Mariusz Pelc Systemy Operacyjne II Lato 2013
Lab #8
DNS Service
Exercise 1: Cache server configuration.
1. For this and next exercise you ll need the following programs to be installed:
a. named ßðdaemon handling DNS requests
b. nslookup ßðbind diagnostic utility, running test commands from its own command line
ßðinterface
c. dig ßðbind diagnostic utility, running test commands from shell
d. host ßðbind diagnostic utility, running test commands from shell
In all cases yum whatprovides */program_name (for example yum whatprovides */nslookup) will give
you an idea which package should be installed (hint: the three tools b-c are all available in one
package).
2. Once you install the named service, start the service
# service named start
3. The above command will trigger creation of the /etc/rndc.key file (The rndc.key file defines a
default command channel and authentication key allowing rndc to communicate
with named on the local host with no further configuration). It will not finish until you will not
guarantee that the key contains sufficient entropy. What you need to do is to randomly press keys on
the keyboard (quite many need to be pressed actually, but this is the only way for you to go) or start
moving mouse pointer on the screen (not an option for us as we have no mouse support).
4. Once the key is generated, the named process will start.
5. Now you should edit /etc/resolv.conf file and comment the line with nameserver specification (put  #
at the beginning of the line.
6. Add the following line instead
nameserver 127.0.0.1
7. As the Cache DNS server role is to pass all DNS requests to the ROOT domain servers, you ll actually not
be able to test it in the isolated labs virtual network (but you should be able to do so on your home
CentOS server if you have one) if the service does resolve names (actually, you ll think it does not, as
none of the labs servers will be able for example to ping centos-lec server). But the best way to actually
confirm it works in the Cache DNS configuration is to test the translation of the localhost name into its
IP address and the opposite. You can do it using nslookup tool:
# nslookup
> set type=any
> localhost.localdomain
--- HERE YOU LL SEE what your Cache DNS server knows about its localdomain ---
> 127.0.0.1
--- HERE YOU LL SEE the name of the 127.0.0.1 host. If this will be localhost then everything is FINE ---
> exit
The default configuration for your Cache DNS service is sufficient to resolve names as long as the root
domain servers are reachable. This should be possible in any virtual network which has access to a real
external network.
8. Stop the named service
Page 1
Mariusz Pelc Systemy Operacyjne II Lato 2013
# service named stop
Exercise 2: Custom domain DNS server
1. This part of the lab will require you to edit the original /etc/named.conf file (it is a good routine to save
configuration files before modification) and after the section:
zone "." IN {
type hint;
file "named.ca";
};
add:
zone "vhXX.comp1691.org" IN {
type master;
file "vhXX.comp1691.org";
};
where XX is your host number (similarly to the last week lab, XX is the last octet of your host computer
IP address, for host 10.0.7.14 XX=14).
2. Then create the vhXX.comp1691.org in the directory which is pointed at by the  directory setting in
your /etc/named.conf file (again, with respect to your host name) file with the following content:
Page 2
Mariusz Pelc Systemy Operacyjne II Lato 2013
@ IN SOA vhXX.comp1691.org. root.vhXX.comp1691.org. (
2012111901 ; serial
21600 ; refresh (6 hours)
3600 ; retry (1 hour)
604800 ; expire (1 week)
86400 ) ; minimum TTL (1 day)
IN NS dns.vhXX.comp1691.org.
IN A 192.168.0.XX
dns IN A 192.168.0.XX
ssl IN A 192.168.0.XX
where XX is your host number (for example, for host centos-vh11 you should vh11.comp1691.org
wherever you refer to the domain name and 192.168.0.11 wherever you refer to your host IP address).
1. Now you should edit /etc/resolv.conf file and comment the line with nameserver specification (put  #
at the beginning of the line.
2. Add the following line instead
nameserver 127.0.0.1
3. Now you should edit /etc/resolv.conf file and make sure that its content is:
domain vhXX.comp1691.org
nameserver 127.0.0.1
4. Start the named service.
5. Use the nslookup utility (then also dig and host so that you would know how these work) to test the
server configuration:
# nslookup
> set type=any
> vhXX.comp1691.org
--- HERE YOU LL SEE what your Cache DNS server knows about the vhXX.comp1691.org domain---
> dns
--- HERE YOU LL SEE what your Cache DNS server knows about the dns(.comp1691.org) computer ---
> exit
Page 3