Book Image

DNS in Action

By : CP Books a.s.
Book Image

DNS in Action

By: CP Books a.s.

Overview of this book

The Domain Name System is one of the foundations of the internet. It is the system that allows the translation of human-readable domain names into machines-readable IP addresses and the reverse translation of IP addresses into domain names. This book describes the basic DNS protocol and its extensions; DNS delegation and registration, including for reverse domains; using DNS servers in networks that are not connected to the internet; and using DNS servers on firewall machines. Many detailed examples are used throughout the book to show perform various configuration and administration tasks.

Related Content you might be interested in

Current Title:

Small book image
DNS in Action
CP Books a.s.
Apr, 2006 | 0 hours 0 minutes
No titles found
Table of Contents (16 chapters)
DNS in Action
DNS in Action
Credits
Credits
About the Authors
About the Authors
Preface
Preface
Free Chapter
1
Domain Name System
Domain Name System
1.1 Domains and Subdomains
1.2 Name Syntax
1.3 Reverse Domains
1.4 Domain 0.0.127.in-addr.arpa
1.5 Zone
1.6 Reserved Domains and Pseudodomains
1.7 Queries (Translations)
1.8 Resolvers
1.9 Name Server
1.10 Forwarder Servers
2
DNS Protocol
DNS Protocol
2.1 Resource Records
2.2 DNS Protocol
2.3 DNS Query
3
DNS Extension
DNS Extension
3.1 DNS Update
3.2 DNS Notify
3.3 Incremental Zone Transfer
3.4 Negative Caching (DNS NCACHE)
3.5 DNS IP version 6 Extension
3.6 DNS Security Protocols
3.7 TSIG
3.8 Saving Certificates to DNS
4
Name Server Implementation
Name Server Implementation
4.1 DNS Database
4.2 RR Format
4.3 Name Server Implementation in BIND
4.4 Microsoft’s Native Implementation of DNS in Windows 2000/2003
5
Tools for DNS Debugging and Administration
Tools for DNS Debugging and Administration
5.1 Tools for DNS Debugging
5.2 The rndc Program
5.3 Errors in DNS Configuration
6
Domain Delegation and Registration
Domain Delegation and Registration
6.1 Example 1
6.2 Example 2
6.3 Domain Registration
7
Reverse Domain Delegation
Reverse Domain Delegation
Server ns.company.com
Server ns.provider.net
Server ns.ripe.net (authoritative server for a superior domain)
Server ns.company.com
Server ns.branch.company.com
8
Internet Registry
Internet Registry
8.1 International Organizations
8.2 Regional Internet Registry (RIR)
8.3 IP Addresses and AS Numbers
8.4 Internet Registry
8.5 Delegation of Second-Level Domains
9
DNS in Closed Intranets
DNS in Closed Intranets
9.1 Configuring a Root Name Server on the Same Server (BIND Version 4)
9.2 Configuring a Root Name Server on a Separate Server (BIND Version 4)
9.3 Root DNS Server in Windows 2000/2003
10
DNS and Firewall
DNS and Firewall
10.1 Shared DNS for Internet and Intranet
10.2 Name Server Installed on Firewall
10.3 Dual DNS
10.4 End Remarks
Country Codes and RIRs
Country Codes and RIRs
Index
Index

10.1 Shared DNS for Internet and Intranet

The easiest solution is sharing a DNS database between the Internet and intranet. This might be unsuitable for two reasons:

  • Translations of computers with nonroutable addresses (net 10/8, 172.16/12, or 192.168/16) are published on the Internet.

  • Information concerning the company structure is published (IP addresses of intranet computers). This information is usually confidential.

The most significant question when configuring DNS on the firewall is whether or not all Internet names should be translated on the intranet, and whether the intranet clients should be enabled to translate the names of the company.com domain that are located on the intranet only.

10.1.1 The Whole Internet is Translated on the Intranet

If the whole Internet is translated on the intranet, then the intranet must also route IP addresses of the whole Internet. This has some negative effects as well:

  1. 1. The routing of the intranet must be ready for this, i.e., all IP addresses that...

Previous Section
End of Section 2
Next Section