An Introduction to DNS

• Hiawatha Demby, Ph.D
  • UNC ITS Networking
  • IP Services - Applications Analyst

DNS: Background and History

Origins

• Computer networking on ARPAnet
  • small friendly community of computers
  • utilized the '/etc/hosts' file for mapping host to IP addresses
    • maintained by InterNIC using TCP/IP
    • updated by hand
    • hostname to IP address mapping
    • RFC 811 - Hostnames server

DNS: Background and History

Physical Layer

• unique MAC address per NIC
  • MAC - media access control
    • 01-23-45-67-89-ab | 01:23:45:67:89:ab | 0123.4567.89ab
  • NIC - network interface controller
• one IP address per 'physical' NIC

DNS: Background and History

Evolution

• ARPAnet becomes the Internet (ARPA - Advanced Research Projects Agency)
  • problems with the '/etc/hosts' method:
    • scale
    • update logistics
    • name collisions

DNS: Background and History

Reason for DNS

• the /etc/hosts file
  

The Creation of DNS

• RFC 1034 Domain Names--Concepts and Facilities
• RFC 1035 Domain Names--Implementation and Specification
• Other DNS related RFCs
  • 1101, 1122, 1183, 1706, 1876, 1982, 2181, 2308, and 2535

DNS: Domain Registration

Acquiring a Domain Name

• You must submit an application for a domain name to InterNIC using an ICANN accredited domain registrar
  • InterNIC - Internet Network Information Center
  • ICANN - Internet Corporation for Assigned Names and Numbers
  

DNS: Concepts

Structure of DNS

• The Domain Name System
  • DNS is a distributed database
    • access to other information using the DNS hierarchical domain name space structure
      • similar to a *nix file system structure
        • "/" unix root ==> "." DNS root
      • FQDN relative to domain root
        • FQDN - fully qualified domain name
    • Domain relative to parent namespace
      • namespace arrangement reduces hostname collisions
    • up to 127 levels allowed

DNS: Concepts

Naming Hierarchy

• DNS nodes and hostname creation
  

DNS: Concepts

DNS Domains

DNS: Concepts

DNS Domains

• InterNIC - .com, .org, .net, .info, .biz, .us, etc.
• Arin - reverse IP address space
• Educause - .edu domains
• GSA (General Services Administration) - .gov domains

DNS: Implementation

Types of DNS servers

• Root DNS server
• Domain Primary/Master DNS server
  • Subdomains
  • Delegation
• Domain Secondary/Slave DNS server
  • Zone Transfers
• Caching Only DNS server
  • Stored results only

DNS: Implementation

Issues with DNS servers

• Authoritative vs. non-Authoritative replies
  • confirming information authenticity
• DNS zone updates
  • AXFR zone transfers
  • IXFR zone transfers

DNS Implementation

Protocol in Action

• The DNS client/server model
  • Authoritative DNS servers
  • DNS clients/resolvers
  • types of DNS queries
    • recursive/iterative
    • non-recursive

DNS Implementation

 A recursive query

DNS Implementation

 An iterative, non-recursive query

DNS Implementation: Building a DNS server

 Files required for a DNS server

• root.cache / named.root / db.cache
• db.localhost, db.127.0.0.1
• named.conf
• zone data files
  • db_fwd
  • db_reverse
• resolv.conf
• hosts.txt

DNS Implementation: Anatomy of the named.root file

• A sample of the named.root file
  

DNS Implementation: Anatomy of the named.conf file

• A sample of the named.conf file
  

DNS: Implementation: db.localhost and db.127.0.0.1

• db.localhost
  
• db.127.0.0.1
  

DNS Implementation: /etc/resolve.conf

• /etc/resolv.conf
  

DNS Implementation: /etc/hosts

• /etc/hosts
  

DNS Implementation

• DNS Record types
  • Basic
    • SOA record
      • primary maser nameserver, contact email, serial number, refresh, retry, expire, min TTL
    • A record
      • myterm.domain.unc.edu in a 152.2.24.153
    • MX record
      • myterm.domain.unc.edu in mx 0 mailhost.domain.unc.edu.
    • Cname record
      • me.domain.unc.edu in cname myterm.domain.unc.edu.
    • PTR record
      • 153.24.2.152.in-addr.arpa in ptr myterm.domain.unc.edu
  • Information
    • TXT record
      • myterm.domain.unc.edu in txt "mymail@mailhost.unc.edu"
    • HINFO record
      • myterm.domain.unc.edu in hinfo "IBM-PCC" "WinXP-sp2"

DNS Implementation

• Other important DNS Record types
  • Zone records
  • -->
    • SOA and NS records
• Other Record types
  • Extended function
    • NAPTR, SRV, WKS, RP
    • AFSDB, X25, ISDN, RT
    • ... more to come!

DNS and IPv6 records

• the IPv6 AAAA/A6 records
  • 8 groups of 4 hex digits (shortcuts allowed)
    • ipv6-host in aaaa 4321:0:01:0212:3:4:567:89ab
    • ipv6-host in a6 4321::1:221:3:4:567:89ab
• ip6.int PTR records
  • 32 hex digits – no shortcuts!!
  • b.a.9.8.7.6.5.0.4.0.0.0.3.0.0.0.2.1.2.0.1.0.0.0.0.0.0.0.1.2.3.4.ip6.int
    • b.a.9.8.7.6.5.0.4.0.0.0.3.0.0.0.2.1.2.0.1.0.0.0.0.0.0.0.1.2.3.4.ip6.int.in ptr ipv6-host.domain.unc.edu.

DNS Security

• Typical DNS attacks
  • cache poisoning
  • spoofing
  • DOS attacks
• TSIG keys
• DNSSEC
• Chroot jail
• user named with limited privilege
• Restricted access
  • ACLs
  • non-recursive queries

DNS IPAMs

• Why use an IPAM?
  • Text files don't scale well to new security needs and IPv6 representation
  • Better access to DNS data for reporting
• Some IPAM implementations
  • Spreadsheets
  • Databases
  • Commercial applications
    • Client/Server applications
    • Web applications
  • DNS Appliances

DNS Troubleshooting

• nslookup
  • command line
  • interactive
  • zone dumps
• host
• dig
• whois
• Online tools
  • IPtools.com

Break

• Next: DHCP

DHCP: Background

• The need for Automatic configuration
  • BootP
    • used for printer configuration
    • BootP server would tell a newly connected printer all setting needed to operate correctly on the network.
    • static
  • DHCP
    • used to configure host that connect to the network
    • DHCP configures a connecting computer for everything it will need to use the network to which it is attached.
    • dynamic vs. static IP address allocation

DHCP at UNC

• Registering for DHCP at UNC
  

DHCP: Background

• The DHCP lease
  • lease IP address
  • lease start time
  • lease expire time
  • lease request time
  • binding state
  • (NIC) MAC address
  • UserID
  • Client hostname
• lease 152.23.136.222 {

   starts 4 2006/03/23  14:50:58;
   ends 4 2006/03/23  14:56:56;
   tstp 4 2006/03/23  14:56:56;
   binding state free;
   hardware ethernet 00:05:4e:4b:25:75;
   uid "\001\000\005NK%u"
   client-hostname "NET-TODD-T42";

}

DHCP at UNC

• DHCP configuration
  • Files needed
    • DHCPD - the server program
    • DHCPD.CONF - the program configuration file
  • File produced
    • DHCPD.LEASES
• Other files used
  • configuration
    • registrations.dhcp
    • dhcpd.conf.tmpl

The DHCP protocol

• DHCP protocol
  • DHCPDISCOVER
  • DHCPOFFER
  • DHCPREQUEST
  • DHCPACKNOWLEDGE

The DHCP protocol

• new connection
  
• renew connection
  

DHCP and DNS

• DNS and DHCP
  • all DHCP addresses must be defined in DNS
  • DHCP can dynamically update DNS
    • DyDNS
    • MS Active Directory
    • This can be a security problem if not done correctly
      • the ability to add, change or delete all associated records
• DHCP and DNS
  • DHCP must use the DNS server to resolve assigned hostnames
  • DHCP can be used to configure IP networks based on subnet classes

DHCP Troubleshooting

• Mostly it works or it doesn't work
  • the client unable to reach the server
    • no link or connection path available (firewall)
    • server not on same network segment
    • no helper address installed on the router
  • the server is unable to respond to the client
    • server process has died
    • rogue DHCP server is interfering with the response
  • the server can't allocate an IP address
    • ip address range exhausted
    • host is unknown to the server
    • IP address is already taken
    • server is mis-configured for the client

DHCP Troubleshooting

• Server side
  • /var/log/syslog or other designated log file
  • network analyzers and sniffers
• Client side
  • syslog
  • network analyzers and sniffers

DNS and DHCP

• That's All Folks!