1. The document explains the function of a DNS system using an example of connecting a school computer to www.yahoo.com. It describes how the client's request is first sent to an authoritative name server that resolves DNS names and finds IP addresses. If the name is not found, the request is passed to a root server that can find the associated name and IP address. Once the IP is found, the client computer can connect via IP to the destination website.
2. It then asks questions about the domain web.av.salesians.cat, defining an authoritative name server, host name, top-level domain (TLD), subdomain, and fully qualified domain name (FQDN).
3
Separation of Lanthanides/ Lanthanides and Actinides
DNS CONFIGURATION
1. Assessment Tools SAR-R256-E01
m07u01i01-210520062915 1 de 15
THEORY
1) Given the explanation in class, explain step by step and in your own words the function of a DNS
system, using as an example a school computer that you want to connect up to www.yahoo.com
1. - First of all, the client's request is directed to a server specially commissioned to resolve the DNS
names and find the corresponding IPs.
2. - In case the ANS server does not find an answer, this request will be passed to a "root" server, this is
a central server with all the necessary resources to find the corresponding name and find the assigned
IP
3. - Once the associated IP is found, it performs all the necessary process for our client computer to
connect via IP to the destination
The DNS name is only a name, in the end you only connect through the IP
2) From the point of view of web.av.salesians.cat
- What is the ANS (Authoritative Name Server)? An ANS is a server in charge of resolving the
requests and paths of the DNS names coming from the client devices, that is, it is in charge of
translating the names that are sent to it.
- What is the name of the host? The host name could be said to be that of the domain itself
(web.av.salesians.cat) although if we ping this DNS we can find that its real IP is 35.195.243.18
- What is the TLD (Top Level Domain)? What type is it? It is the server where you have all the
domains ending with a “.com” or other subfix, any domain that has this subfix is stored in the cache
memory of that server. The type of this domain is “.cat”
- What is the subdomain? The subdomain of this address is web.av
- What would the FQDN (Fully Qualified Domain Name) be? The FQDN is the fully qualified name of
the domain up to the end point that is used to identify the root server (web.av.salesians.cat.)
2. Assessment Tools SAR-R256-E01
m07u01i01-210520062915 2 de 15
PRACTICAL
Section one: DNS clients
1) From Linux UBUNTU
o Configure the network card so that it takes its IP configuration through DHCP. Check using
ifconfig that everything is correct.
3. Assessment Tools SAR-R256-E01
m07u01i01-210520062915 3 de 15
o Using the command nslookup www.ubuntu.com
What is the IP of www.ubuntu.com?
What is the DNS server linked to your machine?
In my case, I have put the IP of the inf.local server as DNS
4. Assessment Tools SAR-R256-E01
m07u01i01-210520062915 4 de 15
What does it mean when the response is not authoritative?
Means the response you receive does not come from the central DNS server, therefore the IPs could be
incorrect, this could be solved if we "asked" the IP of the DNS to the root server or the one that stores the DNS
2) From a Windows machine
o Configure the network card so that it takes its IP configuration through DHCP. Check using
ifconfig that everything is correct.
5. Assessment Tools SAR-R256-E01
m07u01i01-210520062915 5 de 15
o Using the command nslookup www.ubuntu.com
What is the IP of www.ubuntu.com?
What is the DNS server linked to your machine?
Is it an authoritative response?
As we can see in the image above, it is not an authoritative answer
6. Assessment Tools SAR-R256-E01
m07u01i01-210520062915 6 de 15
o Using the command nslookup www.ag.epss.org
What is the IP of www.ag.epss.org?
Why is it an authoritative response?
It is an authoritative answer since you ask the IPs to the root server where it is stored in DNS service
o On connectivity:
Test to see that you have connectivity with www.ubuntu.com both by name (ping
www.ubuntu.com) and through IP (ping 91.189.89.110)
7. Assessment Tools SAR-R256-E01
m07u01i01-210520062915 7 de 15
Do the same with the server www.ag.epss.org, both by name and by IP. What is
happening?
Does not allow ping because it is a local DNS and does not have the ability to receive ping packets
o On resolutions:
Configure the primary DNS of Windows to the Google DNS (8.8.8.8). Explain why
the server resolves www.ubuntu.com correctly and why it does not resolve
www.ag.epss.org.
Because "www.ag.epss.org." It is a local DNS, and if we are from google's IP (8.8.8.8) we cannot resolve said
DNS that is in a local network
Configure the primary DNS of Windows to that of the IT Department
(172.17.0.100). Explain why the server resolves both www.ubuntu.com and
www.ag.epss.org correctly.
It solves it because the DNS "www.ag.epss.org" is hosted on the local server (172.17.0.100) and if we are not
connected to that DNS we cannot access it
8. Assessment Tools SAR-R256-E01
m07u01i01-210520062915 8 de 15
Section two: Local Names
1) From Linux UBUNTU
o Test the connectivity with 172.17.0.100 (SOL Server)
o Add a line which gives the names sol and sol.di.epss to 172.17.0.100 to the file /etc/hosts
and test the connectivity (ping sol and ping sol.di.epss)
9. Assessment Tools SAR-R256-E01
m07u01i01-210520062915 9 de 15
2) From a Windows machine
o Find the hosts folder and repeat on this exercise on it.
C:WindowsSystem32driversetchost
Section Three: DNS servers in Linux
3) From Linux UBUNTU
o Set up your Ubuntu machine in the following way:
Network card IP: 10.Y.0.10 (Y is your login number). Gateway: 10.Y.0.1. DNS:
172.17.0.100
10. Assessment Tools SAR-R256-E01
m07u01i01-210520062915 10 de 15
Install the BIND service (DNS) using the apt install bind9 command and check
that it’s working using service bind9 status.
Make a security copy of the important folders:
/etc/hosts
/etc/bind directory
If we want to make a backup copy of several files, the only thing we are going to do is copy
them to another external disk so as not to lose them, in my case I will be able to place them
in another directory.
o DNS (caching-only)
Start up the DNS server and configure it so that it is caching-only towards the
DNS server of the department (IP 172.17.0.100)
11. Assessment Tools SAR-R256-E01
m07u01i01-210520062915 11 de 15
From a Windows client:
Configure the DNS of a Windows client so that it points to your DNS server
Check that it works by resolving www.ubuntu.com and www.ag.epss.org
Why when I run nslookup www.ag.epss.org is the response not
authoritative?
Why don't we ask the domain server directly, we use the ubuntu machine as the medium
12. Assessment Tools SAR-R256-E01
m07u01i01-210520062915 12 de 15
o DNS (Master Server or Master Primary Server)
From Webmin create a direct zone with these characteristics:
Caching-only towards 172.17.0.100
Name: m2inxx.epss (where xx is your group number)
Create 2 host names called www and mail which point to 10.Y.0.35.
Create 1 host name called client1 wich points to your Windows client IP
address.
Using the dig command, explain which computer has replied to the
resolution of client1.m2inxx.epss.
with this command we are "resolving" the IP of our windows client
From Webmin create an reverse zone so that the name of the DNS server is
dnsserver.m2inxx.epss.
13. Assessment Tools SAR-R256-E01
m07u01i01-210520062915 13 de 15
Check from a Windows client that all the DNS registers work properly, both directly
and inversely. Do a resolution of each to check this, both for the registers and for
the aliases.
o DNS (Slave Server or Master Secondary Server)
Create a new Linux machine with address 10.Y.0.20.
Configure it so that it is a DNS Slave server of the previous server.
Create a zone with type “Forward”
Select the domain or network name to “gabriel.epss”
In the master servers we must set it with the DNS IP
Create the zone and create another in “Reverse”
14. Assessment Tools SAR-R256-E01
m07u01i01-210520062915 14 de 15
Configure your Windows client so it’s using the slave DNS and check that all the
DNS registers work properly, both directly and reversely.
We must set the IPv4 into the Windows client machine
Change the DNS to the linux machine
After that we can go to the cmd and try all the “nslookup”. Ex:
Nslookup www.m2in17.epss
Are the resolutions of the names of the m2inxx.epss domain, managed by our
slave, authoritative or non-authoritative?
it's not an authoritative answer as you don't "ask" the main server directly
Extensions
On DNS
- What are the IP addresses of the computers charged with resolving the TLDs? Analyze their
function (How do they work? With what software? Etc.) and location of the F root servers
(http://www.isc.org/community/f-root).
- Using the dig command, force a name resolution from the root servers
- Find out what the configuration folders are and their format
- Find out how to perform secure zone transfers.
Domain Registration
- Domain registration
o Find out how much it costs to register the m2inxx domain with the .com, .es and .cat
TLDs.
o Explain all the steps that need to be taken and the information that you will need for it.
- Using the registrar freenom.com register a .tk (Tokelau) domain:
o Explain what DNS options it offers
o Using its DNS, create a new domain m2inxx1920.tk and give it the IP 150.24.10.10. Show
using nslookup that it works properly.
- Explain what are DDNS is and what they use it for.
NetBIOS
With the help of the NetBIOS and name resolution document that you have on Moodle, briefly explain how a
NetBIOS system of names works. You must specifically explain:
- Formats and types of name
- What a work group is
- Can there be duplicate names in a work group?
- What is a domain? When is a domain necessary?
- What is the NetBIOS name of your host machine? Is it in the domain or in a work group?
- Explain what the similarities and differences between WINS and NetBIOS are.