Selasa, 20 November 2007

Cara Kerja DNS

DNS
I. Keperluan
a. Koneksi Internet dan IP NameServer ISP sebagai forwarders
b. Paket bind dari Fedora Core 5
c. Praktikan mengetahui pengertian dan cara kerja DNS server

II. Dasar Teori
DNS dapat disamakan fungsinya dengan buku telepon. Dimana setiap
komputer di jaringan Internet memiliki host name (nama komputer) dan
Internet Protocol (IP) address. Secara umum, setiap client yang akan
mengkoneksikan komputer yang satu ke komputer yang lain, akan
menggunakan host name.
Lalu komputer anda akan menghubungi DNS server untuk mencek host name
yang anda minta tersebut berapa IP address-nya. IP address ini yang
digunakan untuk mengkoneksikan komputer anda dengan komputer lainnya

III. Langkah-langkah Praktikum
Sebelum melakukan konfigurasi server DNS, perlu diketahui beberapa tools
dalam checking DNS server seperti nslookup (windows dan linux) dan host dan dig

A. nslookup
Perintah dasar untuk me-resolve host name dari sebuah server (missal
google.com) dapat menggunakan perintah nslookup [hostname]. Perintah ini
terdapat pada system operasi Linux maupun Windows.
a. Cara mencari host di Linux dengan nslookup
Nslookup digunakan untuk mengetahui alamat IP atau alamat Host.
josh@learningwithexpert:~$ nslookup
> google.com
Server: 172.24.14.1
Address: 172.24.14.1#53
Non-authoritative answer:
Name: google.com
Address: 64.233.167.99
Name: google.com
Address: 64.233.187.99
Name: google.com
Address: 72.14.207.99
> te.ugm.ac.id
Server: 172.24.14.1
Address: 172.24.14.1#53
Non-authoritative answer:
Name: te.ugm.ac.id
Address: 222.124.24.18

b. Cara mencari host di Windows
Menggunakan nslookup pada system operasi windows
Ketik > nslookup [alamat DNS server] [alamat yang dituju]

Pada saat alamat DNS server dikosongi, maka server DNS yang
digunakan untuk mendapatkan alamat host adalah server DNS defaultnya.

C:\Documents and Settings\josh>nslookup www.ugm.ac.id
Server: penguin.ugm
Address: 172.16.30.7

Name: www.ugm.ac.id
Address: 222.124.24.14

C:\Documents and Settings\josh>nslookup
Default Server: penguin.ugm
Address: 172.16.30.7

> te.ugm.ac.id
Server: penguin.ugm
Address: 172.16.30.7

Non-authoritative answer:
Name: te.ugm.ac.id
Address: 222.124.24.18


B. Dig dan Host
dig(domain information gropher) sedang host (DNS lookup utility). Tools ini
tidak terdapat pada windows, dan hanya terdapat pada Linux dan varian Unix.
Dengan perintah ini kita dapat melihat informasi mengenai IP dari suatu host
beserta dengan alamat yang dituju.
josh@learningwithexpert:~$ dig google.com
; <<>> DiG 9.3.2 <<>> google.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38035
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 4, ADDITIONAL: 4
;; QUESTION SECTION:
;google.com. IN A
;; ANSWER SECTION:
google.com. 119 IN A 72.14.207.99
google.com. 119 IN A 64.233.167.99
google.com. 119 IN A 64.233.187.99
;; AUTHORITY SECTION:
google.com. 88759 IN NS ns4.google.com.
google.com. 88759 IN NS ns1.google.com.
google.com. 88759 IN NS ns2.google.com.
google.com. 88759 IN NS ns3.google.com.
;; ADDITIONAL SECTION:
ns4.google.com. 57290 IN A 216.239.38.10
ns1.google.com. 57290 IN A 216.239.32.10
ns2.google.com. 57290 IN A 216.239.34.10
ns3.google.com. 57290 IN A 216.239.36.10
;; Query time: 4 msec
;; SERVER: 172.24.14.1#53(172.24.14.1)
;; WHEN: Wed Aug 16 11:31:20 2006
;; MSG SIZE rcvd: 222
josh@learningwithexpert:~$ host www.ugm.ac.id
www.ugm.ac.id has address 222.124.24.14
josh@learningwithexpert:~$ host ugm.ac.id
ugm.ac.id has address 222.124.24.4
ugm.ac.id mail is handled by 0 proxymail.ugm.ac.id.
ugm.ac.id mail is handled by 200 mx3.ugm.ac.id.
josh@learningwithexpert:~$ host -t ns ugm.ac.id
ugm.ac.id name server ns2.ugm.ac.id.
ugm.ac.id name server ns1.ugm.ac.id.
josh@learningwithexpert:~$ host -t mx ugm.ac.id
ugm.ac.id mail is handled by 0 proxymail.ugm.ac.id.
ugm.ac.id mail is handled by 200 mx3.ugm.ac.id.
josh@learningwithexpert:~$ host google.com
google.com has address 72.14.207.99
google.com has address 64.233.167.99
google.com has address 64.233.187.99
google.com mail is handled by 10 smtp1.google.com.
google.com mail is handled by 10 smtp2.google.com.
google.com mail is handled by 10 smtp3.google.com.
google.com mail is handled by 10 smtp4.google.com.

Setting DNS Server
• Langkah pertama adalah melakukan instalasi bind, sering pula di sebut dengan
named. Anda harus menjadi root untuk melakukan langkah selanjutnya.
• Ketik perintah > su –
• Masukkan password root milik mesin anda
• Setelah anda menjadi root, kemudian
ketik > yum install bind
• Setelah bind(named) terinstall, langkah berikutnya adalah melakukan konfigurasi
pada bind(named)

o Pastikan anda memiliki text editor pada mesin Linux anda dan pastikan
juga anda dapat menggunakan text editor tersebut. Secara default text
editor yang dibundel oleh sistem operasi Linux adalah vi
o Selanjutnya anda perlu untuk mengedit file yang terdapat pada
/etc/named.conf dan melakukan penambahan zone file pada /var/named/
o vi /etc/named.conf ( masukkan konfigurasi dibawah ini)
include "/var/named/named.conf.options";
// reduce log verbosity on issues outside our control
logging {
category lame-servers { null; };
};
// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/var/named/db.root";
};
// be authoritative for the localhost forward and reverse
zones, and for
// broadcast zones as per RFC 1912
zone "localhost" {
type master;
file "/var/named/db.local";
};
zone "127.in-addr.arpa" {
type master;
file "/var/named/db.127";
};
zone "0.in-addr.arpa" {
type master;
file "/var/named/db.0";
};
zone "255.in-addr.arpa" {
type master;
file "/var/named/db.255";
};
// add local zone definitions here
include "/var/named/named.conf.local";

o vi /var/named/named.conf.local ( masukkan konfigurasi local zone
dibawah ini)
//
// Add local zone definitions here.
zone "domainku.com" {
type master;
file "/var/named/db.domainku";
};
zone "25.16.172.in-addr.arpa" {
type master;
file "/var/named/domainku.rev";
};

o vi /var/named/named.conf.option ( masukkan konfigurasi dibawah
ini)
options {
directory "/var/named/data";
query-source address * port 53;
forwarders {
222.124.24.2;
202.134.0.155;
202.134.1.10;
222.124.24.12;
222.124.24.3;
};
};

o vi /var/named/db.0 (masukkan konfigurasi reverse data berikut)
;
; BIND reverse data file for broadcast zone
;
$TTL 604800
@ IN SOA localhost. root.localhost. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS localhost.

o vi /var/named/db.127
;
; BIND reverse data file for local loopback interface
;
$TTL 604800
@ IN SOA localhost. root.localhost. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS localhost.
1.0.0 IN PTR localhost.
;

o vi /var/named/db.local
;
; BIND data file for local loopback interface
;
$TTL 604800
@ IN SOA localhost. root.localhost. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS localhost.
@ IN A 127.0.0.1

o vi /var/named/db.root (atau gunakan command berikut "dig >
/var/named/db.root ")
; <<>> DiG 9.2.3 <<>> ns . @a.root-servers.net.
;; global options: printcmd
;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18944
;; flags: qr aa rd; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 13
;; QUESTION SECTION:
;. IN NS
;; ANSWER SECTION:
. 518400 IN NS A.ROOT-SERVERS.NET.
. 518400 IN NS B.ROOT-SERVERS.NET.
. 518400 IN NS C.ROOT-SERVERS.NET.
. 518400 IN NS D.ROOT-SERVERS.NET.
. 518400 IN NS E.ROOT-SERVERS.NET.
. 518400 IN NS F.ROOT-SERVERS.NET.
. 518400 IN NS G.ROOT-SERVERS.NET.
. 518400 IN NS H.ROOT-SERVERS.NET.
. 518400 IN NS I.ROOT-SERVERS.NET.
. 518400 IN NS J.ROOT-SERVERS.NET.
. 518400 IN NS K.ROOT-SERVERS.NET.
. 518400 IN NS L.ROOT-SERVERS.NET.
. 518400 IN NS M.ROOT-SERVERS.NET.
;; ADDITIONAL SECTION:
A.ROOT-SERVERS.NET. 3600000 IN A 198.41.0.4
B.ROOT-SERVERS.NET. 3600000 IN A 192.228.79.201
C.ROOT-SERVERS.NET. 3600000 IN A 192.33.4.12
D.ROOT-SERVERS.NET. 3600000 IN A 128.8.10.90
E.ROOT-SERVERS.NET. 3600000 IN A 192.203.230.10
F.ROOT-SERVERS.NET. 3600000 IN A 192.5.5.241
G.ROOT-SERVERS.NET. 3600000 IN A 192.112.36.4
H.ROOT-SERVERS.NET. 3600000 IN A 128.63.2.53
I.ROOT-SERVERS.NET. 3600000 IN A 192.36.148.17
J.ROOT-SERVERS.NET. 3600000 IN A 192.58.128.30
K.ROOT-SERVERS.NET. 3600000 IN A 193.0.14.129
L.ROOT-SERVERS.NET. 3600000 IN A 198.32.64.12
M.ROOT-SERVERS.NET. 3600000 IN A 202.12.27.33
;; Query time: 81 msec
;; SERVER: 198.41.0.4#53(a.root-servers.net.)

;; WHEN: Sun Feb 1 11:27:14 2004
;; MSG SIZE rcvd: 436

o vi /var/named/db.domainku.com
$ORIGIN .
$TTL 43200 ; 12 hours
domainku.com IN SOA domainku.com. josh.domainku.com. (
2006080723 ; serial
3600 ; refresh (1 hour)
15 ; retry (15 seconds)
1209600 ; expire (2 weeks)
43200 ; minimum (12 hours)
)
IN NS ns1.domainku.com.
IN NS ns2.domainku.com.
IN A 172.16.25.10
IN MX 5 mx1.domainku.com.
$ORIGIN domainku.com.
dns IN CNAME domainku.com.
gate IN A 172.16.25.17
ns1 IN A 172.16.25.10
mx1 IN A 172.16.25.18
student IN A 172.16.25.19
papirus IN A 172.16.25.21
proxy IN A 172.16.25.1
$ORIGIN student.domainku.com.
ftp CNAME student.domainku.com.
mail CNAME student.domainku.com.
news CNAME student.domainku.com.
server CNAME student.domainku.com.
www CNAME student.domainku.com.

o vi /var/named/domainku.rev
$ORIGIN 25.16.172.in-addr.arpa.
$TTL 43200
@ IN SOA ns1.domainku.com. josh.domainku.com. (
2006080712 ; Serial
3600 ; Refresh
15 ; Retry
1209600 ; Expire
43200 ) ; Negative Cache TTL
;
@ IN NS ns1.domainku.com.
17 IN PTR gate.domainku.com.
18 IN PTR server.domainku.com.
19 IN PTR student.domainku.com.
1 IN PTR proxy.domainku.com.
24 IN PTR bintang.domainku.com.

 Langkah selanjutnya adalah melakukan pengaktifan DNS anda.
Pada shell mode
Ketik > service start named
o Masukkan ip 127.0.0.1 di /etc/resolv.conf sebagai nameserver
vi /etc/resolv.conf
search domainku.com
nameserver 127.0.0.1
o Testing DNS menggunakan host dan dig
[root@fedora named]# host domainku.com
domainku.com has address 172.16.25.10
domainku.com mail is handled by 5 mx1.domainku.com.
[root@fedora named]# dig domainku.com
; <<>> DiG 9.3.2 <<>> domainku.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64515
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1
;; QUESTION SECTION:
;domainku.com. IN A
;; ANSWER SECTION:
domainku.com. 43200 IN A 172.16.25.10
;; AUTHORITY SECTION:
domainku.com. 43200 IN NS ns1.domainku.com.
domainku.com. 43200 IN NS ns2.domainku.com.
;; ADDITIONAL SECTION:
ns1.domainku.com. 43200 IN A 172.16.25.10
;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Aug 16 11:58:25 2006
;; MSG SIZE rcvd: 98
[josh@fedora ~]$ dig axfr domainku.com
; <<>> DiG 9.3.2 <<>> axfr domainku.com
;; global options: printcmd
domainku.com. 43200 IN SOA domainku.com.
josh.domainku.com. 2006080723 3600 15 1209600 43200
domainku.com. 43200 IN NS ns1.domainku.com.
domainku.com. 43200 IN NS ns2.domainku.com.
domainku.com. 43200 IN A 172.16.25.10
domainku.com. 43200 IN MX 5 mx1.domainku.com.
dns.domainku.com. 43200 IN CNAME domainku.com.
gate.domainku.com. 43200 IN A 172.16.25.17
mx1.domainku.com. 43200 IN A 172.16.25.18
ns1.domainku.com. 43200 IN A 172.16.25.10
papirus.domainku.com. 43200 IN A 172.16.25.21
proxy.domainku.com. 43200 IN A 172.16.25.1
student.domainku.com. 43200 IN A 172.16.25.19
ftp.student.domainku.com. 43200 IN CNAME student.domainku.com.
mail.student.domainku.com. 43200 IN CNAME student.domainku.com.
news.student.domainku.com. 43200 IN CNAME student.domainku.com.
server.student.domainku.com. 43200 IN CNAME student.domainku.com.
www.student.domainku.com. 43200 IN CNAME student.domainku.com.
domainku.com. 43200 IN SOA domainku.com.
josh.domainku.com. 2006080723 3600 15 1209600 43200
;; Query time: 2 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Aug 16 12:09:01 2006
;; XFR size: 18 records (messages 1)
Troubleshooting konfigurasi DNS dilakukan dengan memantau file log yang ada di
/var/log/messages

Tidak ada komentar: