Linux Operations and
Administration
Chapter Eleven
Domain Name System
Objectives
• Describe Domain Name System and how it relates
to the Internet
• Install and configure Berkeley Internet Name
Daemon (BIND)
• Check the status of a DNS server via the command
line
• Identify zones and describe the elements in a zone
file
• Explain how the different types of resource records
affect zones
Linux Operations and Administration
2
Introduction to Domain Name System
• Name server
– A central database that translates names to IP
addresses (or IP addresses to names)
– Simplified network management dramatically
– This method worked for local networks, but not for
resources on the Internet
• Resource record
– A file containing resource information or
characteristics about a zone or domain
Linux Operations and Administration
3
DNS on the Internet
• Internet’s Domain Name System (DNS)
– Associates an IP address (such as 204.21.112.110)
with an actual name (such as server1)
– Network resources can be accessed by easy-to
remember names
• Berkeley Internet Name Daemon (BIND)
– Usually carries out translation for DNS
– Open-source software containing DNS protocols
needed to resolve hostnames to IP addresses
Linux Operations and Administration
4
DNS on the Internet (cont’d.)
• Goal of DNS is to decentralize administration
– DNS is a distributed and hierarchical database
– Allows controlling DNS management locally
• Local DNS server
– Can handle cached hostname requests
– Doesn’t contain information on every hostname on
the Internet
– Forwards requests for unknown hostnames to a
forwarder
Linux Operations and Administration
5
DNS on the Internet (cont’d.)
• Forwarder
– A type of DNS server
– Forwarder’s job is to handle off-site requests
generated at the system known as “localhost”
• Caching
– A feature that stores DNS queries on the local site
for fast hostname–to–IP address resolution
• Local administrators can manage local DNS
servers
Linux Operations and Administration
6
DNS on the Internet (cont’d.)
• Root DNS servers
– Centrally controlled public DNS servers
– Control the Internet’s top-level domains (TLDs)
• Table 11-1
– Describes some of the most recognizable top-level
domains
Linux Operations and Administration
7
DNS on the Internet (cont’d.)
Table 11-1 Common top-level domains
Linux Operations and Administration
8
DNS on the Internet (cont’d.)
• DNS database is structured as an inverted tree
–
–
–
–
Also known as domain namespace
Root at top of the tree
TLDs beneath it
Nodes (leaves) of the tree are called domains and
have labels
• Such as .gov for U.S. government domain
– Domain names are derived from node labels
– Each level of hierarchy is separated by dots in
domain name
Linux Operations and Administration
9
DNS on the Internet (cont’d.)
Figure 11-1 The DNS structure
© Cengage Learning 2013
Linux Operations and Administration
10
Installing BIND
• Installing BIND is similar to installing Apache Web
Server
• YaST Software Management is used to install the
DHCP and DNS Server pattern
– Installs:
• All the necessary DNS modules, such as BIND
• BIND documentation files
• DNS Server Configuration utility
Linux Operations and Administration
11
Installing BIND (cont’d.)
• BIND documentation files
– Found in
/usr/share/doc/packages/bind/arm/
directory
– Consist of eight chapters
• Activity 11-1: Installing BIND
– Install BIND and other DNS-related packages
Linux Operations and Administration
12
Configuring BIND
• BIND
– Requires no further configuration after being
installed in openSUSE
– Runs as a daemon known as named
• Pronounced “name-dee,” not “named”
• named.conf
– Main BIND DNS configuration file
– Found in /etc directory
Linux Operations and Administration
13
Configuring BIND (cont’d.)
• To start the named daemon (BIND):
– Use rcnamed start command
• Table 11-2
– Describes common commands for determining the
daemon’s status
• Options to edit named.conf file
– Use a text editor, such as vim
– Use YaST DNS module
• Available after you install BIND
Linux Operations and Administration
14
Configuring BIND (cont’d.)
Table 11-2 Common named commands
Linux Operations and Administration
15
Configuring BIND (cont’d.)
• To start YaST DNS module
– Use yast2 dns-server command
• Requires root privileges
• DNS Server Installation Wizard
– Opens the first time you start the module
– Enables you to add forwarders
– Expert mode
• Available after you step through the basic settings
• For more advanced configuration tasks
Linux Operations and Administration
16
Configuring BIND (cont’d.)
Figure 11-2 The DNS Server
Installation Wizard
© Cengage Learning 2013
Linux Operations and Administration
17
Forwarder
• Can have up to three forwarders in DNS
configuration
– These servers enable you to:
• Forward unresolved queries to an off-site DNS server
• Cache results on your local DNS server
Linux Operations and Administration
18
Forwarder (cont’d.)
• First time you configure a DNS server, the
forwarder list is empty
– Forwarder declaration in /etc/named.conf file is,
by default, a commented line; for example:
#forwarders { 192.0.2.1; 192.0.2.2; };
– Deleting # symbol adds the two servers (192.0.2.1
and 192.0.2.2 in example) to forwarder list
Linux Operations and Administration
19
DNS Zones
• Zone
– A portion of the DNS namespace
• Zone file
– Stores the data for a zone
• Master name server
– An authoritative name server that stores the primary
copies of zone records
Linux Operations and Administration
20
DNS Zones (cont’d.)
• Slave name server
– Also known as a secondary name server
– Maintains a copy of master zone file that’s used as a
backup
– Provides redundancy if master name server is
unavailable
Linux Operations and Administration
21
DNS Zones (cont’d.)
• Entries in zone file
– Line 1
• Time-to-live (TTL) entry
– Line 2
• Start of Authority (SOA) resource record
– Line 3
• Serial number
– Line 4
• Refresh rate
Linux Operations and Administration
22
DNS Zones (cont’d.)
– Line 5
• Retry rate
– Line 6
• Expiration entry
– Line 7
• Negative TTL entry
– Line 8
• NS resource record
Linux Operations and Administration
23
MX RR
• Identifies mail servers (mail exchangers) for a zone
• Table 11-3
– Describes fields in MX RR
• Example:
Linux Operations and Administration
24
MX RR (cont’d.)
Table 11-3 MX resource record fields
Linux Operations and Administration
25
A RR
• A (address) RR
– Most common resource record
– Used to resolve a hostname to an IPv4 address for
locating a resource
• Table 11-4
– Describes fields in the A RR
• Example:
Linux Operations and Administration
26
A RR (cont’d.)
Table 11-4 A resource record
Linux Operations and Administration
27
PTR RR
• PTR (pointer) RR
– Used to resolve an IPv4 address to its hostname
– Performs the reverse of what an A RR does
• Table 11-5
– Describes fields in the PTR RR
• Example:
Linux Operations and Administration
28
PTR RR (cont’d.)
Table 11-5 PTR resource record
Linux Operations and Administration
29
CNAME RR
• CNAME (canonical name) RR
– Enables you to create an alias for a host
• Table 11-6
– Describes fields in the CNAME RR
• Example:
Linux Operations and Administration
30
CNAME RR (cont’d.)
Table 11-6 CNAME resource record
Linux Operations and Administration
31
Expert Configuration Mode
• Final window in DNS Server Installation Wizard
– Option to open DNS port in your firewall
– Option to start DNS server automatically at bootup
• After completing DNS Server Installation Wizard
– Whenever you open the DNS module, you’re in
expert configuration mode
Linux Operations and Administration
32
Start-Up
• Settings under Start-Up window
– Whether DNS starts automatically when the server
starts or must be started manually
– Firewall settings, such as opening the firewall port to
allow remote computers to access DNS service
– Stop, start, and reload DNS server
Linux Operations and Administration
33
Start-Up (cont’d.)
Figure 11-3 The Start-Up window
© Cengage Learning 2013
Linux Operations and Administration
34
Forwarders
• Forwarders window
– Used for the same task as in DNS Server Installation
Wizard
• Adding IP addresses to the list of forwarder servers
Linux Operations and Administration
35
Basic Options
• Basic Options window
– Displays options that have already been defined for
the zone
• Ways to add options:
– Use Basic Options window
• If you use this window, information is updated in
/etc/named.conf file automatically
– Edit /etc/named.conf file
• Table 11-7
– Describes the options that can be added or modified
Linux Operations and Administration
36
Basic Options (cont’d.)
Figure 11-4 The Basic
Options window
© Cengage Learning 2013
Linux Operations and Administration
37
Basic Options (cont’d.)
Table 11-7 Settings in the Basic Options window
Linux Operations and Administration
38
Basic Options (cont’d.)
Table 11-7 Settings in the Basic Options window (continued)
Linux Operations and Administration
39
Logging
• Logging window
– Can be used to configure logging options for DNS
server
– By default, DNS server sends log data to the
systemwide log file /var/log/messages
– Additional Logging section
• Log All DNS Queries option
• Log Zone Updates option
• Log Zone Transfers option
Linux Operations and Administration
40
Logging (cont’d.)
Figure 11-5 The Logging window
© Cengage Learning 2013
Linux Operations and Administration
41
Access Control List (ACL)
• Access Control List (ACL) window
– Used by BIND administrators to control who can
perform operations on the name server
• When creating an ACL, you must:
– Give it a unique name
– Specify an IP address under Value heading
Linux Operations and Administration
42
Access Control List (ACL) (cont’d.)
• When creating an ACL, the IP address must be:
– Enclosed by braces
– End with a semicolon
– Example:
{ 204.21.112.24; }
Linux Operations and Administration
43
TSIG Keys
• Transaction signatures
– Used to secure communication between two servers
• Usually between DHCP and DNS servers
• Ways to generate keys for this signature:
– TSIG Keys window
– dnssec-keygen command
Linux Operations and Administration
44
TSIG Keys (cont’d.)
• Activity 11-2: Configuring BIND
– Review settings in the /etc/named.conf file and
configure a BIND server with the DNS Server
Installation Wizard
• Activity 11-3: Creating a Resource Record in YaST
– Use the YaST DNS Server module to create a
resource record
Linux Operations and Administration
45
TSIG Keys (cont’d.)
Figure 11-6 An A resource record added to the master zone file
© Cengage Learning 2013
Linux Operations and Administration
46
Summary
• Domain Name System (DNS)
– Translates domain names and hostnames to IP
addresses
– A distributed and hierarchical database
– Allows controlling DNS management locally
• BIND
– Open-source DNS server software
• Local DNS sites can forward DNS queries to a
forwarder DNS server
– It forwards the request to an off-site DNS server
Linux Operations and Administration
47
Summary (cont’d.)
• DNS structure is viewed as an inverted tree
• Main DNS configuration file is named.conf file in
the /etc directory
• YaST DNS module is included with DNS
installation and is used to configure DNS servers
• DNS zone file is a text file that stores resource
records and other data for a zone
• Expert configuration mode for YaST DNS module
gives access to more advanced configuration tasks
Linux Operations and Administration
48
© Copyright 2026 Paperzz