Agenda: dns-dig-hands-on.txt

File dns-dig-hands-on.txt, 3.3 KB (added by admin, 8 years ago)
Line 
1DNS Exercise 1
2
31. Issue DNS queries using 'dig':
4
51a. Run each command, look for the ANSWER section and write down the result.
6    Make a note the TTL as well.
7
8Repeat the command. Is the TTL the same? Are the responses Authoritative?
9
10                                        RESULT 1            RESULT 2
11                                        --------            --------
12    $ dig your-favorite-domain a
13    $ dig www.tiscali.co.uk. a
14    $ dig afnog.org. mx
15    $ dig news.bbc.co.uk. a
16    $ dig NonExistentDomain.ma any
17    $ dig tiscali.co.uk. txt
18    $ dig ripe.net. txt
19    $ dig geek.tiscali.co.uk. a
20    $ dig www.afrinic.net aaaa
21    $ dig ipv6.google.com aaaa
22
231b. Now send some queries to another caching server.
24
25    (Run each of the following twice, and note the time in ms for each attempt)
26
27    $ dig @8.8.8.8 news.bbc.co.uk. a
28    $ dig @resolver1.opendns.com yahoo.com. a
29    $ dig @<a server of your choice> <domain of your choice> a
30
31    How long did it take each answer to be received? (on the first, and
32    on the second lookup)
33
342. Reverse DNS lookups
35
36    Now try some reverse DNS lookups.
37
38    $ dig -x 10.10.X.1
39    $ dig -x 10.10.X.2
40    $ dig -x 10.10.X.3
41
42    ... where X is an IP address in the range 1-25
43
44    Repeat for an IP address of your choice, on the Internet
45
46    Now try to lookup:
47
48    $ dig 1.X.10.10.in-addr.arpa. PTR
49
50    ... where X is in the range 1-25.
51
52    What do you notice ?
53
54    Let's try IPv6 now:
55
56    $ dig -x 2001:42d0::200:2:1
57
58    What are the differences you can observe in the results, between reverse
59    DNS for IPv6 and IPv4 addresses ?
60
613. Use tcpdump to show DNS traffic
62
63    Open a NEW connection to your master.grpX machine (log in a second
64    time), so that you can have both windows side-by-side.
65
66    In the new window, run the following command (you must be 'root', that's
67    why we use sudo):
68
69# sudo tcpdump -n -s 1500 udp and port 53
70
71    This shows all packets going in and out of your machine for UDP port 53
72    (DNS).
73   
74    Now go to another window and repeat some of the 'dig' queries from earlier.
75
76    Look at the output of tcpdump, check the source and destination IP address
77    of each packet:
78
79Explanation:
80
81    -n  Prevents tcpdump doing reverse DNS lookups on the packets it receives,
82        which would generate additional (confusing) DNS traffic
83
84    -s 1500 Read the entire packet (otherwise tcpdump only reads 96 bytes)
85
86    udp and port 53
87        A filter which matches only packets to/from UDP port 53
88
89
90
914. Configure the caching nameserver and resolver on your server
92
93    (Exercises to be performed as the super-user)
94
95    We're going to enable your caching nameserver and configure your resolver
96    configuration:
97
98a) edit the file /etc/rc.conf and add:
99
100    named_chrootdir=""
101    named_enable="YES"
102
103b) start named, the name server process
104
105    # /etc/rc.d/named start
106
107c) test that resolution works with dig:
108
109    # dig @127.0.0.1 noc.ws.nsrc.org
110
111d) if all works, change your /etc/resolv.conf file so that it now contains:
112
113    search ws.nsrc.org
114    nameserver 127.0.0.1
115
116    This will have the effect that you are now using your own nameserver to
117    resolve queries on the Internet.
118
1192. Test that DNS works
120
121    Ping other PCs in the room, where X is 101 - 125:
122
123    ping master.grpX.ws.nsrc.org
124    ping cache.grpX.ws.nsrc.org
125    ping auth.grpX.ws.nsrc.org
126   
127    If in doubt, read the ping manpage (man ping)
128