ITS 2330 - Linux III

Chapter 8: DNS, Chapter 9: Web Services

Objectives:

This lesson takes place in week 10. Objectives important to this lesson:

  1. DNS server
  2. DNS zones
  3. Securing DNS
Concepts:

Chapter 8 begins with a discussion of the history of DNS. It was invented in 1983 as a distributed database that can translate domain names into IP addresses. People are more comfortable and successful remembering domain names than they are remembering IP addresses. Without DNS, the world wide web would not be the success that it is. It is a little hard to know what the author actually thinks is important in this chapter, since the summary is little different from the first paragraph. Let's do what we can.

Several pages are spent describing the function of the world's DNS system, the way that a DNS request is resolved, and the mechanics of replying to the DNS requester with the matching IP address. This is interesting, but not the reason for the chapter to exist. Let's turn to the discussion of BIND.

BIND stands for Berkeley Internet Name Domain, which makes little sense. It is a product that has had several versions. This text covers BIND version 9, which is commonly used as a DNS server. I looked for some decent videos about installing BIND, and chose this one because the presenter seems so intent on getting it right, and he sounds kind of amusing to mid-western ears.


As the presenter in the video above tells us, we can check for a BIND installation on a server before running an install with a command that looks for the BIND packages. The text gives us this example for doing so on CentOS:

rpm -qa | grep ^bind

If you don't find BIND components, you will want to install bind and bindutils if you are on an RHEL type distro, and bind9 and bind9utils if you are on a Debian type distro.

The author seems to follow Alice and the white rabbit for several pages, making declarations that sound earnest, but that lead to little understanding. Digging for some, we find that...

  • BIND components are called by different names in different distros. Pick a distro, find a guide for that distro, and don't read about another one while you are installing.
  • It is irritating to some of us that the daemon for BIND is called named in most cases. Too cute and too easy to misunderstand.
  • A lucid comparison of other DNS servers for Linux can be found at this Wikipedia page: https://en.wikipedia.org/wiki/Comparison_of_DNS_server_software

The following video, like most I show to you, has some nice features. Along the way, it discusses the chroot command, which stands for change root. It creates a false root for the program being installed, to isolate it from other services on your server should that program be hacked.


The text mentions the rndc tool for managing BIND. It does not support all commands you might want to use with BIND, but it does have a lot of functionality. Follow this link to an article that discusses rndc and how to use it: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/deployment_guide/s2-bind-rndc

As I mentioned above, the text only has one paragraph for a summary for this chapter. You should look instead at the Exam Essentials material that follows the summary to get an idea of what to study.

Chapter 10 discusses web servers. It is mostly about Apache, the free server that is used on most Linux boxes that serve web pages. Squid and Nginx, two other web servers, are also discussed briefly. The last virtual device you installed should have been Ubuntu. The video below demonstrates installing Apache on an Ubuntu system, confirming that it works, and controlling it from a command line. You should be able to follow along, trying it out.