AIX 5L Configuring TCP/IP (Unit 08 – Part 2) – Domain Name System (DNS)

Setting Up the Secondary Name Server
———————————————————-
Create “named” control file
Create local IP zone fileCreate cache file
Create /etc/resolv.conf
Start “named” daemon
-BIND4 uses /etc/named.boot
-BIND8 uses /etc/named.conf

Zone Transfer – Zone files are transfered from the Primary to the Secondary.

Secondary “named” Control File
————————————————
# pg /etc/named.boot

Type Domain IP Address Filename
—————- —————————- —————- —————————-
directory /etc
secondary dc.ibm.com 9.19.98.1 named.dc.bak
secondary 98.19.9.in-addr.arpa 9.19.98.1 named.revip98.bak
secondary 99.19.9.in-addr.arpa 9.19.98.1 named.revip99.bak
primary 0.0.127.in-addr.arpa named.local
cache . named.ca

Local IP Zone File
————————–
# pg /etc/named.local

@ IN SOA sys6.dc.ibm.com. root.sys6.dc.ibm.com. (
1.0 ; Serial
10800 ; Refresh
..

Cache File
—————-
# pg /etc/named.ca
. 99999999 IN NS sys99.ibm.com
sys99.ibm.com. 99999999 IN A 9.19.93.99

Final Secondary Name Server Setup Steps
—————————————————————-
Change the host name to the fully qualified domain name
# smit hostname
Create /etc/resolv.conf
# vi /etc/rc.tcpip
– Uncomment line to start named
# startsrc -s named

Secondary Name Server Files
——————————————–
/etc/named.boot (main configuration file with names of all other files)
/etc/named.revip99.bak* (reverse IP name resolution file)
/etc/named.revip98.bak* (reverse IP name resolution file)
/etc/named.dc.bak* (forward IP name resolution file)
/etc/named.ca (cache file – where do I go if there is no local cache file)
/etc/resolv.conf (to be able to act as a client also)
/etc/named.local (local loopback file)

* Downloaded from the primary name server and stored as backup files.

Caching-Only Name Servers
——————————————
A method of spreading out the workload from the Primary and Secondary servers to a set of cache servers which access the Primary and Secondary Servers. The clients will be configured to access the cache servers.

No Zone Files for Caching-Only Name Servers.

# pg /etc/named.boot

directory /etc
Type Domain Filename
————- —————————– ———————-
primary 0.0.127.in-addr.arpa named.local (local IP zone file)
cache . named.ca (cache)

Forwarder Name Server
———————————–
To allow a local server access beyond a firewall using a Forwarder Name Server.
The Forwarder Name Server handles all of the requests for name resolutions to high authoritative servers for the local server behind the fire wall.

Uses for Forwarder Servers
—————————————-
Environments isolated from the Internet:
– Firewalled networks
– Networks with unregistered IP addresses
Intermittently-connected networks, for example, dial:
– Forwarder server has faster Internet access
Local server may be slave (get from Forwarder only)

Setting Up the Client
——————————-
Change the host name to the fully qualified domain name
Create /etc/resolv.conf

Creating /etc/resolv.conf on the Client
——————————————————-
# vi /etc/resolv.conf
domain dc.ibm.com
nameserver 9.19.98.1
nameserver 9.19.99.6

Controlling the named Daemon (Server)
———————————————————
startsrc -s named (start the daemon)
stopsrc -s named (stop the daemon)
refresh -s named (Reread database after changes)
kill -2 (Dump the active database)

Active Database Dump Example
————————————————
see slide in student notes

Adding a Host to the Domain
——————————————–
UPdate name zone file
– Add host entry A record
– Add any optional records that is, CNAME
– Increase serial value in SOA record
Update IP zone file
– Add IP address entry PTR record for each interface
– INcrease serial value in SOA record
Refresh named

nslookup
—————
Queries domain name servers
Responds similarly to the host command
Two modes
– Interactive
– Noninteractive
Troubleshooting tool (Main use)

Noninteractive Queries
———————————-
# nslookup sys3
Server: sys1.dc.ibm.com (Name Server)
Address: 9.19.98.1

Name: sys3.dc.ibm.com (Resolution)
Address: 9.19.98.3

# nslookup -querytype=ANY dc.ibm.com
see addition notes

Interactive Queries
——————————
# nslookup
Default Server: sys1.dc.ibm.com
Address: 9.19.98.1
> sys3 (prompt for server)
Server: sys1.dc.ibm.com
Address 9.19.98.1
Name: sys3.dc.ibm.com
Address: 9.19.98.3

> ls dc.ibm.com >> files
> ls -t any dc.ibm.com
> exit

Debugging with nslookup
————————————-
# nslookup
> set d2 (goto diagnostic level 2) (set nodebug to get out of that mode)
> sys3
Gives Info going out and info coming back

Unit Summary
———————-
The name server provides a distributed database that other systems query to perform name resolution
The named daemon runs on the name servers
/etc/resolv.conf defines domain and name servers on clients
nslookup queries name servers for information

Exercise 8: Configuring a Domain Network
—————————————————————–
Setup Primary Name Server sys3
# hostname
sys3
# hostname sys3.dc.ibm.com (Use smit to make permanent)
sys3.dc.ibm.com
# vi /etc/named.boot
directory /etc/dns
primary dc.ibm.com named.dc (zone file)
primary 98.19.9.in-addr.arpa named.revip98
primary 99.19.9.in-addr.arpa named.revip99
primary 0.0.127.in-addr.arpa named.local
save

mkdir /etc/dns
cp /etc/hosts /etc/hosts.bak (make backup of hosts file)
cat /etc/hosts
vi /etc/hosts
9.19.99.5 sys5
save

Use AIX scripts to generate zone files
/usr/samples/tcpip/hosts.awk /etc/hosts > /etc/dns/named.dc
/usr/samples/tcpip/addrs.awk /etc/hosts > /etc/dns/named.revip98
/usr/samples/tcpip/addrs.awk /etc/hosts > /etc/dns/named.revip99
ls /etc/dns (show 3 zone files)
cd /etc/dns
vi named.dc
setup sys4 on a different network as a name server
save

Edit the first reverse name file
vi named.revip98
9999999 IN NS sys4.dc.ibm.com.
delete loopback entry
delete the enteries that are not part of the 98.19.9
delete the 98.19.9 from each remaining line (address is autoappended)
save

Edit other reverse name file
vi named.revip99
9999999 IN NS sys4.dc.ibm.com.
delete loopback entry
delete the enteries that are not part of the 99.19.9
delete the 99.19.9 from each remaining line (address is autoappended)
save

Create named.local from scratch
cp named.revip99 named.local (to copy the SOA start of authority)
vi named.local
1 IN PTR localhost. (make sure that you have the ending dot)
save

smitty hostname
Set Host Name
HOSTNAME: sys3.dc.ibm.com
execute

Set self up to act as a client
vi /etc/resolv.conf
nameserver 0.0.0.0 (Refers to self as primary server)
domain dc.ibm.com
nameserver 9.19.99.4 (setup secondary server)
save

Start up the named daemon
startsrc -s named (or us the smit path below)
smitty tcpip
Further Configuration
Server Network Services
Other Available Services
named Subsystem
Start Using the named Subsystem
BOTH

lssrc -s named (check to make sure it is active)

Setup sys2 as the client
cp /etc/hosts /etc/hosts.bak
vi /etc/hosts
Comment out entries in the /etc/hosts file so that we know that it goes throught the name server instead of the /etc/hosts file. (Leave sys2 loopback and interface)
host sys3 (hosts sys3 does not exist)

smitty hostname (fully qualified)
set hostname: sys2.dc.ibm.com (fully qualified host name)

smitty tcpip
Further Configuration
Name Resolution
Domain Nameserver
Create new file
Nameserver: 9.19.98.3
domain: dc.ibm.com
execute
cat /etc/resolv.conf
Add a name server: 9.19.99.4
cat /etc/resolv.conf

ping loopback (test talking to ourselves)
ping sys3
ping sys4
host 9.19.99.1 (gives name resolution)
host sys5
Name servers is working

Setup Secondary Name Server (sys4)
vi /etc/named.boot
directory /etc/dns
secondary dc.ibm.com 9.19.98.3 named.dc.bak
secondary 98.19.9.in-addr.arpa 9.19.98.3 named.revip98.bak
secondary 99.19.9.in-addr.arpa 9.19.98.3 named.revip99.bak
primary 0.0.127.in-addr.arpa named.local
save

mkdir /etc/dns
vi /etc/dns/named.local
@ IN NS sys4.dc.ibm.com.
1 IN PTR localhost.
save

cp /etc/hosts /etc/hosts.bak
vi /etc/hosts
remove hosts execute our own loopback and interface
save

Setup hostname as fully qualified
smitty hostname
sys4.dc.ibm.com

Act as a client
vi /etc/resolv.conf
nameserver 0.0.0.0
domain dc.ibm.com
nameserver 9.19.98.3 (primary name server)
save

Start the named
smitty tcpip
Further Configuration
Server Network Services
Other Available Services
named Subsystem
Start Using the named Subsystem
BOTH

lssrc -s named (check for active)
ls (should see the zone files as .bak files)

Return to local sys2
vi /etc/resolv.conf
change order of nameservers so that the secondary is the primary
save

Test name resolution
host 9.19.99.4
host 9.19.98.3
host sys98r

Use nslookup
nslookup -querytype=ANY dc.ibm.com | more

Non-interactive mode
nslookup sys5

Interactive mode
nslookup
> sys99r
> 9.19.98.3
> ls dc.ibm.com
> ls -t any dc.ibm.com (similar to -querytype=ANY above)
> set d2 (debug mode)
> sys5
> set nodebug
> exit

Dump memory of the Name Server
Change to sys3
ps -ef | grep named
kill -2 18600 (dump to a file)
more /var/tmp/named_dump.db (look at the dump)
cd /var
find . -name “*dump” | more (find the dump file)

Conversion from BIND4 to BIND8
BIND8 is better and used more
stopsrc -s named
Switch executable
cd /usr/samples/tcpip
chmod u+x named-bootconf.pl (add executable authority to the script)
./named-bootconf.pl /etc/named.boot > /etc/named.conf
more /etc/named.conf (structure is different having stanzas)
mv /etc/named.boot /etc/named.boot.bak
ls /usr/sbin/name*
ls -l /usr/sbin/name* (long listing)
symbolic link
rm /usr/sbin/named (removes the symbolic link)
rm /usr/sbin/named-xfer (remove symbolic link)
ls -l /usr/sbin/nsupdate
rm /usr/sbin/nsupdate (remove symbolic link)
ln -s named8 named (create new symbolic link)
ln -s named8-xfer named-xfer (create new symbolic link)
ln -s nsupdate8 nsupdate (create new symbolic link)

lssrc -s named (inactive)
startscr -s named (start daemon) (failed – links in the wrong directory)
pwd
/usr/samples/tcpip
ls name*
ls -l
cd /usr/sbin (move to the correct directory)
ln -s named8 named (create new symbolic link)
ln -s named8-xfer named-xfer (create new symbolic link)
ln -s nsupdate8 nsupdate (create new symbolic link)
startscr -s named (start daemon)
lssrc -s named (check for active)

Move to sys2
vi /etc/resolv.conf
reverse the order of the name servers again
save

host sys5
nslookup (using sys3 as server)
> exit

Unconfigure environment to use /etc/hosts file
stopsrc -s named
mv /etc/resolv.conf /etc/resolv.conf.bak (no longer using the name server)

Move to sys3
stopsrc -s named

Move to sys2
mv /etc/hosts.bak /etc/hosts
cat /etc/hosts

ping sys4
ping sys99r
host 9.19.99.4
No using the flat file /etc/hosts

Leave a Reply

Your email address will not be published. Required fields are marked *

*