DNS direct and reverse lookup

(versión en español)
Since humans, the vast majority, we are given quite bad to remember IP addresses anyone developed a way to associate names to those addresses, so that we could access the service behind that address, either a web service of email, etc. And therein lies the DNS (Domain name System), a distributed database that associates names (<a href="http://labs le viagra 50.conekia.com/choose-your-domain-provider/»>domains or domain names) to iP addresses.

Root servers.
Each tld has its own root dns servers. They contain the DNS servers for a given domain.
In order to access the conekia.com website your computer will first ask the DNS server you have configured. If it doesn’t know  it will look at the root server for conekia.com, which will return what are the authoritative DNS servers, that is, the DNS servers which have the DNS zone for conekia.com. They return the ip of conekia.com to your computer and will know what ip address to connect. Simple, right?
Well, this is called DNS lookup, ie for a given domain get its ip.

DNS server.
If we want to have our own DNS server will must to think about putting a name. For example ns1.conekia.com and ns2.conekia.com.
To each domain are assigned at least two DNS servers, one primary and one secondary.
So our server must have two ip addresses or we must have two servers.
Having decided the names that we will put our primary and secondary DNS, the names must be associated to each of the DNS server IP addresses, or each ip address of the servers if we have more than one. This is done in the domain registrar.

There is no harm that names of DNS server responds to each of their ip addresses. So we should add the following entries in the DNS zone:

ns1.conekia.com       IN A
ns1.conekia.com       IN A

The most famous of DNS software is bind, for Linux, and is very easy to install because in most distros it can be installed with the appropriate package manager.
Broadly speaking, there are two important files in bind:

  • named.conf
  • and the zone file for each domain.

Assuming that our named was in /etc/bind/named.conf this could be the content for conekia.com:

$TTL 86400
@ IN SOA ns1.conekia.com. ns1.conekia.com. (
13357683353 ; Serial
10800 ; Refresh
3600 ; Retry
604800 ; Expire
10800 ) ; Minimum
conekia.com. IN NS ns1.conekia.com.
conekia.com. IN NS ns2.conekia.com.
mail.conekia.com. IN A
conekia.com. IN A
www.conekia.com. IN CNAME conekia.com.
conekia.com. IN MX 10 mail.conekia.com.

The entry IN NS indicates that conekia.com DNS server is ns1.conekia.com.
The entry IN A indicates that is address of conekia.com and is the ip address of mail.conekia.com
The entry IN CNAME indicates that www.conekia.com is an alias of conekia.com,  that is, both resolve the same IP address.

Reverse DNS lookup.
The same way that domain has an ip address, we can also associate a domain to ip address. That is, if we want to a ip address resolves to a domain, we must set it up  in a similar way to described above. However, to perform this management, the owner of the range, to which IP addresses belong, must to associate them to a valid DNS servers. For example, if the ip addresses are European, should be RIPE where our DNS should be associated. That’s the reason we can not usually change the reverse DNS  of the IP address of our ADSL, as it is the owner of the IP address who indicates that only their DNS are who resolve such requests.
There is mail software, such as postfix, which can refuse a message if reverse DNS lookup of the ip address of the source mail server does not match the source server hostname.
DNS resolution only goes one way, given a domain get its ip address. This is the opposite.
The same DNS server can resolve to mail.conekia.es. To do this we must create the zone file for the range, to be called 25.168.192.in-addr.arpa. Its contents might be this:

$TTL 86400
@ IN SOA ns1.conekia.com. ns1.conekia.com. (
133404445654 ; Serial
10800 ; Refresh
3600 ; Retry
604800 ; Expire
10800 ) ; Minimum
IN NS ns1.conekia.com.
8 IN PTR mail.conekia.com.

Entry IN PTR  indicates that the IP address resolves to mail.conekia.com.


Deja una respuesta

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *