lsg30.htm

linux-unix130.linux.and.unix.ebooks130 linux and unix ebookslinuxLearning Linux - Collection of 12 E

<H4 ALIGN=CENTER>



<CENTER>



<FONT SIZE=4 COLOR="#FF0000"><B>The named Daemon and Name Servers</B></FONT></CENTER></H4>



<BR>



<P>BIND and DNS are implemented through a daemon called named. The named daemon always runs on a machine called a name server, which is the machine on your network that handles the resolution of symbolic names to IP addresses. There can be several name servers on your network, or your machine can be the name server if you are running stand-alone.



<BR>



<P>Part of the name server system is a library of functions that are used by applications to set up queries for the name server, and to obtain answers from the name server. These functions are called the resolver or name resolver. The library of functions does not really have to be on the same machine as the name server.



<BR>



<P>The named daemon is usually started as part of the normal networking startup of Linux, although if you installed networking after your Linux system was installed, you may have to manually add the startup command to the rc files. The named daemon uses a file called /etc/named.boot that lists the master files used by other name servers. The /etc/named.boot file is covered later in this section.



<BR>



<P>Grossly simplified, BIND and DNS can be thought of as working like a set of telephone operators. If you are living in New York and want the number of a friend in London, England, you call your long distance operator to get the country code for England. That operator may connect to the English operator to give you the area code for London. Finally, that operator may connect to the London area operator to get your directory assistance number. BIND and DNS work in much the same way. When a name server can't figure out a name, it communicates with another name server that appears to be on the route to the target and waits for a reply to a directory query. That name server may contact others down the network, until some machine resolves the name and passes the message back to you.



<BR>



<P>Each name server manages a distinct area of a network (or an entire domain, if the network is small). The set of machines managed by the name server is called a zone. One name server may manage several zones. Within each zone, there is almost always a designated secondary or backup name server, with the two (primary and secondary) name servers holding duplicate information. The name servers within a zone communicate using a zone transfer protocol.



<BR>



<P>DNS operates by having a set of nested zones. Each name server communicates with the one above it (and the one below it, if one exists). Each zone has at least one name server responsible for knowing the address information for each machine within that zone. Each name server also knows the address of at least one other name server.



<BR>



<P>When an application needs to resolve a symbolic name into a network address, the application sends a query to the resolver process, which then communicates the query to the name server. The name server checks its own tables and returns the network address corresponding to the symbolic name. If the name server doesn't have the information it requires, it can send a request to another name server. Both the name servers and the resolvers use database tables and caches to maintain information about the machines in the local zone, as well as recently requested information from outside the zone.



<BR>



<P>When a name server receives a query from a resolver, the name server can perform several types of operations. Name resolver operations fall into two categories called non-recursive and recursive. A recursive operation is one in which the name server must access another name server for information. Non-recursive operations performed by the name server include a full answer to the resolver's request, a referral to another name server (which the resolver must address a query to itself), or an error message. When a recursive operation is necessary, the name server contacts another name server with the resolver's request. The remote name server will reply to the request with either a network address or a negative message indicating failure. Rules prohibit a remote name server from sending a referral on to yet another name server.



<BR>



<P>The resolver is intended to replace existing name resolution systems such as the /etc/hosts file. The replacement of these common mechanisms is transparent to users, although the administrator must know whether the native name resolution system or BIND/DNS is to be used on each machine so the correct tables can be maintained.



<BR>



<P>When the resolver acquires information from a name server, it stores the entries in its own cache to reduce the need for more network traffic if the same symbolic name is used again (as is often the case with applications that work across networks).



<BR>



<P>Under Linux, several different implementations of the name resolver are in use. The original resolver supplied with the BSD-based versions of Linux is somewhat limited, offering neither a cache nor iterative query capabilities. To solve these limitations, the Berkeley Internet Name Domain (BIND) server was added. BIND provides both caching and iterative query capabilities in three different modes: primary server, secondary server, or caching-only server (which doesn't have a database of its own, only a cache). The use of BIND on BSD systems allowed another process to take over the workload of name resolution, a process that may be on another machine entirely.



<BR>



<BR>



<A NAME="E69E193"></A>



<H4 ALIGN=CENTER>



<CENTER>



<FONT SIZE=4 COLOR="#FF0000"><B>The hosts.conf File and Resolver Variables</B></FONT></CENTER></H4>



<BR>



<P>The file /etc/hosts.conf is used as the central reference for the resolver. The /etc/hosts.conf file is used to tell the resolver which services it can use to resolve a name, and in what order they should be used. A sample /etc/hosts.conf file looks like this:



<BR>



<PRE>



<FONT COLOR="#000080"># /etc/host.conf



order bind hosts # named running



multi on # allow multiple addresses



nospoof on # protect from spoofing



trim merlin.com # local domain trim</FONT></PRE>



<P>Several options are possible in a /etc/hosts.conf file, each of which must be on a separate line of its own. The following are valid options:



<BR>







<TABLE  BORDERCOLOR=#000040 BORDER=1 CELLSPACING=2 WIDTH="100%" CELLPADDING=2 >



<TR>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



alert



</FONT>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



If this option is active, any spoof attempt (see nospoof) logs a message in the syslog facility. This option is active if argument is on.</FONT>



<TR>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



multi



</FONT>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



This option determines whether a host in /etc/hosts is allowed to have several IP addresses. Valid values for this option are on and off.</FONT>



<TR>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



nospoof



</FONT>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



This option checks IP addresses to make sure the request is a valid one and not an attempt to break into the network. This check is not very secure, but it is a good first measure. If this option is specified with the argument on, nospoof is active.</FONT>



<TR>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



order



</FONT>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



This option specifies the order in which resolving services should be tried. Valid options are bind (query the name server), hosts (use the /etc/hosts file), and nis (use NIS lookups).</FONT>



<TR>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



trim 



</FONT>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



This option takes a domain name as argument. It removes that domain name from hostnames before a lookup. You can use it to allow /etc/hosts to take precedence over name resolver for local networks, for example.</FONT>



</TABLE><P>The settings in the /etc/hosts.conf file can be overridden by some special resolver environment variables. Valid environment variables (which may be set for the session or by an application) are the following:



<BR>



<UL>



<LI>RESOLV_ADD_TRIM_DOMAINS specifies a list of trim domains to add to those given in /etc/hosts.conf.



<BR>



<BR>



<LI>Whenfollowed by a filename, RESOLV_HOST_CONF specifies the file to use instead of /etc/hosts.conf.



<BR>



<BR>



<LI>RESOLV_MULTI overrides multi argument in /etc/hosts.conf. Valid values are on and off.



<BR>



<BR>



<LI>RESOLV_OVERRIDE_TRIM_DOMAINS specifies a list of trim domains to override those given in /etc/hosts.conf.



<BR>



<BR>



<LI>RESOLV_SERV_ORDER overrides the order option in the /etc/hosts.conf file.



<BR>



<BR>



<LI>RESOLV_SPOOF_CHECK turns spoof checks on or off. Also allowed is the warn argument, which checks for spoofing and logs results, and warn off, which checks but doesn't log results. This variable also allows an asterisk argument, which turns on spoof checks but leaves logging as set in /etc/hosts.conf.



<BR>



<BR>



</UL>



<BR>



<A NAME="E69E194"></A>



<H4 ALIGN=CENTER>



<CENTER>



<FONT SIZE=4 COLOR="#FF0000"><B>Name Server Lookups: The resolv.conf File</B></FONT></CENTER></H4>



<BR>



<P>The file /etc/resolv.conf is used to tell the resolver which name servers to use. At least one name server must be specified for the resolver to be able to communicate with the server. If the /etc/resolv.conf file doesn't exist or is empty, the resolver will assume that your local machine is the name servers and try to send resolution requests to it.



<BR>



<P>A sample /etc/resolv.conf file shows the general format and the entries most systems will need. For a machine that uses a name server elsewhere on the network, this format is usually sufficient:



<BR>



<PRE>



<FONT COLOR="#000080"># /etc/resolv.conf



domain merlin.com # the local domain



nameserver 147.23.1.23 # the name server</FONT></PRE>



<P>The important keyword is the second one in the file, called nameserver. As you can guess, this keyword gives the IP address of the name server your local machine should use to resolve addresses.



<BR>



<P>You can specify more than one name server by using extra lines with the keyword (do not put the IP addresses on a single line). For example, the entries:



<BR>



<PRE>



<FONT COLOR="#000080">nameserver 147.23.1.23 # primary name server



nameserver 147.23.1.46 # secondary name server



nameserver 147.23.2.1 # extra name sever</FONT></PRE>



<P>use the name servers in the order they are encountered in the file. The most reliable name server should always be listed first. Most Linux versions allow only three name servers to be specified.



<BR>



<P>The domain and search keywords are used to allow shortcuts to identify addresses. The domain keyword is used to append a full address to a name instead of forcing you to specify it. For example, if you are on a local area network and want to FTP files from another system, you can use the name wizard instead of specifying the full domain names (such as wizard@foobar.com), as long as the domain line in the /etc/resolv.conf file contains the line:



<BR>



<BR>



<PRE>



<FONT COLOR="#000080">domain foobar.com</FONT></PRE>



<P>This feature makes addressing machines on the local area network much easier.



<BR>



<P>The search option does much the same thing as the domain keyword, except it can apply to other networks instead of just your own. Both search and domain keywords can only appear once in the /etc/resolv.conf file.



<BR>



<BR>



<A NAME="E69E195"></A>



<H4 ALIGN=CENTER>



<CENTER>



<FONT SIZE=4 COLOR="#FF0000"><B>The /etc/named.boot File</B></FONT></CENTER></H4>



<BR>



<P>The /etc/named.boot file is used to specify the master files that contain zone information and name servers. The /etc/named.boot file is often set up by the software installation routine, but you should know the format of the file. One important difference between the named.boot file and most other files is the use of semi-colons for comments instead of the pound sign. A sample /etc/named.boot file looks like this:



<BR>



<PRE>



<FONT COLOR="#000080">; /etc/named.boot



; this is a comment line



directory /var/named



; now the domains and files they use



cache named.ca



primary merlin named.hosts</FONT></PRE>



<P>The directory keyword shows the directory in which the zone files are found. For most Linux installations this should be /var/named. The cache line indicates that the cache for BIND is to be enabled and load some basic information from the file named.ca. The primary keyword indicates the primary server is merlin and the zone information file is named.hosts.



<BR>



<P>The options (and their arguments) of the most commonly used values allowed in the named.boot file are:



<BR>







<TABLE  BORDERCOLOR=#000040 BORDER=1 CELLSPACING=2 WIDTH="100%" CELLPADDING=2 >



<TR>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



cache



</FONT>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



Indicates the domain name and filename of the &quot;root server hints&quot; file and the cache</FONT>



<TR>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



directory



</FONT>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



Lists the directory in which zone files are found</FONT>



<TR>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



forwarders



</FONT>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



Indicates the IP addresses of a list of name severs that the named daemon can query</FONT>



<TR>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



primary



</FONT>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



Indicates the domain name and filename of the primary name server</FONT>



<TR>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



secondary



</FONT>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



Indicates the domain name and filename of the secondary name server</FONT>



<TR>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



slave



</FONT>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



Sets the name server as a slave</FONT>



</TABLE><BR>



<A NAME="E69E196"></A>



<H4 ALIGN=CENTER>



<CENTER>