for an university project I try to copy the complete DNS Hierarchy into a few Docker Container.
To create a DNS Server in a container and get a valid DNS response is no problem anymore. But I've discovered problems as I try to make iterative queries.
The final version should work like this:
Client1 ask Resolver1 about hello.example.com
Instead to ask the DNS Root servers in the internet, the resolver is configured to ask my local server root1 about the ".com"-Zone.
root1 should now respond with the ip of root2 which is responsible for the .com-Zone
Resolver1 now asks root2 about hello.example.com.
root2 answers with the ip of root3 which is responsible for the "example.com"-zone.
Resolver1 now asks root3 about hello...., gets the right ip and send it back to client1
The complete Network has no internet connection.
I already reached the possibility to create a delegated sub-domain. But this is done with the root1 as slave for the ".com"-Zone. So this is not iterative, because root1 receives a copy of root2 zone file and with this is able to answer the DNS-request itself without the help of root2.
Atm im not sure which kind of server I need. The most google results I receive are the "autoritative-only DNS Server". But is this really the right kind of server for a Root-DNS-Server?
My main problem is to inform the "."-Zone DNS where he can find the server with the ".com"-Zone on it. In which configuration file i need to specify this?
I use bind for the DNS
Thanks and best regards
Franz
Found the answer:
In the name.conf use the type "forward".
e.g. for the .com auth server:
zone "example.com" in {
type forward;
forwarders {<ip of auth server for example.com zone>;};
};
Related
In this moment, I am learning how the DNS and domains resolutions work and I have a question.
Let's take a.test.com for example.
As I understand it, first of all, the intermediary ISP DNS server is called. If it has the domain IP in cache, it returns it. Otherwise, it does consecutively these following tasks :
It calls a root DNS server which returns a com DNS server IP
It calls that top level DNS server which returns the test.com DNS server IP
It calls that DNS server to finally get a.test.com's IP
Is it correct ?
And now what does it happen when we resolve a.b.c.test.com ?
Does it call another DNS server or does the c.test.com's DNS server contain the a.b.c.test.com's IP ?
Thanks
Yes, you are pretty much correct. Nothing different will happen in next steps: c.test.com will respond with a referral to more authoritative server (the one for b.c.test.com), or if itself is authoritative then it will respond with an answer.
My Oracle 11.2 database schema has a scheduled job that queries a webpage on my website every few minutes. The database and web servers are two physical Linux machines that sit next to each other and have local IP addresses 192.168.0.11 (database) and 192.168.0.12 (web server). There is a RJ-45 cable cross-connect that directly links the two servers on the same subnet.
If I enter the web address http://xxx.xxx.xxx.xxx/path/to/webpage where xxx.xxx.xxx.xxx is the external IP address, things work fine. Things also work well if I replace xxx.xxx.xxx.xxx with www.mydomain.com.
However, I'm thinking it should be much more efficient if I could re-write xxx.xxx.xxx.xxx as 192.168.0.12 thinking that this would avoid having the request go out on the internet and come back, but rather stay on the same subnet to get to the webpage (thus saving time and resources).
req := UTL_HTTP.BEGIN_REQUEST('http://192.168.0.12/path/to/webpage');
When I try that, I get a 404 error, which makes me think it didn't get to the right webpage.
Can I keep the query on the same subnet by modifying the hosts file or some other way?
My current hosts file already contains an alias for the email server, that is:
192.168.0.12 mail.mydomain.com
If I also include the web address such as
192.168.0.12 mail.mydomain.com www.mydomain.com
would that keep the database on the same subnet when accessing the website? Or will it still leave the subnet to get there? Also, will it confuse things now that I've got two aliases (e.g. one for the database to send emails and one for the database to access webpages)?
I am not sure I would add "192.169.0.12 mail.mydomain.com www.mydomain.com" if that is not the proper IP for the host. That might only make things more confusing.
Assuming that you can ping 192.168.0.12 from the DB server, make sure that your Web Server is listening on the 192.168.0.12 address as well. It could be listening only on the external IP address, in which case, it will return HTTP 404 to every request on the 192.168.0.12 IP/interface.
On Apache, the httpd.conf file would have
listen xxx.xxx.xxx.xxx:80
which would make it listen on the external IP only.
Please note that if the purpose of your HTTP requests is to test the web server availability, you may be better of leaving things as they are. The external test is much more compreheensive than a local one could ever be.
Short Question:
Is it possible that example.com points to an IP address, but example.com/something points to another IP?
More Details:
example.com was previously hosted with my client's host company. I have designed a new website for them and now host it myself (by pointing their IP to mine). They are now letting me know that there used to be a sub-directory where another application was hosted under. It would take me a while to re-install that application in the new host, I was just wondering if it'd be possible to serve any request to that sub-directory through the old host/IP.
That's not possible. Resolving the host (example.com) is a separate task (DNS query) from connecting to the http server (HTTP connection) that the host points to. None of the URL, except for the hostname, is queried via DNS so there is no way that DNS can be made to behave differently based on other parts of the URL as it doesn't see it.
A subdomain is part of the hostname and that's why www.example.com and www1.example.com can point to different addresses. If you need to have www.example.com/something go elsewhere, you'll need to use HTTP redirects.
Reading a lot about servers, load balancing and similar topics, a question came to mind.
DNS servers are servers which gives you the IP for a given domain name. Is there a "dictator" knowing all the valid DNS servers in the world? If I want to make a DNS server, and someone requests a website it doesn't have. How would it know which other DNS to redirect the request to? What if I tell facebook.com to have a spoof IP, and everyone getting the IP from my DNS server would be communicating with a spoof facebook server? Obviously, this isn't how it works (at least not at a big degree), because then someone would have done it already to attack hundreds of people.
When one registers a domain, one has to specify the name server for that domain. What happens during this process? Is a request sent to this DNS server to notify it there is a new domain to save in the database? If so, how can anyone own the top domains like .com? And why cannot I for example make my own top domain name if I can make my own DNS server?
After looking at nginx as a load balancing system, I'm starting to wonder a bit. Is it so that a request to http://www.google.com/ works like this? The computer asks a DNS server for the IP address for google.com, and then requests it? This will only be one IP, and all requests to Google ends up at this one server? And then this IP will be connected to a nginx server, or a more basic hardware unit to route the request internally to other servers? So all requests go to one server before it redirects the request to a data center?
After looking up google.com, it says the name servers are ns1.google.com etc.. But what is the point of them, if you need a different name server to get to ns1.google.com in the first place?
Obviously what I've written doesn't make sense, because if it were true, the web as a whole would be unusable because of people exploiting the possibilities for malicious causes. And I can't imagine how ONE server could handle ALL the requests thrown at google.com.
I've tried searching Google, but all I get is theoretical explanations that led me to where I am now. It would have been great if someone would point me to some articles that explain this thoroughly, and hopefully a lot of other people will find this question useful.
Anyone can run a DNS server, but the challenge is getting someone to use it. Normally the DNS server IP is provided as a DHCP option or is statically assigned. If you can get someone to use your server, you can return any IP for any hostname, including creating new top-level domains (subject to any filtering at the client, of course. Web browsers might have difficulty with a new TLD, for example). Note that with DNSSEC, this will eventually change, as the name record will be digitally signed and your server won't be able to fake the signature exactly.
DNS servers operate in a tree. When one server receives a request for a domain it does not control, it forwards the request on to another DNS server. The other DNS server may be the one which returns the IP (this is called the authoritative server), or it may return a NS record which points to another server which then must be queried. The DNS root servers provide for resolving TLDs.
A DNS server does not need to always return the same IP for a given name. It may choose to return a different IP based on region, client IP, or even per-request. This is the most typical way to load balance. Multiple DNS servers can also load balance the DNS requests by using anycast routing, where many servers share the same public IP and traffic is routed to them randomly by publishing multiple routes for the same IP.
I manage a web site that used to be hosted on Server A. I gave clients a subdomain url that pointed to this server, e.g. app1.example.com
I have moved my web site to a new server, Server B. I changed the IP address of app1.example.com (via the domain name host company) to point to the new server and this worked ok, for me at least. However, I have one client that is still getting directed to the old server.
When I get the client to ping app1.example.com it is trying to ping the old Server A. When I do a ping I get the correct Server B.
I am assuming that the reason for this is that the client must have the IP address cached somewhere. What do I need to tell the client? Would it be to run ipconfig /fluchdns or is the solution going to be more complicated?
The time taken for the DNS records to update over the internet can be anything upto 48 hours.
How long ago did you make the switch to the new server?
If you need them to be able to access it immediatly ask them to edit there DNS record if it is possible. Else you will just need to wait for the DNS update to go through.
It's most likely not the client's fault. There are a lot of ISPs out there whose DNS server reloading intervals are quite long. It can take more than a day hours until a new name server entry is populated to all DNS servers. If it's very urgent, you could tell your client to add an entry to their hosts file.