caches.
  • 13. Figure Iterative and Recursive Queries In the example shown in Figure 5.4, a client somewhere on the Internet needs the IP address of noam.reskit.com. The following events take place: 1. The client contacts NameServer1 with a recursive query for noam.reskit.com. The server must now return either the answer or an error message. 2. NameServer1 checks its cache and zones for the answer, but does not find it, so it contacts a server authoritative for the Internet (that is, a root server) with an iterative query for noam.reskit.com. 3. The server at the root of the Internet does not know the answer, so it responds with a referral to a server authoritative for the .com domain. 4. NameServer1 contacts a server authoritative for the .com domain with an iterative query for noam.reskit.com. 5. The server authoritative for the .com domain does not know the exact answer, so it responds with a referral to a server authoritative for the reskit.com domain. 6. NameServer1 contacts the server authoritative for the reskit.com domain with an iterative query for noam.reskit.com. 7. The server authoritative for the reskit.com domain does know the answer. It responds with the requested IP address. 8. NameServer1 responds to the client query with the IP address for noam.reskit.com.