Thursday, October 11, 2007

Understanding Domain Name System (DNS)

Domain Name System (DNS) makes it possible to refer to Internet Protocol (IP) based systems (hosts) by human-friendly names (domain names). Name Resolution is the act of determining the IP address (or addresses) of a given host name.

Benefits of DNS
  • Domain names can be logical and easily remembered.
  • Should the IP address for a host change, the domain name can still resolve transparently to the user or application.
The structure of Domain Names
  • Domain names are separated by dots, with the topmost element on the right. Eg: www.yahoo.com . IP addresses have topmost element on the left.
  • Each element may be up to 63 characters long. The entire name may be atmost 255 characters long.
  • The right most element in a domain name is called the Top-Level Domain (TLD). Referring the above example (www.yahoo.com), TLD is 'com'.
  • If a domain name is not shortened, it is called the Fully Qualified Domain Name (FQDN). For example, briefcase.yahoo.com can be specified by a machine in the yahoo.com domain as either briefcase.yahoo.com (FQDN) or as briefcase.
Host names map to IP addresses in a many-to-many relationship. A host name may have one or more IP addresses. Conversely, an IP address may have multiple host names associated with it.

Hosts that are designed to perform email routing are known as mail exchangers. These machines should have special purpose records in DNS called Mail eXchanger (MX) records. When a SMTP server or mail server, needs to send mail to a remote domain, it does a DNS lookup for the Mail Exchanger (MX) of that remote domain. A domain can and should have multiple mail exchangers. Mail that cannot be sent to one mail exchanger, can instead be delivered to an alternative server, thus providing failsafe redundancy.

Different types of Domain Name Servers
  1. Root Name server - Each top level domain (such as in,edu,com etc) has one or more root name servers which are responsible for determining where the individual records are held. These servers are fairly static and every machine on the internet has the capability of reaching any of them. A root name server is allocated like just one to three per country. For example, India has only 2 root name servers.
  2. Authoritative Name Servers - These are the servers that the Root name servers sent queries to. These servers hold the actual information on an individual domain. This information is stored in a file called a zone file. Zone files are updated versions of the original HOSTS.TXT file.
  3. Resolving Name Server - These are the servers that do most of the work when you are trying to get to a machine with a certain host name. Besides being responsible for looking up data, they also temporarily store the data for host names that they have searched out in a cache, which allows them to speed up the resolution for host names that are frequently visited.
Zone
A zone keeps the information about the domain database. It does this by maintaining two types of files:
Zone File - It is used to map host names to address, to identify the mail servers, and to provide other domain information.
Reverse Zone File - This file is responsible for mapping IP address to host names, which is exactly the opposite of what the zone file does.

Note: The zone file and the reverse zone file has to be maintained by the user.

Name Server Hierarchy
Master Name Server - Also called primary server. This contains the master copy of data for a zone.
Slave Name Server - Also known as secondary server. This provides a backup to the master name server. All slave servers maintain synchronization with their master name server.
A zone may have multiple slave servers. But there will be only one master name server per zone.

Apache : Name-based Vs IP Based Virtual Hosting

Often when, you attend interviews for network administration related jobs , the one question you may encounter while discussing about web servers is the difference between name-based and IP based virtual hosting. Here I will explain the difference between the two.

In IP-based virtual hosting, you are running more than one web site on the same server machine, but each web site has its own IP address. In order to do this, you have to first tell your operating system about the multiple IP addresses. See here configuring multiple IP addresses on a single NIC . You also need to put each IP in your DNS, so that it will resolve to the names that you want to give those addresses .

In Name-based virtual hosting, you host multiple websites on the same IP address. But for this to succeed, you have to put more than one DNS record for your IP address in the DNS database. This is done using CNAME tag in BIND. You can have as many CNAME(s) as you like pointing to a particular machine. Of course, you also have to uncomment the NameVirtualHost section in httpd.conf file and point it to the IP address of your machine.

#FILE: httpd.conf
...
NameVirtualHost 192.168.0.1
...

Setting up multiple IP addresses on a single NIC

In linux, you can bind multiple IP addresses on a single NIC. This is usually done in case you are using your linux machine as a webserver and is hosting multiple domains and you want to bind each domain to a unique IP address. This is how it is done.
Let us assume that you already have a NIC which is bound with a static IP address. Then you will have a file called /etc/sysconfig/network-scripts/ifcfg-eth0 .My ifcfg-eth0 file has the following entries:
# File: ifcfg-eth0
DEVICE=eth0
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.0.1
NETMASK=255.255.255.0
BROADCAST=192.168.0.255
NETWORK=192.168.0.0
HWADDR=00:80:48:34:C2:84
Now to bind another IP address to the same NIC, I create a copy of the above file ifcfg-eth0 and name it as ifcfg-eth0:1
# cd /etc/sysconfig/networking-scripts
# cp ifcfg-eth0 ifcfg-eth0:1
Now just change the values of the DEVICE and IPADDR in the file as follows:
# File: ifcfg-eth0:1
DEVICE=eth0:1
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.0.5
NETMASK=255.255.255.0
BROADCAST=192.168.0.255
NETWORK=192.168.0.0
HWADDR=00:80:48:34:C2:84
And lastly, restart the networking service. If you are using RedHat, then it is as simple as :
# service network restart

How to install a Network card in linux

There are different ways of installing a network card in linux - and that too depending on the linux distribution that you are using. I will explain each one of these methods here.
1) The Manual method
First open the computer case and insert the network card into an empty PCI slot. Then boot up your machine to load linux. In linux login as root and then navigate to the directory /lib/modules/kernel_version_number/net/ . Here you will find the modules supported by your system. Assuming that you have a 3Com ethernet card, in which case, the module name is 3c59x , you have to add this in the /etc/modules.conf file to let the machine detect the card each time the machine boots.
#File: /etc/modules.conf
alias eth0 3c59x
Note: If you have only one network card, it is known by the name eth0, the succeeding network cards in your computer go by the name eth1, eth2 ... and so on.
Now you have to load the module into the kernel.
root# /sbin/insmod -v 3c59x
Next configure an IP address for the network card using ifconfig or netconfig or any other method if your machine gets its IP address from a DHCP server. Eg:
root# ifconfig eth0 192.168.1.5 netmask 255.255.255.0 broadcast 192.168.1.255
2) The Easy way
RedHat/Fedora distributions of linux ships with Kudzu a device detection program which runs during systems initialization (/etc/rc.d/init.d/kudzu). This can detect a newly installed NIC and load the appropriate driver. Then use the program /usr/sbin/netconfig to configure the IP address and network settings. The configuration will be stored so that it will be utilized upon system boot.


How to Assign an IP address

Computers may be assigned a static IP address or assigned one dynamically (via DHCP). Here I will explain the steps needed to assign an IP address to your NIC.
Choose one of the following methods:

=> Dynamic Host Configuration Protocol (DHCP) is a protocol used by networked computers (clients) to obtain IP addresses and other parameters such as the default gateway, subnet mask, and IP addresses of DNS servers from a DHCP server.
Command line :
/sbin/ifconfig eth0 192.168.1.3 netmask 255.255.255.0 broadcast 192.168.1.255
GUI tool : You can use the GUI tool /usr/bin/neat - Gnome GUI network administration tool. It handles all interfaces and configures for both static assignment as well as dynamic assignment using DHCP.

Console tool : /usr/sbin/netconfig (Only seems to work for the first network interface eth0 but not eth1,...)

The ifconfig command does NOT store this information permanently. Upon reboot this information is lost. (Manually add the commands to the end of the file /etc/rc.d/rc.local to execute them upon boot.) The command netconfig and /usr/bin/neat make permanent changes to system network configuration files located in /etc/sysconfig/network-scripts/ , so that this information is retained.
The Red Hat configuration tools store the configuration information in the file /etc/sysconfig/network. They will also allow one to configure routing information.
# File: /etc/sysconfig/network
# Static IP address Configuration:
NETWORKING=yes
HOSTNAME=my-hostname # Hostname is defined here and by command hostname
FORWARD_IPV4=true # True for NAT firewall gateways and linux routers. False for
# everyone else - desktops and servers.
GATEWAY="XXX.XXX.XXX.YYY" # Used if your network is connected to another
# network or the internet.

# Gateway not defined here for DHCP.

# Or for DHCP configuration: in the same file /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=my-hostname # Hostname is defined here and by command hostname
# Gateway is assigned by DHCP.
# File: /etc/sysconfig/network-scripts/ifcfg-eth0
# Static IP address configuration:
DEVICE=eth0
BOOTPROTO=static
BROADCAST=XXX.XXX.XXX.255
IPADDR=XXX.XXX.XXX.XXX
NETMASK=255.255.255.0
NETWORK=XXX.XXX.XXX.0
ONBOOT=yes
# OR for DHCP configuration:
DEVICE=eth0
ONBOOT=yes
BOOTPROTO=dhcp
Used by script /etc/sysconfig/network-scripts/ifup to bring the various network interfaces on-line.
To disable DHCP change BOOTPROTO=dhcp to BOOTPROTO=none
In order for updated information in any of these files to take effect, one must issue the command:
root# service network restart