1
00:00:00,000 --> 00:00:17,519
Hey guys and welcome back. In the previous nugget we had just began the configuration

2
00:00:17,519 --> 00:00:25,160
of our DNS zone. So you will recall that within this configuration file named d.conf.local

3
00:00:25,160 --> 00:00:30,960
we specified some database files that actually do not exist. So as such we're going to have

4
00:00:30,960 --> 00:00:35,799
to create them. So all I will do here is I'll just copy this right here and I will just

5
00:00:35,799 --> 00:00:41,480
say sudo touch to create this file. Type in my password. Again the reason why I'm saying

6
00:00:41,480 --> 00:00:47,120
sudo is because we are within the etsy bind directory. So within etsy we need to have

7
00:00:47,120 --> 00:00:53,480
super user privileges. And again with respect to the reverse zone file. Let's copy this

8
00:00:53,479 --> 00:01:00,279
and I'll say sudo touch. So now if I do an ls we actually have the file created for our

9
00:01:00,279 --> 00:01:05,039
forward zone as well as our reverse zone. Now these are just empty files right now.

10
00:01:05,039 --> 00:01:11,039
They do not configure or rather contain any configurations. So now we can actually begin

11
00:01:11,039 --> 00:01:16,319
populating these files with the correct content. But a good tip to actually start off is to

12
00:01:16,319 --> 00:01:21,640
use one of the already created files as a general template. So what I'm going to do is I'm going

13
00:01:21,640 --> 00:01:28,799
to go into this db.local file and all this is going to be is used as a skeleton template

14
00:01:28,799 --> 00:01:33,319
because our database file for our forward zone and the reverse zone is going to be quite

15
00:01:33,319 --> 00:01:38,760
similar to this with some basic modification. So what I will do here is I'm actually going

16
00:01:38,760 --> 00:01:45,879
to go out and I will say sudo cp and I will copy the local database file db.local and

17
00:01:45,879 --> 00:01:52,599
I'm going to copy it into my ipv0.com.db. So that's now copied. If I now go into my

18
00:01:52,599 --> 00:02:00,759
ipv0 file now we can see here it's basically just a copy of that db.local file. But like

19
00:02:00,759 --> 00:02:06,159
I say we're going to have to make some modification. Now there are some particular values we have

20
00:02:06,159 --> 00:02:12,280
to be aware of. The first value we can see here is the SOA. This is going to be the start

21
00:02:12,280 --> 00:02:17,159
of authority. This is going to tell us pretty much who is responsible for our domain as

22
00:02:17,159 --> 00:02:22,000
well as what our domain actually is. Right now it's saying here that the domain is local

23
00:02:22,000 --> 00:02:27,599
host that is not the configuration we want. So let's begin with some basic modifications.

24
00:02:27,599 --> 00:02:32,639
So what I'm going to do is I'm going to delete this and I'm going to give this server a particular

25
00:02:32,639 --> 00:02:39,039
name. We just call this my server dot and this is going to be within the ipv0.com domain

26
00:02:39,400 --> 00:02:45,280
and what I'm going to do at the very end I'm going to add on the period because the period

27
00:02:45,280 --> 00:02:50,399
actually is part of the fully qualified domain name. Now I'll specify who is responsible.

28
00:02:50,399 --> 00:02:57,079
This is going to be the root for that domain. So I will just say dot ipv0.com and again

29
00:02:57,079 --> 00:03:02,159
we want to be remembering that period at the very end of the domain name. Now we're going

30
00:03:02,159 --> 00:03:06,519
to see a bunch of these values. The first one here is serial. Now this can actually be

31
00:03:06,600 --> 00:03:12,880
an arbitrary value. We can see it's the value 2 right now but the value could be 1342. It

32
00:03:12,880 --> 00:03:18,760
doesn't actually matter what is important is that the actual value of the serial matches

33
00:03:18,760 --> 00:03:25,879
between my forward zone which is this configuration file right here ipv0.com dot db as well as

34
00:03:25,879 --> 00:03:30,920
the next configuration file. I'm going to be creating the reverse zone file. So we want

35
00:03:30,919 --> 00:03:37,560
to have the same value here. Have them to synchronize together. Now every time you make a change

36
00:03:37,560 --> 00:03:43,319
to this configuration file you want to increment this value. So if I happen to later on make a

37
00:03:43,319 --> 00:03:50,359
change to this file I would change it from 2 to maybe say 3 and then in the reverse zone match

38
00:03:50,359 --> 00:03:55,239
that up to. So right now I'm going to be making a change right now so I'll change this to 3. Now

39
00:03:55,239 --> 00:04:00,359
we also have additional information relating to our TTL how long information is going to be

40
00:04:00,440 --> 00:04:05,320
cached, how long we should wait for retries and expiration so on so forth but for now we will

41
00:04:05,320 --> 00:04:10,760
actually just skip ahead and just focus on that serial value by incrementing it and making sure

42
00:04:10,760 --> 00:04:15,880
we have the same value in the next configuration file we're going to be creating. But for now

43
00:04:15,880 --> 00:04:20,439
what I'm going to do is I'm going to go down here and this is where I can specify my particular

44
00:04:20,439 --> 00:04:24,920
record. So what I'm going to do here is I'm going to delete a whole bunch of this stuff right here

45
00:04:24,920 --> 00:04:30,280
and I delete this here. So this at symbol right here this is what I'm going to use to delineate

46
00:04:30,439 --> 00:04:37,399
these particular records and values. So I will say at in and then the type of record I want to

47
00:04:37,399 --> 00:04:42,599
create this is going to be for my name server. Now what is my name server actually going to be?

48
00:04:42,599 --> 00:04:49,159
It's going to be I specified my server ipv0.com and then again that dot at the very end. So I'll

49
00:04:49,159 --> 00:04:59,159
say my server dot my domain dot ipv0.com and then a dot again do not forget that. Now what I want

50
00:04:59,240 --> 00:05:04,760
to do is I want to correlate my server with a particular ip address. So within here I'm going

51
00:05:04,760 --> 00:05:11,720
to say my server and then I'll do my tab I'll do in tab and then the type of record this time is going

52
00:05:11,720 --> 00:05:18,920
to be an a record. Now you will remember that an a record correlates to an ipv4 address. So again

53
00:05:18,920 --> 00:05:24,120
I'll hit tab and now what I'll do here is specify the particular ipv4 address I want to correlate

54
00:05:24,120 --> 00:05:31,639
here. So I'll say 192.168.0.44 that is the ip address of my particular server here. Now what I'm

55
00:05:31,639 --> 00:05:36,120
going to do is to create another namespace just for demonstration for something that doesn't

56
00:05:36,120 --> 00:05:42,199
actually exist. So I'll just call this I don't know email server maybe and I'll tab I'll say in

57
00:05:42,199 --> 00:05:50,519
I'll make it an a record once again and I'll just specify an arbitrary ip address 192.168.0.50. I

58
00:05:50,519 --> 00:05:55,479
don't actually have this server on my network that doesn't actually matter right now I just want to

59
00:05:55,479 --> 00:06:00,279
be able to show you that we can have these records so that when we look at particular pieces of

60
00:06:00,279 --> 00:06:04,839
information they're going to resolve to the information we specify within this configuration

61
00:06:04,839 --> 00:06:12,759
file. So like I say I've created my server I have it here mapped to this ip address I have my actual

62
00:06:12,759 --> 00:06:19,159
domain here I have root.ipv0.com I'm making sure I have my periods at the end and I've just created

63
00:06:19,160 --> 00:06:25,880
also this arbitrary namespace for resolution just for the purposes of my testing. Again one

64
00:06:25,880 --> 00:06:31,400
thing we want to be remembering is this serial number I have it at the value 3. Now let's move

65
00:06:31,400 --> 00:06:36,840
on to the next file and in fact before I actually do that what I'm going to do here I'm going to

66
00:06:36,840 --> 00:06:44,360
copy from the TTL down to my semicolon here okay so I'll save this file I'll go out. Now what I

67
00:06:44,360 --> 00:06:51,319
want to do is I want to modify my reverse file so I'll say sudo nano and then 0168 go into this

68
00:06:51,319 --> 00:06:56,759
file right here this should be empty what I'll do is I'll paste this in there we go so like I say here

69
00:06:56,759 --> 00:07:05,080
all this information is going to match my server ipv0.com root.ipv0.com and crucially this serial

70
00:07:05,080 --> 00:07:11,000
value it has been incremented and it is matching between these two files so again what I'm going

71
00:07:11,000 --> 00:07:17,079
to do is use my at symbol I'll tab I'll say in I will tab over I'm going to specify my name server

72
00:07:17,079 --> 00:07:25,959
once again this is going to be my server.ipv0.com. There we go and now what I want to do here is I'm

73
00:07:25,959 --> 00:07:33,800
going to create what is called a pointer record now I actually could specify the entire ip address

74
00:07:33,800 --> 00:07:40,519
that I want to be mapping here so because we are in this configuration file 0.168.192

75
00:07:40,599 --> 00:07:49,560
I can just use the last octet so remember how my ip address is 192.168.0.44 which matches this right

76
00:07:49,560 --> 00:07:54,919
here in reverse like I say I can actually just leave this off and use the relative value just

77
00:07:54,919 --> 00:08:03,240
specify the host here okay so if I just say 44 it's going to be resolved to 192.168.0.44 so again

78
00:08:03,240 --> 00:08:08,680
I'll move in I will say in this time the record is going to be a ptr record remember we talked about

79
00:08:08,680 --> 00:08:13,480
this in the previous skill the pointer record for the reverse lookup this is what we're doing right

80
00:08:13,480 --> 00:08:19,240
here now what do I actually want to specify here I want to specify that the reverse lookup

81
00:08:19,240 --> 00:08:29,319
444 is going to go to my server like I say my server.ipv0.com.com and also if I just save this

82
00:08:29,319 --> 00:08:36,440
temporarily and go back out if I go back into the ipv0 database one we're matching this address here

83
00:08:36,440 --> 00:08:43,720
to my server we also created this fictional email server to the address .50 so let's add that one

84
00:08:43,720 --> 00:08:49,880
into so I will say 50 will be the address I will say in this will be a ptr and this is going to be

85
00:08:49,880 --> 00:08:58,200
email server and it's part of the ipv0.com domain . if I actually just save this right now and I

86
00:08:58,200 --> 00:09:05,480
escape what I want to do here is to actually verify that my configuration files are indeed correct

87
00:09:05,480 --> 00:09:09,800
now we do have a command that we can use to check these configuration files so we do want to be

88
00:09:09,800 --> 00:09:15,879
remembering this for the purposes of the examination we're going to say named hyphen check zone and then

89
00:09:15,879 --> 00:09:20,840
what I'm going to do is I'm going to check the actual zone itself which is going to be ipv0.com

90
00:09:20,840 --> 00:09:26,039
and then I want to match it with the particular configuration file which in this case is this

91
00:09:26,039 --> 00:09:34,279
one right here so I will say ipv0.com.db if I hit enter it tells me everything is okay and we can

92
00:09:34,279 --> 00:09:40,759
actually see the serial value which is three has been loaded when we see this output it means that

93
00:09:40,759 --> 00:09:46,120
the configuration file appears to be correctly configured that's a good start now the next

94
00:09:46,120 --> 00:09:53,319
thing we want to do is we want to check the reverse zone also so I'll say named check zone as we did

95
00:09:53,400 --> 00:10:04,920
before and now what I want to do is to use that reverse lookup so I will say 0.168192.naddr.arpa

96
00:10:04,920 --> 00:10:11,960
and now I want to provide the reverse zone configuration file which is as we know this one

97
00:10:11,960 --> 00:10:21,400
right here so I'll say 0.168.192.db and if I hit enter again we get the same output everything is

98
00:10:21,399 --> 00:10:26,919
okay we can see it's been loaded and again we notice here we have parity between these serial

99
00:10:26,919 --> 00:10:33,399
values of three now what I want to do is I want to make sure that my bind9 server is indeed started

100
00:10:33,399 --> 00:10:39,399
so I will say sudo service bind9 start there we go and if you want you can restart the service

101
00:10:39,399 --> 00:10:45,639
and now what I want to be able to do is to test that the resolution here is indeed working so we

102
00:10:45,639 --> 00:10:51,240
can do this with the dig commands I'll say dig and what I want to do is I want to specify the

103
00:10:51,240 --> 00:10:57,799
server I want to use so the server is going to be 192.168.0.44 that's the server I want to use

104
00:10:57,799 --> 00:11:03,240
and now what I want to do is I want to specify the domain I want to query so I apparently created one

105
00:11:03,240 --> 00:11:11,080
called ipv0.com let's see if this local server has information about this domain that we've just

106
00:11:11,080 --> 00:11:17,400
created so if I hit enter here indeed we can see information relating to this particular server

107
00:11:17,400 --> 00:11:24,200
here all this information that we created within our configuration file now we also if you recall

108
00:11:24,200 --> 00:11:31,160
created particular records with respect to our server now remember if we go into our configuration

109
00:11:31,160 --> 00:11:38,440
files we can see here we actually have records for my server dot ipv0.com as well as email server

110
00:11:38,440 --> 00:11:47,320
let's see if those are actually resolving also so I will say dig and I'll query my local DNS of 192.168.0.44

111
00:11:47,320 --> 00:11:52,200
of course this will be a different value for you on your machine and now what I want to do is I'm

112
00:11:52,200 --> 00:12:00,440
going to query my server dot ipv0.com check this out we can actually see here we have the a record

113
00:12:00,440 --> 00:12:06,840
which correlates this particular value to this particular IP address we see the answer section

114
00:12:06,840 --> 00:12:13,800
we see the authority section the name server and if I add a up and I change this to I believe it was

115
00:12:13,800 --> 00:12:21,720
called email server and to enter now here we can see the email server is actually correlating via

116
00:12:21,720 --> 00:12:29,720
the a record to this particular IP address which we specified so this is really quite cool one thing

117
00:12:29,720 --> 00:12:36,200
I will also add is that we can also add additional record remember we had things like the mx record

118
00:12:36,200 --> 00:12:44,920
or the cname record we can also add them into so if I go into sudo nano and I go into my ipv0.com.db

119
00:12:44,920 --> 00:12:51,080
what I can do here is add additional records and one thing I should actually add here is that noting

120
00:12:51,080 --> 00:12:57,320
that the semicolon terminates the end of a line we can actually use these to invoke particular

121
00:12:57,320 --> 00:13:02,360
comments to make our configuration file look a little bit neater so say for example after this

122
00:13:02,440 --> 00:13:10,279
semicolon I could just say my server and then I can do a semicolon here and I'll just say my a records

123
00:13:10,279 --> 00:13:17,159
and now I can do a semicolon and I'll just say my cname records I can just do in brackets aliases

124
00:13:17,159 --> 00:13:23,639
and what I could specify here is just some nice shorthand aliases for my lookups I could just

125
00:13:23,639 --> 00:13:30,600
maybe use the word mail I'll say in I'll make this a cname type record and what do I want to make that

126
00:13:30,600 --> 00:13:38,840
an alias for I'll make an alias for email server dot ipv0.com remember in the dot on the very end

127
00:13:38,840 --> 00:13:44,279
and because I've made a configuration change let me go up to my serial value I will increment that

128
00:13:44,279 --> 00:13:50,360
to four save you exit let me just go back into my reverse I'll just match that up with four as well

129
00:13:50,360 --> 00:13:57,879
also save you exit I will restart my server let me check my configuration file is a okay it appears

130
00:13:57,879 --> 00:14:04,919
everything is working fine so now I could say nslookup mail dot ipv0.com and I'll use my local

131
00:14:04,919 --> 00:14:12,039
server of 192 1680.44 if I hit enter check this out we can actually see here based on the record

132
00:14:12,039 --> 00:14:18,840
we specified we actually have a mapping between mail dot ipv0.com to the canonical name email

133
00:14:18,920 --> 00:14:27,720
server dot ipv0.com and we actually get such information right here the 192 1680.50 ip address

134
00:14:27,720 --> 00:14:33,080
that we had actually linked with the email server within our records what we could also do is we

135
00:14:33,080 --> 00:14:41,000
could say nslookup we can look up the ip address 192 1680.50 and we will use our local server 192

136
00:14:41,000 --> 00:14:48,680
1680.44 if I hit enter we can actually see here we can successfully resolve this ip address to

137
00:14:48,679 --> 00:14:56,120
this particular domain information that we had specified similarly we can look up 192 1680.44

138
00:14:56,120 --> 00:15:04,120
again using our local dns server here and to enter and we can also resolve that information too so as

139
00:15:04,120 --> 00:15:10,120
we can see here there are a few different moving parts with respect to getting our dns zone configuration

140
00:15:10,120 --> 00:15:15,639
setup we have to specify our forward lookups our reverse lookups we can also add in things such

141
00:15:15,639 --> 00:15:21,720
as canonical names as well as things we did not even touch such as mx records but for the purposes

142
00:15:21,720 --> 00:15:28,279
of the examination those are the main key concepts that we have to understand when creating our

143
00:15:28,279 --> 00:15:34,120
configuration files okay docks I hope this has been informative for you and I'd like to thank you for viewing