Understanding DNS
Andrew Mallett
@theurbanpenguin | www.theurbanpenguin.com
Overview
•
BIND configuration files
•
Zone files
•
Named and rndc
•
Server tools
•
Client tools
$ dpkg -L bind9
/etc/bind/named.conf
/etc/bind/rndc.key
$ named -v | V
Configuration Files
We can use dpkg or rpm to list the package contents
/etc/bind/db.local
/etc/bind/db.127
$GENERATE 10-254 $ PTR dhcp-$.example.com
Zone Files
DNS information is stored in text file called zones. BIND can auto-create entries with
$GENERATE
A chroot jail can protect against malicious attack
The directory named ‘runs from’ appears as the root of
the filesystem
Create directory structure first
Use option -t in /etc/default/bind9
$ sudo -u bind rndc status
$ rndc-confgen
TCP PORT 953
Control DNS Server
The command rndc can be used to control the named service.
$ sudo named-checkconf
$ sudo named-checkzone localhost /etc/bind/db.local
Additional Server Tools
We can run syntax checks on the configuration file and on zones.
$ dig www.pluralsight.com -t A
$ nslookup -query=A www.pluralsight.com
Client Tools
The package dnsutils provides client tools such as dig and nslookup. More on client
tools later.
Summary
•
Identified configuration files
•
Viewed sample zone files
•
•
Confirmed version and status of the
server
Server and client tools
Next Up : Installing BIND on
CentOS 7