Differences
This shows you the differences between two versions of the page.
|
scgc:laboratoare:01 [2018/02/27 17:47] victor.ciurel Minor consistency changes |
scgc:laboratoare:01 [2021/10/27 14:07] (current) maria.mihailescu |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ====== Laboratory 01. DNS ====== | + | ====== Naming Services: DNS ====== |
| ===== Lab Setup ===== | ===== Lab Setup ===== | ||
| - | * We will be using two virtual machines in the [[http://cloud.curs.pub.ro/|faculty's cloud]]. | + | * We will be using two virtual machines in the [[http://cloud.grid.pub.ro/|faculty's cloud]]. |
| - | * When creating a virtual machine follow the steps in this [[https://cloud.curs.pub.ro/about/tutorial-for-students/|tutorial]]. | + | |
| * Create two VMs (one will be our DNS master server and one will be our DNS slave server) | * Create two VMs (one will be our DNS master server and one will be our DNS slave server) | ||
| * When creating a virtual machine in the Launch Instance window: | * When creating a virtual machine in the Launch Instance window: | ||
| * Select **Boot from image** in **Instance Boot Source** section | * Select **Boot from image** in **Instance Boot Source** section | ||
| - | * For the master VM select **Debian 8.6** in **Image Name** section | + | * For the master VM select **Debian 10.3** in **Image Name** section |
| * For the slave VM select **Centos 7** in **Image Name** section | * For the slave VM select **Centos 7** in **Image Name** section | ||
| + | * Select the **m1.small** flavor for both VMs. | ||
| + | * The usernames for connecting to the VMs are: | ||
| + | * ''debian'' for **Debian 10.3** | ||
| + | * ''student'' for **CentOS 7** | ||
| * For ease of use we recommend adding entries in the ''/etc/hosts'' file corresponding to the slave and master VMs | * For ease of use we recommend adding entries in the ''/etc/hosts'' file corresponding to the slave and master VMs | ||
| * ''<ip_master> master'' | * ''<ip_master> master'' | ||
| Line 122: | Line 125: | ||
| It is noteworthy, that dig and host do not use ''/etc/nsswitch.conf'' for querying DNS servers and they do not use the system's DNS resolver, which is usually a library. We can see this from the following commands: | It is noteworthy, that dig and host do not use ''/etc/nsswitch.conf'' for querying DNS servers and they do not use the system's DNS resolver, which is usually a library. We can see this from the following commands: | ||
| <code> | <code> | ||
| - | root@master:~# strace -e open host acs.pub.ro | + | root@master:~# strace -e openat host acs.pub.ro |
| [...] | [...] | ||
| - | open("/etc/resolv.conf", O_RDONLY) = 6 | + | openat(AT_FDCWD, "/etc/resolv.conf", O_RDONLY) = 6 |
| acs.pub.ro has address 141.85.227.151 | acs.pub.ro has address 141.85.227.151 | ||
| acs.pub.ro mail is handled by 10 mx.acs.pub.ro. | acs.pub.ro mail is handled by 10 mx.acs.pub.ro. | ||
| [...] | [...] | ||
| - | root@master:~# strace -e open ping -c 1 acs.pub.ro | + | root@master:~# strace -e openat ping -c 1 acs.pub.ro |
| [...] | [...] | ||
| - | open("/etc/resolv.conf", O_RDONLY|O_CLOEXEC) = 4 | + | openat(AT_FDCWD, "/etc/resolv.conf", O_RDONLY|O_CLOEXEC) = 4 |
| - | open("/etc/resolv.conf", O_RDONLY|O_CLOEXEC) = 4 | + | openat(AT_FDCWD, "/etc/resolv.conf", O_RDONLY|O_CLOEXEC) = 4 |
| - | open("/etc/nsswitch.conf", O_RDONLY|O_CLOEXEC) = 4 | + | openat(AT_FDCWD, "/etc/nsswitch.conf", O_RDONLY|O_CLOEXEC) = 4 |
| [...] | [...] | ||
| - | open("/etc/host.conf", O_RDONLY|O_CLOEXEC) = 4 | + | openat(AT_FDCWD, "/etc/host.conf", O_RDONLY|O_CLOEXEC) = 4 |
| - | open("/etc/hosts", O_RDONLY|O_CLOEXEC) = 4 | + | openat(AT_FDCWD, "/etc/hosts", O_RDONLY|O_CLOEXEC) = 4 |
| - | open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 4 | + | openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 4 |
| - | open("/lib/x86_64-linux-gnu/libnss_dns.so.2", O_RDONLY|O_CLOEXEC) = 4 | + | openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libnss_dns.so.2", O_RDONLY|O_CLOEXEC) = 4 |
| - | open("/lib/x86_64-linux-gnu/libresolv.so.2", O_RDONLY|O_CLOEXEC) = 4 | + | openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libresolv.so.2", O_RDONLY|O_CLOEXEC) = 4 |
| PING acs.pub.ro (141.85.227.151) 56(84) bytes of data. | PING acs.pub.ro (141.85.227.151) 56(84) bytes of data. | ||
| - | open("/etc/hosts", O_RDONLY|O_CLOEXEC) = 4 | + | openat(AT_FDCWD, "/etc/hosts", O_RDONLY|O_CLOEXEC) = 4 |
| 64 bytes from acs.pub.ro (141.85.227.151): icmp_seq=1 ttl=62 time=0.688 ms | 64 bytes from acs.pub.ro (141.85.227.151): icmp_seq=1 ttl=62 time=0.688 ms | ||
| Line 196: | Line 199: | ||
| type master; | type master; | ||
| file "/etc/bind/db.scgc.ro"; # zone file path | file "/etc/bind/db.scgc.ro"; # zone file path | ||
| - | } | + | }; |
| </file> | </file> | ||
| Line 290: | Line 293: | ||
| Now we should be able to test our DNS server. We will be using //host//, however feel free to use //dig// or any other command to test your server: | Now we should be able to test our DNS server. We will be using //host//, however feel free to use //dig// or any other command to test your server: | ||
| <code> | <code> | ||
| - | root@master:~# host www.scgc.ro 10.9.107.151 | + | root@master:~# host www.scgc.ro localhost |
| Using domain server: | Using domain server: | ||
| Name: 10.9.107.151 | Name: 10.9.107.151 | ||
| Line 297: | Line 300: | ||
| www.scgc.ro has address 10.9.107.151 | www.scgc.ro has address 10.9.107.151 | ||
| - | root@master:~# host -t ns scgc.ro 10.9.107.151 | + | root@master:~# host -t ns scgc.ro localhost |
| Using domain server: | Using domain server: | ||
| Name: 10.9.107.151 | Name: 10.9.107.151 | ||
| Line 304: | Line 307: | ||
| scgc.ro name server ns1.scgc.ro. | scgc.ro name server ns1.scgc.ro. | ||
| - | root@master:~# host ns1.scgc.ro 10.9.107.151 | + | root@master:~# host ns1.scgc.ro localhost |
| Using domain server: | Using domain server: | ||
| Name: 10.9.107.151 | Name: 10.9.107.151 | ||
| Line 315: | Line 318: | ||
| Now let's try to query from outside the server. We will test that the **slave** VM will receive the same response(replace with the appropriate name and IP address): | Now let's try to query from outside the server. We will test that the **slave** VM will receive the same response(replace with the appropriate name and IP address): | ||
| <code> | <code> | ||
| - | [root@slave ~]# host www.scgc.ro 10.9.107.151 | + | [root@slave ~]# host www.scgc.ro master |
| Using domain server: | Using domain server: | ||
| Name: 10.9.107.151 | Name: 10.9.107.151 | ||
| Line 341: | Line 344: | ||
| <code> | <code> | ||
| - | root@master:~# host google.com 10.9.107.151 | + | root@master:~# host google.com localhost |
| Using domain server: | Using domain server: | ||
| Name: 10.9.107.151 | Name: 10.9.107.151 | ||
| Line 355: | Line 358: | ||
| google.com mail is handled by 20 alt1.aspmx.l.google.com. | google.com mail is handled by 20 alt1.aspmx.l.google.com. | ||
| - | [root@slave ~]# host google.com 10.9.107.151 | + | [root@slave ~]# host google.com master |
| Using domain server: | Using domain server: | ||
| Name: 10.9.107.151 | Name: 10.9.107.151 | ||
| Line 386: | Line 389: | ||
| <code> | <code> | ||
| - | [root@slave ~]# host google.com 10.9.107.151 | + | [root@slave ~]# host google.com master |
| Using domain server: | Using domain server: | ||
| Name: 10.9.107.151 | Name: 10.9.107.151 | ||
| Line 408: | Line 411: | ||
| === 4.1 [10p] Setup master DNS server === | === 4.1 [10p] Setup master DNS server === | ||
| - | Configure a DNS server on the client VM similarly to the master VM server, which will answer for queries about ''lab1.scgc.ro''. Your DNS zone must have at least an A record and a NS record for this exercise. | + | Configure a new DNS zone on the master VM similarly to the previous one, which will answer for queries about ''lab1.scgc.ro''. Your DNS zone must have at least an A record and a NS record for this exercise. |
| === 4.2 [10p] Zone transfer === | === 4.2 [10p] Zone transfer === | ||
| Line 414: | Line 417: | ||
| The slave VM has a Centos 7 operating system, which has some differences in the setup of the DNS server. | The slave VM has a Centos 7 operating system, which has some differences in the setup of the DNS server. | ||
| - | To install the *bind* use the following command: | + | To install **BIND** use the following command: |
| <code> | <code> | ||
| yum install bind | yum install bind | ||
| Line 421: | Line 424: | ||
| On Red-Hat-based distributions bind will have the following characteristics: | On Red-Hat-based distributions bind will have the following characteristics: | ||
| - | * Service name: ''named'' | + | * Service name: **named** |
| - | * Main configuration and zone names file: ''/etc/named.conf'' | + | * Main configuration and zone names file: **/etc/named.conf** |
| - | * Default zone file location: ''/var/named/'' | + | * Default zone file location: **/var/named/** |
| In order to transfer the zone from the master server, we need to make the following configurations: | In order to transfer the zone from the master server, we need to make the following configurations: | ||
