DNS

From belajarwiki
Jump to navigation Jump to search

The Domain Name System (DNS) is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities. Most prominently, it translates more readily memorized domain names to the numerical IP addresses needed for locating and identifying computer services and devices with the underlying network protocols. By providing a worldwide, distributed directory service, the Domain Name System has been an essential component of the functionality of the Internet since 1985.

The Domain Name System delegates the responsibility of assigning domain names and mapping those names to Internet resources by designating authoritative name servers for each domain. Network administrators may delegate authority over sub-domains of their allocated name space to other name servers. This mechanism provides distributed and fault-tolerant service and was designed to avoid a single large central database.

The Domain Name System also specifies the technical functionality of the database service that is at its core. It defines the DNS protocol, a detailed specification of the data structures and data communication exchanges used in the DNS, as part of the Internet Protocol Suite.

The Internet maintains two principal namespaces, the domain name hierarchy[1] and the Internet Protocol (IP) address spaces.[2] The Domain Name System maintains the domain name hierarchy and provides translation services between it and the address spaces. Internet name servers and a communication protocol implement the Domain Name System.[3] A DNS name server is a server that stores the DNS records for a domain; a DNS name server responds with answers to queries against its database.

The most common types of records stored in the DNS database are for Start of Authority (SOA), IP addresses (A and AAAA), SMTP mail exchangers (MX), name servers (NS), pointers for reverse DNS lookups (PTR), and domain name aliases (CNAME). Although not intended to be a general purpose database, DNS has been expanded over time to store records for other types of data for either automatic lookups, such as DNSSEC records, or for human queries such as responsible person (RP) records. As a general purpose database, the DNS has also been used in combating unsolicited email (spam) by storing a real-time blackhole list (RBL). The DNS database is traditionally stored in a structured text file, the zone file, but other database systems are common.

Instalasi

BIND (Berkeley Internet Name Domain) adalah implementasi dari protokol DNS. Cara instalasi 

  sudo apt install bind9 bind9utils bind9-doc

Konfigurasi file lokal 

  sudo vi /etc/bind/named.conf.local

Di file ini kita bisa tambahkan forward dan revese zone (asumsi subnet 192.168.1.0/24) dari sebuah domain, contoh 

  zone "server.kampus.ac.id" {
      type master;
      file "/etc/bind/zones/db.kampus.ac.id";   # zone file path
      allow-transfer { 10.128.20.12; };         # ns2 private IP address - secondary
  };

  zone "1.168.192.in-addr.arpa" {
      type master;
      file "/etc/bind/zones/db.192.168.1";   # 192.168.1.0/24 subnet
      allow-transfer { 10.128.20.12; };      # ns2 private IP address - secondary
  };
Buat forward zone file
  sudo mkdir /etc/bind/zones
  cd /etc/bind/zones
  sudo cp ../db.local ./db.kampus.ac.id
  sudo vi /etc/bind/zones/db.kampus.ac.id

Ubah menjadi 

  $TTL    604800
  @       IN      SOA     localhost. root.localhost. (
                    3     ; Serial
               604800     ; Refresh
                86400     ; Retry
              2419200     ; Expire
               604800 )   ; Negative Cache TTL
  ;
  ; name servers - NS records
       IN      NS      ns1.contohdns.com. 

  ; name servers - A records
  ns1.contohdns.com.          IN      A       192.168.1.103

  ; 192.168.1.0/16 - A records
  www.contohdns.com.           IN      A      192.168.1.103
  contohdns.com.               IN      A      192.168.1.103
  
  ; Email
  contohdns.com                IN      MX 10  contohdns.com
Buat reverse zone file
  cd /etc/bind/zones
  sudo cp ../db.127 ./db.192.168
  sudo vi /etc/bind/zones/db.192.168

Ubah menjadi 

  $TTL    604800
  @       IN      SOA     localhost. root.localhost. (
                                3         ; Serial
                           604800         ; Refresh
                            86400         ; Retry
                          2419200         ; Expire
                           604800 )       ; Negative Cache TTL
  ; name servers
        IN      NS      ns1.contohdns.com.
        IN      NS      ns2.contohdns.com.

  ; PTR Records
  10.1 IN      PTR     ns1.contohdns.com.    ; 192.168.1.103
  10.1 IN      PTR     www.contohdns.com.    ; 192.168.1.103
  10.1 IN      PTR     contohdns.com.        ; 192.168.1.103
Cek konfigurasi
  sudo named-checkconf

Cek zone tertentu 

  sudo named-checkzone kampus.ac.id db.kampus.ac.id
  sudo named-checkzone 168.192.in-addr.arpa /etc/bind/zones/db.192.168


Lakukan restart jika sudah OK 

  sudo service bind9 restart
  sudo systemctl start bind9


Pralana Menarik

Referensi

Retrieved from "https://kontenbelajar.com/wiki/index.php?title=DNS&oldid=202"