Exercise 1
Overview
- Using dig
- Installing BIND
- Testing and starting named
- Using rndc
Using dig
dig for NXDOMAIN
Try using the command:
$ dig www.pacnog.bluesky.as
Check the header, answer and authority sections of the response. In
particular, look for the NXDOMAIN status flag.
Does an A record for this domain name exist? Check the ANSWER section.
What happens if you try:
$ ping www.pacnog.bluesky.as
dig for NOERROR with RR
Try using the command:
$ dig noc.pacnog.bluesky.as
Check the header, answer and authority sections of the response. In
particular, look for the NOERROR status flag.
Does an A record for this domain name exist? Check the ANSWER section.
What happens if you try:
$ ping noc.pacnog.bluesky.as
dig for NOERROR with 0 RR
$ dig noc.pacnog.bluesky.as txt
Check the header, answer and authority sections of the response. In
particular, look for the NOERROR status flag.
Does TXT record for this domain name exist? Check the ANSWER section.
Installing BIND
Check to see if the BIND software is installed on your system. The
daemon is called named
(pronounced name-dee).
There are several ways to do this:
- Use apt-cache search bind9
- Use ls /etc/init.d/bind9
- Use named -v
If the BIND software is not installed then use the Ubuntu package
system to install it:
$ apt-get install bind9
When you're happy the software is installed check the version:
$ named -v
Expect to see a result like:
BIND 9.6.1-P2
Testing and starting named
Make sure that the named
daemon is not running.
Find the process ID (PID) of the process and then we'll kill the
process. e.g
$ sudo ps ax | grep named
2362 ? Ssl 0:00 /usr/sbin/named -u bind
2623 pts/0 R+ 0:00 grep named
$ sudo kill 2362
$ sudo ps ax | grep named
2639 pts/0 R+ 0:00 grep named
Now we'll set up the program that controls named. It's called rndc (for remote name daemon
controller) using a program called rndc-confgen.
This
generates the shared keys that encrypt the connection between named and rndc when we run it. Be patient when
it runs - it takes a little while.
$ sudo rndc-confgen -a
Now we'll start the daemon using:
$ sudo /etc/init.d/bind9 start
You should see a message like:
* Starting domain name service... bind9
...done.
You won't have to do this every time the system starts of course. named will normally be started at
boot time.
Using rndc
You can control almost all the functions using rndc. The command summary is shown
below:
$ rndc
Usage: rndc [-c config] [-s server] [-p port]
[-k key-file ] [-y key] [-V] command
command is one of the following:
reload Reload configuration file and zones.
reload zone [class [view]]
Reload a single zone.
refresh zone [class [view]]
Schedule immediate maintenance for a zone.
retransfer zone [class [view]]
Retransfer a single zone without checking serial number.
freeze Suspend updates to all dynamic zones.
freeze zone [class [view]]
Suspend updates to a dynamic zone.
thaw Enable updates to all dynamic zones and reload them.
thaw zone [class [view]]
Enable updates to a frozen dynamic zone and reload it.
notify zone [class [view]]
Resend NOTIFY messages for the zone.
reconfig Reload configuration file and new zones only.
stats Write server statistics to the statistics file.
querylog Toggle query logging.
dumpdb [-all|-cache|-zones] [view ...]
Dump cache(s) to the dump file (named_dump.db).
stop Save pending updates to master files and stop the server.
stop -p Save pending updates to master files and stop the server
reporting process id.
halt Stop the server without saving pending updates.
halt -p Stop the server without saving pending updates reporting
process id.
trace Increment debugging level by one.
trace level Change the debugging level.
notrace Set debugging level to 0.
flush Flushes all of the server's caches.
flush [view] Flushes the server's cache for a view.
flushname name [view]
Flush the given name from the server's cache(s)
status Display status of the server.
recursing Dump the queries that are currently recursing (named.recursing)
validation newstate [view]
Enable / disable DNSSEC validation.
*restart Restart the server.
* == not yet implemented
Version: 9.6.1-P2
What do these commands do?
Try them and see. If you stop the daemon start it up again.
$ rndc stop
$ rndc status
$ rndc stats
$ rndc reload
$ rndc trace
$ rndc flush
$ rndc