Implementing DNS

How to Understand and Implement DNS in a Multi-Vendor, Commercial Environment

You will learn:

    • Install and build BIND & Microsoft DNS
    • Set-up DNS Clients
    • Configure a DNS server on your chosen platform.
    • Create master zone files for forward and reverse lookups.
    • Delegate domain name space to sub-domains.
    • Interrogate the DNS system using dig, hosts and nslookup.
    • Debug DNS configurations.
    • Set-up Master, Slave, Caching only, and forwarding DNS servers.
    • Configure basic DNS security.
    • Troubleshoot DNS.
    • Set-up DNS servers on the Internet.

DNS Course Benefits

DNS is probably one of the most crucial applications on the modern Internet. Without it the names we commonly use to refer to servers, web-sites, e-mail servers and so on would not exist.

Despite DNS being in wide-spread use across the Internet, it is often misunderstood and incorrectly configured. This course teaches the operation and management of DNS in detail.

Course Contents

History of Naming Services

  • TCP/IP Recap
  • The Internet
  • HOSTS.TXT
  • Introduction of DNS
  • Other name services (NIS, WINS, LDAP)

The Domain Name System

  • Domain names
  • FQDN
  • The DNS hierarchy
  • The DNS root
  • Domains & subdomains
  • DNS Resolvers
  • DNS Servers
  • Resolving a domain name

Configuring DNS Clients

  • UNIX & Linux
  • The service switch file
  • resolv.conf
  • Windows NT, 2000 & .NET
  • The local domain name
  • The domain search list
  • Defining DNS nameservers
  • Configuring DNS using DHCP
  • Basic tools; nslookup, dig & hosts
  • Network capture of DNS

DNS Server Basics

  • DNS Server operation
  • DNS Resource Records
  • Master zone files
  • Master & Slave Name Servers
  • Zones and delegation
  • Zone Transfers
  • DNS Query Types
  • Caching Resource Records
  • Forwarding and Slave Servers

Configuring a DNS Server

  • Basics - software configuration
  • Basics - create master files
  • BIND server configuration
  • Creating master files in BIND
  • Basic Resource Records
  • SOA, A, PTR, CNAME, MX, HINFO
  • loopback, localhost zones
  • The root hints or cache file
  • Configuring MS DNS Server
  • Creating Zones in MS DNS
  • Adding RR in MS DNS
  • Basic BIND options
  • Basic MS DNS options
  • Monitoring DNS

DNS Basic Security

  • Keeping up to date
  • Multiple DNS servers
  • Using firewalls/filters
  • BIND ACLs
  • Securing Recursive queries
  • Securing Zone Transfers
  • Split horizons
  • DNS and firewalls

Dynamic DNS

  • The operation of DDNS
  • NOTIFY messages
  • Configuring DDNS
  • Incremental Zone transfers
  • Integration with DHCP
  • DDNS in Active Directory
  • DDNS Security issues

DNS TSIG

  • TSIG background
  • Configuration of TSIG

DNSSEC

  • Cryptographic techniques
  • DNSSEC RR Types
  • DNSSEC chains of trust
  • Creating keys
  • Signing Zones with DNSSEC
  • Using the key
  • Resigning a Zone

DNS and Active Directory

  • Active Directory basics
  • Domain names
  • AD Domain controller RRs
  • DNS as a service locator
  • Secure dynamic updates
  • Migrating from BIND to MS DNS

DNS & IPv6

  • AAAA, PTR, A6 & DNAME RRs
  • ip6.arpa. & ip6.int.
  • A6 chains
  • IPv6 in BIND and MS DNS

Practical Work

Practicals are run on a mixture of Linux and Windows, platforms. Delegates will have the opportunity to choose their preferred platform when booking.

Hands-On includes:

  • Installing and building BIND
  • Set-up a DNS client
  • Interrogating DNS
  • Network monitoring of DNS and understanding DNS messages
  • Creating Zones and delegating authority
  • Setting up mail server MX RR
  • Tuning DNS
  • Using DNSSEC and TSIG
  • Implementing Dynamic DNS

The Lecturers

All our trainers are practising DNS consultants with extensive experience with both BIND DNS and MS DNS servers.