CS312 Networking

Lab 5

 
The Domain Name Service and the Berkeley Internet Name Domain (BIND)
Lab report due on April 30.
 
After completing this lab you should be able to configure a primary name server on a Linux machine.
 
BIND is the name of the implementation that is most commonly used for DNS servers on UNIX systems.  It can be installed in Windows as well as Unix environments.  The most widely used reference is DNS and BIND by Albitz and Liu, published by O’Reilly. DNS is divided into two parts, a "resolver" that forms the query and a "name server" that answers the questions. Each client has a resolver in its library that it can call to get name to address translations. Typically there will only be a few devices that are set up to be name servers in each domain and one of them is designated as the primary. The BIND name server runs a process called "named"(name-D).  

Setting up the local network

In order to use DNS, we will need to configure a DNS name server and configure the hosts in our lab to use that name server to obtain information on names. To start we need to create a local network of machines that can be reached by name as well as address.
 
Connect the 4 PCs to the switch and give them addresses according to the following table
 
PC1    10.165.10.11/23
PC2    10.165.10.12/23
PC3    10.165.10.13/23
PC4    10.165.10.14/23
 
Confirm that your network is correct by checking to see that you can ping each of the devices and the router from each machine.  Now connect the switch into the wall port labeled D49.  Set the gateway router for each of the devices to be 10.165.10.1  (route add <int> default gw <address> ).
 
Log onto the PC that is on the left side of the table and ping machines on your network.  (You can ping from a PC by selecting “Start”, “Run” and then typing cmd to bring up a command window.  From there you can use the ping command as with Linux.)
 
 Be sure that your network connectivity is correct before continuing. 

Configuring the DNS Server for netlab.csbsju.edu 

We will establish PC4 as our nameserver.  On PC4, check to see if a name server is currently running by entering:
 
ps -e |grep named (pronounced name-D)
 
The ps –e will generate a list of all processes running on the machine, the “|” then feeds that information into the next command.  “grep” is a command to grab regular expressions.  In this case, we are asking it to grab all lines that have “named” in them.
 
If a name server is running, it will respond with something like:  
 
  1965 ?        0:00 named
 
If it shows that a name server is running we need to kill the process by typing:
 
/etc/rc.d/init.d/named stop
 
Check to see if the process is still running; if it is, try:
 
kill -9 <pid>
 
Where <pid> is the number of the process (e.g. 1965)
 
If multiple entries are returned, try killing off the lowest numbered process and then check again to see if a name server is running and repeat the process.
 
Note: Anytime you make changes to the DNS files, you may have to kill and restart the DNS server in order for it to reread the files.
 
We will need to edit files on PC4. Open up a text editor such as gedit.
 
SETTING UP THE DIRECTORY
 
The common method of setting up a DNS server is to use a set of example files (templates) and modify them as needed.  In this case, the template files are in the /var/Examples directory.   
 
Open up a terminal window and change to the directory /var
 
Copy the files from the Examples subdirectory to the /var/named/ directory using the command:
 
      cp Examples/* named
 
DO NOT CHANGE ANY OF THE FILES IN THE EXAMPLES DIRECTORY!!!  
 
You will now modify the files in the /var/named/ directory to establish PC4 as a name server.
 
Background information:
 
Comments are identified by a ";".  Anytime you see a semicolon, it indicates that the system will ignore the rest of the line.  
 
RR stands for resource record.   
IN stands for Internet. It is the most common type of record
SOA stands for Source of Authority
 
MODIFYING THE FILES
 
To set up a name server we need to modify/create 5 files
 
named.conf        tells the name server where to look for other files
db.netlab.csbsju.edu    maps names to IP addresses for our domain
db.127.0.0       maps localhost to 127.0.0.1  
db.localhost    maps 127.0.0.1 to the name localhost
db.x.x.x          maps IP addresses to names for network x.x.x
root.ca           tells the name server where to find root servers
 
All activities should take place in the /var/named/ directory. We will first create the named.conf file.  Note that in this file “;” cannot be used to denote comments.  Instead, use either the # or C-style comments ( /* something something */).   
 

A.    The named.conf file

 
Open the file called named.conf.master using the editor.  The named.conf file points to sources of information.  We wish to include 5 entries.  
 
1. Identify the directory where the key files are kept.  We do this with an entry of:  
 
options {  
      directory"/var/named/";       
};

2. Identify the file where the records are kept for the netlab domain
 
zone "netlab.csbsju.edu" {  
      type master;  
      file  "db.netlab.csbsju.edu";  
};

3. Identify the file where the reverse lookup information is kept (to get a name from an IP address).
 
zone "10.165.10.in-addr.arpa" in {  
      type master;  
      file  "db.10.165.10";  
};
Note: 10.165.10 is the reverse address of the network Replace the 10.165.10 with the address of the network you are defining (in both the zone name and in the file name).(Note: The zone address is actually written in reverse order but because our address is 10.165.10, it looks the same.)   
 
4. Identify the file where the resolution of the localhost address is kept.  
 
zone "0.0.127.in-addr.arpa" in {  
      type master;  
      file  "db.127.0.0";  
};

5. Identify the file that holds the addresses of the root domain servers so  
that we can initialize our cache (Note the dot represents the root domain)
 
zone "." {  
      type hint;  
      file  "named.ca";
};

After entering these items in the named.conf.master file (in the /var/named/ directory), and commenting out any other entries, save the file.  When the named process starts, it checks the /etc directory for this information, so we need to actually move the file to the /etc/ directory. Move the file to the /etc directory with the command:
 
mv named.conf.master  /etc/named.conf   (note the change in name!)

B.    named.ca  

You can look at the named.ca file to see what the resource records look like, but do not change this file. In this file, records are listed in pairs.  There are 13 root name servers identified.
For example:
 
.                       3600000  IN  NS   A.ROOT-SERVERS.NET.
A.ROOT-SERVERS.NET.     3600000      A     198.41.0.4
 
This is an entry for a root server. The information has a time to live of
3600000 seconds, (this data never changes).  It is an internet resource
record(IN). It is a Name server type (NS) type.  The name of the server is  
A.ROOT-SERVERS.NET.
Note the . at the end of the name is important as it identifies the complete
name and not a relative name (similar to / in the path in the file system).
The next line identifies the A.ROOT-SERVERS.NET. as having an address (A) of
198.41.0.4. Again the time to live for this information is a long time!

 C. db.127.0.0 

Next open db.127.0.0 with the editor.
 
This file will be set up to resolve the address 127.0.0.1 which always points to the host itself.
 
The first entry $TTL states how long this information is good for (in seconds).
 
The next line of the information identifies who is the source of authority for doing the resolution and the email (must be a valid login) for the person in charge.
Change the entry to define PC4.netlab.com. as the authority and root as the designated person:
 
0.0.127.in-addr.arpa. IN SOA  PC4.netlab.csbsju.edu. root.netlab.csbsju.edu. (
 
Take special note of the trailing dot. It is ESSENTIAL in all of the files or your name server will not work correctly (like the / for the root directory).
 
Update the serial number to something higher than it currently is.  A common technique is to use the yearmonthday2digitnumber (2009041301). The program will know that this information is more recent by comparing serial numbers with information that it has in cache.
 
The other fields specify various time intervals.  The refresh tells other (slave) name servers how long the information is good.  The retry tells slave name servers how often to try to connect to the primary name server if it is unable to reach it.  The expire tells the slave name servers to consider the information obsolete if it has not been able to connect to the primary name server in the time specified.   
 
Change the last two pieces of information to reflect that the nameserver (NS) is PC4.netlab.com. (Be sure to include the period) and that the 127.0.0.1 is the localhost. (Be sure to include the period)
 
Save and close this file.

D. db.x.x.x

Next open the db.110.176.100 file.  This file is used to translate IP addresses into names.  Again change the SOA record so that PC4 is the authority.  Update the serial number as well.  Comment out or erase the entries that are not relevant for our site.
 
Add the following entries:
 
1. An entry that identifies PC4 as the nameserver for a network
2. Entries that identify the IP addresses for all the netlab machines (including PC4) (These are pointer records that point to a name).  
 
All entries have the following format:
 
<reverseaddress>.in-addr.arpa.    IN      PTR     machinename.netlab.csbsju.edu.
 
For example, you may have an entry such as:
 
 2.100.10.in-addr.arpa.       IN      NS      PC4.netlab.csbsju.edu.
//Change the numbers to match your network!)
 
 
Save this file as db.x.x.x where the network number replaces the x.x.x (Be sure it is the same as what you put as the file name for the named.conf)

E.  db.mycompany.com

This is the main file for identifying names to addresses.
 
Change the Source of Authority as in other files
 
Add an entry that identifies PC4 as the nameserver for the netlab domain
 
 netlab.csbsju.edu.         IN      NS           PC4.netlab.csbsju.edu.
 
Add entries of type A(for address) for the machines on your network.
 
We can also add cname entries that map an alias name to a standard name. For
example we could map the name ns1 to PC4 with the entry:
 
ns1.netlab.csbsju.edu.           IN      CNAME      PC4.netlab.comcsbsju.edu.
 
This is commonly done to map webservernames (e.g. www.csbsju.edu) to a server.
Feel free to map an alias to any machine.

Save this file as db.netlab.csbsju.edu

Configuring the DNS Client 

Each of the 4 machines will need to know the address of the nameserver.  This is done by creating a file, /etc/resolv.conf.  For our simple setup, this file should contain one line:
 
nameserver    <address_of_nameserver>
 
where <address_of_nameserver> is replaced by the IP address of our nameserver (10.165.10.14).
(Don’t replace the word nameserver with anything)

Testing 

Now that we have completed the update of the files, we need to test to see if it works.
 
Start the name server on PC4 by entering  /etc/rc.d/init.d/named start on the command line.
 
This should start up the process.  Check to see if the process is running using the ps command as earlier (It may show multiple processes now running).
If the process is does not seem to start up, try the command:
 
tail -10 /var/log/messages
 
This will display the last 10 lines of the error messages from the system --which may include errors encountered when the named tried to start up.  If there are errors, fix your files so that named starts up correctly.
 
Test your setup by trying to ping the machines by name: e.g. ping PC3.netlab.csbsju.edu   Be sure that this works before continuing on.
 
Next start nslookup in a terminal window and enter in machines and web addresses that are outside of CSBSJU. Be sure that this works before continuing on.
 
Next, log into the Windows PC (not part of our lab setup). Check to see if you can ping to one of the machines on your network by name. 
 
Start nslookup on the Windows PC (from the Start/Run/cmd window)   In your report, provide the name of the nameserver used by this PC, nslookup will tell you.
 
Check to confirm that you can resolve names and addresses for the netlab domain (e.g. lookup machines by entering a name of a machine and also by entering an address of a machine).
 
Finally, start up Internet explorer on one of your machines and see if it can find addresses of places (note that it will be using YOUR name server).

Next, start wireshark on PC4.  Try a couple of exotic addresses.  See how many recursive queries are sent out to get an answer.  Show your result.
 
When you are done, disconnect the network remove the networking information from the machines that you entered.   
Delete the files that you modified in /var/named.  Also remove the named.conf file from the /etc directory. Do not remove directories!  In particular, don't remove the Examples subdirectory. Write a brief summary of your experience and the results of your tests.