1
00:00:00,120 --> 00:00:05,310
In this video, we get introduced to DNS in Linux for the absolute beginners.

2
00:00:05,730 --> 00:00:11,670
We will discuss the basic concepts and view some commands that will help us explore DNS configuration

3
00:00:11,670 --> 00:00:14,040
on hosts, specifically Linux.

4
00:00:14,040 --> 00:00:19,320
Hosted at the end of this section, you will go through a practice test where you're given a set of

5
00:00:19,320 --> 00:00:26,550
challenges related to DNS and are asked to solve them on a life practical Hands-On lab environment right

6
00:00:26,550 --> 00:00:27,360
in your browser.

7
00:00:28,770 --> 00:00:33,510
My name is Charlotte Monomyth and this is called Cloud before we get started.

8
00:00:33,870 --> 00:00:37,020
Don't forget to subscribe to my channel for more videos like this.

9
00:00:38,250 --> 00:00:44,370
We have two computers, A and B, both part of the same network, and they've been assigned with IP

10
00:00:44,370 --> 00:00:50,400
addresses, 190 to 168, one or ten and one, not 11, you're able to ping one computer from the other

11
00:00:50,400 --> 00:00:52,400
using the other computer's IP address.

12
00:00:53,220 --> 00:00:56,230
You know that System B has database services on them.

13
00:00:56,340 --> 00:01:02,130
So instead of having to remember the IP address of the system, B, you decide to give it a name DB

14
00:01:02,970 --> 00:01:09,330
going forward, you would like to ping System B using the name DB instead of its IP address.

15
00:01:09,720 --> 00:01:12,960
If you try to ping DB now, you would see that host.

16
00:01:12,960 --> 00:01:16,010
It is unaware of a host named DB.

17
00:01:16,830 --> 00:01:17,890
So how do you fix that?

18
00:01:18,390 --> 00:01:25,920
Basically you want to tell system error that System B at IP address 192 168 one node 11 has a name DB

19
00:01:26,310 --> 00:01:32,250
we want to tell system is that when I say DB, I mean the IP 192 161 dot 11.

20
00:01:32,790 --> 00:01:36,680
You can do that by adding an entry into the ETSI host file on system.

21
00:01:36,710 --> 00:01:43,590
He mentioned the IP address and the name you want your host to see System B as with all system E, that

22
00:01:43,590 --> 00:01:51,300
the IP at 190 to 160 at one note eleven is a host named DB pings to be now get sent to the correct IP

23
00:01:51,300 --> 00:01:52,140
and are successful.

24
00:01:52,830 --> 00:01:59,850
Now there is an important point to note here with all system is that the IP at 100 to 168 one dot 11

25
00:01:59,850 --> 00:02:02,480
is a host named Be Host.

26
00:02:02,490 --> 00:02:03,870
It takes that for granted.

27
00:02:04,260 --> 00:02:09,120
Whatever we put in the ATC hosts file is the source of truth for host it.

28
00:02:09,840 --> 00:02:11,370
But that may not be the truth.

29
00:02:11,580 --> 00:02:18,690
Host It does not check to make sure if systemis actual name is be, for instance, running a hostname

30
00:02:18,690 --> 00:02:24,530
command on System B reveals that it is named host to but host.

31
00:02:24,540 --> 00:02:25,550
It doesn't care.

32
00:02:25,770 --> 00:02:27,930
It goes by what's in the host file.

33
00:02:29,700 --> 00:02:36,240
You can even fool system into believing that System B is Google, just add an entry into the House file

34
00:02:36,240 --> 00:02:42,990
with an IP mapping to Google dot com, then ping Google and you will get a response from System B,

35
00:02:43,680 --> 00:02:48,990
so we have two names pointing to the same system, one as CDB and another as Google.

36
00:02:49,350 --> 00:02:51,870
And we can use either names to read System B.

37
00:02:53,450 --> 00:03:00,170
You can have as many names as you want for as many servers as you want in the ETSI hosts file every

38
00:03:00,170 --> 00:03:05,750
time we reference another hosted by its name from host A through a PIN command or a Central Command

39
00:03:05,750 --> 00:03:09,200
or through any of the applications or tools within the system.

40
00:03:09,500 --> 00:03:14,360
It looks into its ETSI hosts file to find out the IP address of that host.

41
00:03:14,990 --> 00:03:20,060
Translating Hostname to IP address this way is known as named resolution.

42
00:03:21,140 --> 00:03:27,650
Within a small network of few systems, you can easily get away with the entries in the seahorse file

43
00:03:28,100 --> 00:03:34,220
on each system, I specify which are the other systems in the environment, and that's how it was done

44
00:03:34,220 --> 00:03:35,060
in the past.

45
00:03:36,740 --> 00:03:42,290
Until the environment grew and these files got filled with too many entries and managing these became

46
00:03:42,290 --> 00:03:42,870
too hard.

47
00:03:43,370 --> 00:03:48,940
If one of the servers IP changed, you would need to modify the entries in all of these hosts.

48
00:03:49,250 --> 00:03:56,290
And that's where we decided to move all these entries into a single server who will manage essentially

49
00:03:56,720 --> 00:04:03,530
we call that our DNS server and then we point all hosts to look up that server if they need to resolve

50
00:04:03,530 --> 00:04:08,330
the hostname to an IP address instead of its own ETSI host files.

51
00:04:09,050 --> 00:04:10,070
So how do we do that?

52
00:04:10,230 --> 00:04:13,460
How do we point our host to a DNS server?

53
00:04:14,120 --> 00:04:18,290
Our DNS server has the IP 190 to 160 eight one hundred.

54
00:04:18,590 --> 00:04:23,810
Every host has a DNS resolution configuration file at ETSI Resolved.

55
00:04:23,960 --> 00:04:28,970
Can't you add an entry into it specifying the address of the DNS over?

56
00:04:29,570 --> 00:04:35,690
We say name server and point it to one idea to that 168 at one hundred and that should be it.

57
00:04:36,170 --> 00:04:42,500
Once this is configured on all of your host, every time a host comes up across a hostname that it does

58
00:04:42,500 --> 00:04:45,830
not know about, it looks it up from the DNS over.

59
00:04:46,460 --> 00:04:53,150
If the IP of any of the host was to change, simply update the DNS over and all host should resolve

60
00:04:53,150 --> 00:04:55,220
the new IP address going forward.

61
00:04:55,730 --> 00:05:02,300
You no longer need any entries in the XY hosts file in any of the hosts, but that does not mean you

62
00:05:02,300 --> 00:05:04,250
can't have entries in hosts file.

63
00:05:04,640 --> 00:05:10,370
You still can, for example, say you were to provision a test server for your own needs.

64
00:05:11,210 --> 00:05:15,470
You don't think others would need to resolve the server by its name, so it need not be added to the

65
00:05:15,830 --> 00:05:16,250
server.

66
00:05:16,490 --> 00:05:22,900
In that case, you can add an entry into your host at C hosts file to resolve the server.

67
00:05:23,330 --> 00:05:24,650
You can now resolve the server.

68
00:05:24,810 --> 00:05:27,620
However, no other system will be able to do that.

69
00:05:27,840 --> 00:05:34,100
So a system is able to use hostname to IP mapping from the ETSI host file locally as well as from a

70
00:05:34,100 --> 00:05:35,340
remote DNS server.

71
00:05:36,140 --> 00:05:42,680
What if you have an entry in both places, one in your ETSI house file and another in DNS?

72
00:05:43,070 --> 00:05:49,250
I have an entry in my local files set to 100 to 168, one door one one five and someone added an entry

73
00:05:49,250 --> 00:05:53,920
for the same host to one two one six eight one one one six on the DNS over.

74
00:05:54,440 --> 00:06:01,070
In that case, the host first looks in the local ETSI hosts file and then looks at the name server.

75
00:06:01,250 --> 00:06:05,840
So if it finds the entry in the local ATC host file, it uses that.

76
00:06:06,050 --> 00:06:09,240
If not, it looks for that host in the DNS over.

77
00:06:09,950 --> 00:06:11,660
But that order can be changed.

78
00:06:11,930 --> 00:06:16,520
The order is defined by an entry in the file at the switch.

79
00:06:16,520 --> 00:06:19,550
Dot switched off the line with the hosts entry.

80
00:06:19,820 --> 00:06:27,410
As you can see, the order is first filed and then followed by DNS files, refers to the host file and

81
00:06:27,410 --> 00:06:29,480
DNS refers to the DNS over.

82
00:06:29,810 --> 00:06:36,080
So for every hostname, the host first looks into the ETSI hosts file and if it cannot find it there,

83
00:06:36,290 --> 00:06:38,090
it then looks at the DNS over.

84
00:06:38,600 --> 00:06:42,500
This order can be modified by editing this entry in the file.

85
00:06:43,310 --> 00:06:49,160
As part of this order, our host would resolve the test server to one only to one sixty eight one one

86
00:06:49,160 --> 00:06:49,760
one five.

87
00:06:50,420 --> 00:06:53,810
What if you try to bring a server that is not in either list?

88
00:06:53,870 --> 00:06:57,650
For example, I try and pin it on Facebook dot com.

89
00:06:57,830 --> 00:07:02,500
I don't have Facebook dot com in my Etsy host file and I don't have it in my DNS over either.

90
00:07:02,750 --> 00:07:04,310
So in that case it will fail.

91
00:07:04,850 --> 00:07:10,610
You can add another entry into your result or confirm to point to a name server that knows Facebook.

92
00:07:10,790 --> 00:07:16,670
For example, eight eight eight eight eight is a common, well known public name server available on

93
00:07:16,670 --> 00:07:21,350
the Internet hosted by Google that knows about all the websites on the Internet.

94
00:07:21,920 --> 00:07:26,630
You can have multiple name servers like this configured on your host, but then you have to configure

95
00:07:26,630 --> 00:07:28,760
that on all your hosts in your network.

96
00:07:29,150 --> 00:07:32,840
You already have a name server within your network configuration, all the hosts.

97
00:07:33,200 --> 00:07:39,530
So in that case, you can configure the server itself to forward any unknown host names to the public

98
00:07:39,530 --> 00:07:41,000
name server on the Internet.

99
00:07:41,810 --> 00:07:45,410
You should not be able to pin external sites such as Facebook dot com.

100
00:07:46,040 --> 00:07:51,410
Until now, we've been just trying to reach systems with their names like Web, DB, inforce, etc.

101
00:07:51,800 --> 00:07:55,910
But we just tried to pin Facebook at Facebook dot com.

102
00:07:56,450 --> 00:07:59,660
What is this name with a W W W and dot com at the end.

103
00:07:59,840 --> 00:08:05,450
It's called a domain name and it is how IPS translate to names that we can remember on the public internet,

104
00:08:05,450 --> 00:08:07,030
just like how we did for our hosts.

105
00:08:07,640 --> 00:08:12,290
Now the reason they are in this format, separated by dots, is to group like things together.

106
00:08:12,980 --> 00:08:18,830
The last portion of the domain name, the dot coms, the dot net start edu, dot org, etc. are the

107
00:08:18,830 --> 00:08:24,530
top level domains that represent the intent of the website dot com for commercial or general purpose,

108
00:08:24,950 --> 00:08:31,910
dot net for network, dot edu for educational organizations and dot org for non-profit organizations.

109
00:08:32,890 --> 00:08:38,830
Let's look at one in particular, in Google's case, the dot is the route, that's where everything

110
00:08:38,830 --> 00:08:39,280
starts.

111
00:08:39,520 --> 00:08:41,810
Dot com is a top level domain.

112
00:08:42,100 --> 00:08:50,050
Google is the domain name assigned to Google and w w W is a subdomain, the subdomains helping further

113
00:08:50,050 --> 00:08:51,190
grouping things together.

114
00:08:51,190 --> 00:08:56,130
Under Google, for example, Google's map service is available at Maps dot Google dot com.

115
00:08:56,620 --> 00:09:01,060
So Maps is a subdomain Google storage service is available at trial.

116
00:09:01,060 --> 00:09:05,350
Dot Google dot com mobile apps are available at Appstore, Google dot com.

117
00:09:05,740 --> 00:09:09,310
Google's email service are available at mail dot com.

118
00:09:09,790 --> 00:09:14,640
You can further divide each of these into as many subdomains based on your needs.

119
00:09:15,070 --> 00:09:17,560
So you begin to see a tree structure forming.

120
00:09:19,560 --> 00:09:25,560
When you try to reach any of these domain names, say, about dot Google dot com from within your organization,

121
00:09:25,860 --> 00:09:29,750
your request first hits your organization's internal DNS server.

122
00:09:30,270 --> 00:09:32,760
It doesn't know who apps or Google is.

123
00:09:33,100 --> 00:09:38,670
It forwards your request to the Internet on the Internet, the IP address of the server serving Appstore,

124
00:09:38,680 --> 00:09:44,760
Google dot com, maybe resolve with the help of multiple DNS servers, a routine server looks at your

125
00:09:44,760 --> 00:09:49,200
request and points you to a server serving dot coms dot com.

126
00:09:49,210 --> 00:09:54,720
The server looks at your request and forwards you to Google and Google's China server provides you the

127
00:09:54,720 --> 00:09:58,320
IP of the server serving the app's applications.

128
00:09:59,040 --> 00:10:06,240
In order to speed up all future results, your organization's DNS server may choose to cache this IP

129
00:10:06,360 --> 00:10:10,590
for a period of time, typically a few seconds up to few minutes.

130
00:10:11,320 --> 00:10:15,180
That way it doesn't have to go through the whole process again each time.

131
00:10:16,290 --> 00:10:18,060
So that was out in the public.

132
00:10:18,570 --> 00:10:20,040
What about your organization?

133
00:10:20,460 --> 00:10:25,290
Your organization can have a similar structure to, for example, your organization could be called

134
00:10:25,290 --> 00:10:32,160
as my company come and have multiple subdomains for each purpose for external facing website.

135
00:10:32,520 --> 00:10:37,890
Moeldoko, my company larcombe for accessing your organization's mail drive, for accessing storage

136
00:10:38,220 --> 00:10:43,470
paid or company account, for accessing the payroll application, hitcher, for accessing our application,

137
00:10:43,470 --> 00:10:43,980
etc..

138
00:10:44,280 --> 00:10:49,260
All of these are configured in your organization's internal DNS server.

139
00:10:50,510 --> 00:10:57,140
The reason we discussed all of this is to understand another entry in the ETSI Resolved file, remember,

140
00:10:57,140 --> 00:11:00,980
this is the file where we configure the DNS server to be used for our host.

141
00:11:01,220 --> 00:11:06,120
With that, we were able to resolve servers in your organization with just their names like Web.

142
00:11:06,440 --> 00:11:12,110
We have now introduced more standard domain names like Web, dot, my company, dot com or DB that my

143
00:11:12,110 --> 00:11:13,450
company, dot com, etc..

144
00:11:13,820 --> 00:11:16,650
Now when you ping where you can no longer get a response.

145
00:11:16,670 --> 00:11:21,950
Of course, this is because we are trying to ping web, but there is no record for by the name web on

146
00:11:21,950 --> 00:11:22,920
my server.

147
00:11:23,240 --> 00:11:25,650
Instead it is web dot, my company dot com.

148
00:11:25,670 --> 00:11:28,440
So you have to use web dot my company dot com.

149
00:11:29,240 --> 00:11:34,370
Now I can understand if someone outside of a company wants to access our web server, he would have

150
00:11:34,370 --> 00:11:36,130
to use web, got my company dot com.

151
00:11:36,470 --> 00:11:42,320
But within our company, your own company, you want to simply address the Web server by its first name,

152
00:11:42,320 --> 00:11:42,740
web.

153
00:11:43,040 --> 00:11:47,690
Just like how you address other members in your family simply by their first names, which is not the

154
00:11:47,690 --> 00:11:52,010
case when someone outside your family addresses them using their full names.

155
00:11:52,430 --> 00:11:57,830
So what do you do to configure web to resolve my web dot my company dot com?

156
00:11:58,590 --> 00:12:05,840
You want to say when I say web, I mean when my company dot com for that you make an entry into your

157
00:12:05,840 --> 00:12:12,800
house, Etsy and resolve the conflict, call search and specify the domain name you want to append.

158
00:12:13,400 --> 00:12:18,980
Next time you try to ping web, you will see it actually tries web up my company dot com.

159
00:12:19,130 --> 00:12:22,760
Now your host is intelligent enough to exclude the search domain.

160
00:12:22,760 --> 00:12:28,700
If you specified a domain in your query like this, you may also provide additional search domains like

161
00:12:28,700 --> 00:12:29,120
this.

162
00:12:29,120 --> 00:12:35,660
So it would mean when I say web, I mean Web, dot my company, dot com or web or prod, dot my company

163
00:12:35,660 --> 00:12:36,190
dot com.

164
00:12:36,920 --> 00:12:41,520
So your host would try searching all of these domain names when you look for a hostname.

165
00:12:42,410 --> 00:12:44,750
Finally, a word about a record types.

166
00:12:45,080 --> 00:12:47,600
So how are the records stored in the DNS?

167
00:12:47,610 --> 00:12:52,730
So we know that it stores IP to host names that's known as air records.

168
00:12:52,910 --> 00:12:57,110
Storing IPV six to host names is known as Quadir Records.

169
00:12:57,590 --> 00:13:02,390
Mapping one name to another name is called C Name Records, for example.

170
00:13:02,390 --> 00:13:08,240
You may have multiple aliases for the same application, like a food delivery service may also be reached

171
00:13:08,240 --> 00:13:09,830
at eat or hungry.

172
00:13:10,370 --> 00:13:12,680
That's where a C name record is used.

173
00:13:12,950 --> 00:13:14,240
Name to name mapping.

174
00:13:14,930 --> 00:13:17,600
There are many more, but that's all we're going to look at for now.

175
00:13:18,440 --> 00:13:23,300
Now, Paing may not always be the right tool to test DNS resolution.

176
00:13:23,750 --> 00:13:26,630
There are a few other tools as well, such as A. Up.

177
00:13:26,990 --> 00:13:31,280
You can use an S lookup to query a hostname from a DNS server.

178
00:13:31,850 --> 00:13:37,390
But remember, in this lookup does not consider the entries in the local ETSI hosts file.

179
00:13:37,760 --> 00:13:43,380
So if you add an entry into the local SC hosts file for your web application and if you try to do an

180
00:13:43,380 --> 00:13:47,060
annex, look up for that web application, it is not going to find it.

181
00:13:47,870 --> 00:13:54,830
The entry for your Web application has to be present in your DNS server and its lookup only queries

182
00:13:54,830 --> 00:13:56,000
the DNS server.

183
00:13:56,910 --> 00:14:03,060
The same goes with Dick Dick is another useful tool to test the enemy's name resolution, it returns

184
00:14:03,060 --> 00:14:09,560
more details in a similar form as is stored on the server in the upcoming Practice Exercises section.

185
00:14:09,660 --> 00:14:15,720
It will practice between configuring and troubleshooting DNS in a lab environment on actual systems

186
00:14:16,080 --> 00:14:18,240
through some fun and challenging exercises.

187
00:14:18,930 --> 00:14:20,430
Well, that's it for this lecture.

188
00:14:20,640 --> 00:14:26,720
And in the next lecture, we look at how to set up an actual DNS server on a system where we will use

189
00:14:26,720 --> 00:14:28,860
accordionists as our DNS solution.

190
00:14:29,430 --> 00:14:31,140
Well, thank you so much for watching.

191
00:14:31,440 --> 00:14:34,700
And don't forget to subscribe to my channel for more videos like this.