old.ispa.org.za
Download
Report
Transcript old.ispa.org.za
DNS Workshop
Mark Elkins
A founding member and Technical Director of UniForum SA,
Author of the COZA DNS System,
Owner of Posix Systems - a 'Large', 2nd tier ISP,
..and has been around playing with the Internet
before it was commercially available in South Africa.
[email protected]
Why DNS
"
An IP Address has 2^32 or over 4 billion permutations
"
Names are easier to remember
"
HOSTS files are not scalable
"
Traffic load
"
Name collisions
"
Consistancy
One Machine with one IP address can have many different
names (Virtual Web Server)
"
DNS is Scalable
"
It Works (usually)
"
Can be fault tolerant
"
DNS allows for downward delegation of responsibility
Using BIND
"
Berkeley Internet Name Domain software - Versions
"
Example Lookup
www.posix.co.za
"
Nameserver Types
"
None
"
Cache Only
"
Secondary
"
Primary
'.' + 'za' + 'co' + 'posix' + 'www'
Setting up your own Zone
Comments
; /etc/ns.d/db.pearce.co.za
; Last Update: mje99!mje ttyp2 : 21 Aug 02 15:07
;
; Don't forget to change the serial Number whenever any of the files
; are changed! The format is YYYYMMDD??
Timeouts and authorities
$TTL 864000
@ IN SOA
mje99.posix.co.za. dns-admin.posix.co.za. (
2002082100 ; Serial number
864000
; Refresh after 10 days (secs)
36000
; Retry after 10 hours
3600000
; Expire after 42 days
864000 )
; Minimum TTL 10 days
Setting up your own Zone
Nameservers
IN
NS
IN
NS
IN
MX
0
IN
MX
10
IN
A
mje99.posix.co.za.
secdns1.posix.co.za.
Mail Exchangers
mercury.pop.co.za.
secdns1.posix.co.za.
IP for the Zone
160.124.208.1
Other Information
localhost
ftp
webftp
www
IN
IN
IN
IN
A
A
A
A
127.0.0.1
160.124.208.1
160.124.208.1
160.124.208.1
Named.conf entries
Primary entry
zone "pearce.co.za" {
type master;
file "db.pearce.co.za";
};
Secondary entry
// Added 2002-06-06 18:17:18 (Thu)
zone "pearce.co.za" {
type slave;
file "posix/sec/db.pearce.co.za";
masters {
160.124.48.1;
};
};
Setting up a Reverse Zone
; /etc/ns.d/db.160.124.49
; Last Update: mje99.posix.co.za!mje ttyp9 : 29 Apr 98 16:50
;
; Don't forget to change the serial Number whenever any of the files
; are changed! The format is YYYYMMDD??
$TTL 864000
@
IN SOA
2001022809
864000
36000
3600000
864000 )
mje99.posix.co.za. dns-admin.posix.co.za. (
; Serial number
; Refresh after 10 days (secs)
; Retry after 100 mins
; Expire after 42 days
; Minimum TTL 10 days
IN
IN
NS
NS
mje99.posix.co.za.
secdns1.posix.co.za.
0
IN
PTR
posix.co.za.
10
11
12
IN
IN
IN
PTR
PTR
PTR
headmaster.entrepreneurship.co.za.
tux.ukusiza.co.za.
ecom.e-way.co.za.
Named.conf Reverse entries
Primary
zone "49.124.160.in-addr.arpa" {
type master;
file "db.160.124.49";
};
Secondary
zone "49.124.160.in-addr.arpa" {
type slave;
file "posix/sec/db.160.124.49";
masters {
160.124.48.1;
};
};
CO.ZA Form (Part 1)
Form Header
UNIFORUM S.A.
COZA Registration Office
Last Change - 02 September 1998
Domain
1a. Complete domain name: pearce.co.za
1b. Action - [N]ew, [U]pdate, or [D]elete (N/U/D) : N
Registrant and Billing
2a. Domain Owner: Gary Pearce
2b. Owner Postal address: P.O. Box 77305 Eldoglen 0171
2c. Owner Street address: 8 Shilling Close, Eldoglen, Centurion
2d. Cost of this application (150 + 50/0): 200
2e. On [A]ccount, [I]nvoice me or [C]heque on its way (A/I/C): I
2f. Organisation to be billed or account no. : Gary Pearce
2g. E-Mail address to send invoice to: [email protected]
2i. Inv. Addr: P.O.Box 77305 Eldoglen 0171
2j. Owner Phone No.: 082 440 9635
2k. Owner Fax No. : 012 658 0294
2l. Owner e-mail : [email protected]
CO.ZA Form (Part 2)
Admin Contact
4a. Name (last, first): Pearce, Gary
4b. Title/position: Owner
4c. Organisation: Private
4d. Postal Address: P.O.Box 77305 Eldoglen 0171
4e. Phone Number: 082 440 9635
4f. Fax Number: 012 658 0294
4g. Email address: [email protected]
4h. NIC assigned Handle (if known):
Technical Contact
5a. Name (last, first): Elkins, Mark
5b. Title/position: Director
5c. Organisation: Posix Systems (Pty) Ltd
5d. Postal Address: P.O. Box 73892, Lynnwood Ridge, 0040
5e. Phone Number: 012 807 0590
5f. Fax Number: 012 807 5324
5g. Email address: [email protected]
5h. NIC assigned Handle (if known): MJE
Nameservers
6a. Primary server FQDN: mje99.posix.co.za
6b. Primary server IP address: 160.124.48.1
6e. Secondary server FQDN: secdns1.posix.co.za
6f. Secondary server IP address: 160.124.112.10
CO.ZA technical limitations
"
One application per e-mail
"
Application must be ASCII
"
No Word/DOC, UU/Base-64/HTML Encoding
"
Don't do ORG.ZA domains - only CO.ZA
"
Need a Domain Name, only a Domain Name.
Up to 30 Chars
"
"
No Naked Hyphens
"
No double Hyphens (Multi-language)
"
All needed fields are supplied
"
E-mail fields must look like valid e-mail addresses
"
Phone Numbers must look like phone numbers
"
IP Addresses must be valid
"
Nameservers must be valid
"
Nameserver must have a reverse
"
Nameservers must be reachable
"
Cross check between Zone and Nameservers must work
Potential Changes to COZA
"Removal of MX entries
"Glue - a Sticky problem
"
Pre-Registration of NameServers - the .COM way
A Pro's & Cons
"
Registration of Nameservers in a Domain
A Pro's & Cons
"
Restriction to the CO.ZA Zone
A Only use 'registered' nameservers
Odds & Ends
"Recursive search for Glue
rat.co.za --> ns.v-e-s.com & ns1.v-e-s.com ==> No A Records
v-e-s.com --> ns1.rat.co.za & ns2.rat.co.za ==> No A Records (recently
changed to ...is.co.za)
"Nameserverless domains
globe --> ns.dragon-dbn.co.za. & ns2.dragon-dbn.co.za.
....but there is no 'dragon-dbn.co.za'
Summary
:Why
DNS?
:DNS
is scalable
:Using
BIND
:Setting
up your own Zone
:named.conf
:Setting
entries
up a Reverse Zone
:CO.ZA application
:CO.ZA technical
:Changes
:Odds
limitations
to how CO.ZA works
and Ends