DNS and DHCP
CSCI N321 – System and Network Administration
Copyright © 2007 by Scott Orr and the Trustees of Indiana University
In the beginning…
Early name resolution All addresses in shared file Never 100% accurate
/etc/hostsIP_Addr Hostname [Aliases…]
127.0.0.1 localhost.localdomain localhost
134.68.140.203 pegasus.cs.iupui.edu pegasus
Domain Name Service (DNS)
Allows for IP-Hostname translationsDistributed Hierarchical Database Hostname to IP address IP Address to Hostname Root Servers (A-M)
Mail Server addressingResolver Library callsProtocol to exchange data
DNS Management
Internet Corporation for Assigned Names and Numbers (ICANN)Registries ARIN – North America RIPE - Europe APNIC – Asian Pacific AfriNIC - Africa LACNIC – Latin America
Domain Registrars and ISPsAuthoritative DNS Servers
Whois Queries
Owner LocationDomain nameDomain DNS ServersIP Address BlockContact Information Administrative (Tech) Abuse Noc
ISC BIND
Primary DNS Server Software in useStarted as a graduate student projectVersions 4.x – Depreciated 8.x – Maintenance Development only 9.x – Active Development
Authoritative (master & slave)CachingRecursive/Non-recursive
/etc/named.conf (Config)
options { directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file
"/var/named/data/named_stats.txt"; // query-source address * port 53;};
controls { inet 127.0.0.1 allow { localhost; } keys
{ rndckey; };};
/etc/named.conf (Zones)zone "." IN { type hint; file "named.ca";};
zone "localdomain" IN { type master; file "localdomain.zone"; allow-update { none; };};
zone "localhost" IN { type master; file "localhost.zone"; allow-update { none; };};
zone "0.0.127.in-addr.arpa" IN { type master; file "named.local"; allow-update { none; };};
// CS Domain Config
zone "cs.iupui.edu" { type master; file "dns.cs.iupui.edu";};
zone "140.68.134.in-addr.arpa" { type master; file "rev.134.68.140";};
include "/etc/rndc.key";
Zone Files
Typically in /var/named/Forward and reverse filesRecord Format[name] [ttl] [class] type data TTL – Time to keep data cached Class
IN (Internet) CN (ChaosNet – No longer used) HS (Hesoid – internal database)
SOA Records
Server NameContact NameSerial (Must be increased w/ change)Refresh Secondary Retry RefreshExpire non-refreshed entriesMinimum time to live
SOA Record Example
@ IN SOA klingon.cs.iupui.edu. root.klingon.cs.iupui.edu. (
2007112500 ; Serial - increase when file changes 7200 ; Refresh secondaries every 2 hours 1200 ; Retry refresh every 20 minutes 2592000 ; Expire non-refreshed entries after 30 days 7200 ) ; Minimum time-to-live is 2 hours
Name Server Records
Which name servers support this domainDoes not differentiate between master and slave serversExample:
IN NS klingon.cs.iupui.edu.
IN NS dns1.iu.edu.
IN NS dns2.iu.edu.
Address (A) Records
A Records – Maps hostnames to IP addressesFormatHostname IN A #.#.#.#
Examples:tempest IN A 134.68.140.202
pegasus IN A 134.68.140.203
enigma IN A 134.68.140.206
Pointer (PTR) Records
PTR Records – Maps IP addresses to hostnamesFormat# IN PTR FQDN.
Examples:202 IN PTR tempest.cs.iupui.edu.
203 IN PTR pegasus.cs.iupui.edu.
206 IN PTR enigma.cs.iupui.edu.
Conical Name (CNAME) Records
Aliases for hostnamesUsually associated with ServicesFormatAlias IN CNAME Hostname
Examples:imap IN CNAME tempestns IN CNAME klingonsmtp IN CNAME tempestwww IN CNAME enigmawebmail IN CNAME tempest
Mail Exchanger (MX) Records
Special records for domain email serversPrioritization and round robin capabilityFormatDomain. IN MX pri host
Examples:cs.iupui.edu. IN MX 10 tempest
cs.iupui.edu. IN MX 100 enigma
Other Record Types
Service (SVC) Associated with network Services
Text (TXT) Notes (also SPF information)
HINFO Host information (no longer used)
ISC DHCPd
Provides IP addresses to client systems Static – Based on MAC Address Dynamic – Given to unknown hosts
Optionally provides other Network settings Subnet Masks DNS Servers ( /etc.resolv.conf ) Default Gateway Network and Broadcast Addresses
Lease times
/etc/dhcpd.conf
authorative;#ddns-update-style ad-hoc;ddns-update-style none;one-lease-per-client true;
host camera { hardware ethernet
00:40:8c:5b:c1:91; fixed-address 10.234.140.21;}
# Block Bad MAC address
host ronin { hardware ethernet
00:20:e0:67:53:68;}
subnet 134.68.140.0 netmask 255.255.255.0 {
option domain-name "cs.iupui.edu"; option domain-name-servers
134.68.140.1 option subnet-mask 255.255.255.0; option broadcast-address
134.68.140.255; option routers 134.68.140.100;
pool { range 134.68.140.101
134.68.140.199; default-lease-time 7200; max-lease-time 144000; deny known clients; }}
/etc/dhcpd.leases
Active Lease Entry
lease 134.68.140.134 { starts 3 2007/12/05 04:14:12; ends 3 2007/12/05 06:14:12; binding state active; next binding state free; hardware ethernet
00:13:72:da:2c:ad; uid "\001\000\023r\332,\255"; client-hostname "in-csci-16sl247";}
Expired Lease Entry
lease 134.68.140.121 { starts 2 2007/12/04 22:45:28; ends 3 2007/12/05 00:45:28; tstp 3 2007/12/05 00:45:28; binding state free; hardware ethernet
00:18:8b:d9:d5:a9; uid "\001\000\030\213\331\325\251"; client-hostname "in-csci-lt1";}
Top Related