LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   DNS server questions (https://www.linuxquestions.org/questions/linux-networking-3/dns-server-questions-188144/)

link1305 05-31-2004 05:03 PM
DNS server questions
 
I've been reading a book called "Linux Administration: A Beginners Guide", and I have a few questions, specifically about DNS servers.

From the explanation in the book I seem to get that a DNS server is useful on your network when it hosts all the DNS information about YOUR network/servers/domain, to the outside world. The book did not mention anything about running a server similar to the kind, say my ISP runs.

All my computers have static IP's, so I manually assign then the address of my ISP's DNS server. I was wondering if I could run the BIND software so it essentially copies my ISP's or any DNS server. So therefore I could assign MY servers address to all the computers on my network for DNS lookup, instead of having to go to my ISP.

BTW, this book is a GREAT resource, expecially for beginners.

Looking_Lost 05-31-2004 05:18 PM
If you have bind installed from your disks it's probably set up to run outright as a caching server or they'll probably be an optional name_caching rpm or something like that on one of your disks which you could install. Fire up bind on one of your computers, tell the other computers to use that one for dns and you should have what I think you're wanting.

InEeDhElPlInUx 05-31-2004 08:28 PM
Maybe I'm not understanding the question very well buy why not just set up NAT. You really want to have a few different levels that your DNS servers (I'm going to make this very basic...). Your DNS should be resolving any machine on your internal network and should only be accessible by machines on your internal network. You should have DNS pointing to any "master" DNS servers...if your a sub domain and your DNS should also be set up so that if you can't resolve anything from your internal network (example www.google.com shouldn't be in your DNS entrys) that it will look to another outside NS.

link1305 05-31-2004 08:59 PM
Hmmmmmmm....perhaps I misunderstood the DNS system...I thought that the "master" servers (such as those at my ISP) kept track of all the domains. But I think I understand what you're saying...DNS servers only keep track of what network they're in charge of...and they just go to other servers if they want to know information about other networks.

I guess I was thinking about for example, a big company which has it's own DNS server on it's network for it's clients to use, in case the ISP's goes down or so not as much bandwidth is used, ect. So that isn't really an "independent" server, even though it would be designated as a primary server? It has to contact other DNS servers anyway?

chort 05-31-2004 09:20 PM
Bah, this whole thread is being confused by people who didn't understand the question or simply don't understand DNS. Here's how it works:

In DNS there is a concept of "authority" and another concept called "recursion". Authority is what tells you whether you have found a definitive answer or not. An authoritative server is one that is authorized to give out final answers about a particular zone. Note that it's entirely possible for the same server to be authoritative about some zones, but not others (in fact, that's true the vast majority of times--except for the ROOT servers).

Recursion is passing on a DNS request to deeper and deeper levels of the hierarchy until the final answer is found. This means that a client resolver can make a request to it's preferred DNS server. The preferrered DNS server first looks in it's cache to see if the answer is already stored there (if it is, that answer is returned). If the answer is for a zone that the DNS server has authority for, it will be marked as the "authoritative" answer. If not it will state "non-authoritative" and it might possible give a pointer to where the authoritative server may be found.

If the answer is not in the cache, the DNS server checks it's own zones to see if it has a local answer. If it does, this is an "authoritative" answer because it's a zone that the DNS server hosts. Note: authority has nothing to do with whether that DNS server is a "master" or a "slave". Usually there is only one "master" server per zone, but there could be many slaves that synchronize their zones with the master. Although they're slaves, they still have authority since they're answering from zones they host.

Last, if the answer is not found in either the cache or a local zone and if "recursion" is allowed, the DNS server will send a query to the ROOT servers to see how it should resolve the request. The ROOT servers will give an answer of where to find the TLD (Top Level Domain, i.e. the right-most domain) authority. The DNS server will then query the authoritative server for the TLD to find out where it should get an answer about the 2nd level domain (second from the right), and so on until it finds the server that is authoritative for the left-most domain. Once it gets the final answer, it will return that to the requesting client.

So the answer to your question is that you absolutely can setup a DNS server on your own network that will let you point all your local machines to use it for DNS queries. Any DNS server that has a copy of the ROOT DNS servers list and allows recursive queries can serve that purpose. In fact, you don't even need to host any zones of your own to perform recursive DNS queries. This is what is referred to as a "caching-only" DNS server, because it does lookups on behalf of clients and "caches" the results, so if it gets the same query again in a short period of time, it can return the answer it already has instead of fetching it again.

link1305 05-31-2004 10:13 PM
Thank you, that was the answer I was looking for! Now...I assume I can accomplish this with BIND...Getting the ROOT server list and all? I guess the question is whether it would be practical. Would this root server list take up exhorbitant amounts of memory/hard drive space?

chort 05-31-2004 11:06 PM
There are only 13 ROOT name servers, so it takes up a tiny fraction of your memory to load the list. You should already have the ROOT servers file if you've installed BIND. It's generally somewhere in /var/named and it's called something like named.root, root.hint, hints, or something similar. You can also fetch it from ftp://FTP.INTERNIC.NET/domain/named.root .

If your distro has a package for "caching-only nameserver" or "DNS cache server" or something like that, install that package and you should be ready to go. Generally you can run rndc status to confirm that named is running.

Looking_Lost 06-01-2004 01:48 AM
THe original qes
Quote:
ah, this whole thread is being confused by people who didn't understand the question or simply don't understand DNS. Here's how it works

The original question was about as clear as muddy pool of water.


All times are GMT -5. The time now is 02:14 PM.