Table of Contents
DNS is the "." of all evil!
DNS Terminology
- Zone - The domain namespace is divided into regions called zones. For instance, if you have example.com, you have the example section, or zone, of the com domain.
- DNS server - The DNS server is a server that maintains the name and IP information for a domain. You can have a primary DNS server for master zone, a secondary server for slave zone, or a slave server without any zones for caching.
- Master zone DNS server - The master zone includes all hosts from your network and a DNS server master zone stores up-to-date records for all the hosts in your domain.
- Slave zone DNS server - A slave zone is a copy of the master zone. The slave zone DNS server obtains its zone data with zone transfer operations from its master server. The slave zone DNS server responds authoritatively for the zone as long as it has valid (not expired) zone data. If the slave cannot obtain a new copy of the zone data, it stops responding for the zone.
- Forwarder - Forwarders are DNS servers to which your DNS server should send queries it cannot answer.
- Record - The record is information about name and IP address. Supported records and their syntax are described in BIND documentation. Some special records are:
- NS record - An NS record tells name servers which machines are in charge of a given domain zone.
- MX record - The MX (mail exchange) records describe the machines to contact for directing mail across the Internet.
- SOA record - SOA (Start of Authority) record is the first record in a zone file. The SOA record is used when using DNS to synchronize data between multiple computers.
BIND
See Bind tip's
djbdns
dig
~./digrc
+nostats +nocomments +nocmd +noquestion +recurse
Speeding Up DNS Access In Regions With Very Low Infrastructure (pdnsd)
apt-get install pdnsd
/etc/default/pdnsd
START_DAEMON=yes
/etc/pdnsd.conf
global {
perm_cache=2048;
cache_dir="/var/cache/pdnsd";
max_ttl=604800;
run_as="pdnsd";
paranoid=on;
status_ctl=on;
server_port=53;
server_ip="127.0.0.1";
}
# server {
# label="opendns";
# ip = 208.67.220.220,208.67.222.222;
#}
server {
ip="8.8.4.4";
timeout=60;
interval=900;
uptest=none;
ping_timeout=500;
purge_cache=off;
caching=on;
}
server {
label="resolvconf";
}
source {
ttl=86400;
owner="localhost.";
serve_aliases=on;
file="/etc/hosts";
}
/etc/resolv.conf
nameserver 127.0.0.1
If your PC gets its nameserver from a DHCP server, you will need to reconfigure dhclient.conf to make 127.0.0.1 your primary domain server.
Here is the file you need to edit: /etc/dhcp3/dhclient.conf, uncomment or add the following line …
prepend domain-name-servers 127.0.0.1;
If you got the static ip address, in this case you just need to edit your /etc/resov.conf file and add the following entries ..
nameserver 127.0.0.1
General DNS linux stuff
/etc/host.conf order hosts,bind multi on nospoof on spoofalert on spoof warn reorder on
Reverse whois lookups
If we want to check the whois info for a reverse zone, a special whois lookup is requred. For example, if we have the network 212.18.32.0/24 and want to check its RIPE data, the following whois query would be performed:
whois -h whois.ripe.net 32.18.212.in-addr.arpa
or
telnet whois.ripe.net 43 32.18.212.in-addr.arpa