Page 260
The resolver library enables client programs to perform DNS queries. This library is built into the standard library under Linux.
nslookup is a utility invoked from the command line to ensure both the resolver and the DNS server being queried are configured correctly. nslookup does this by resolving either a hostname into an IP address or an IP address into a domain name. To use nslookup, simply provide the address you want to resolve as the parameter to nslookup—for example,
nslookup rane.domain.com
The result should look something like this:
[root@vestax /root]# nslookup rane.domain.com Server: numark.domain.com Address: 192.168.42.1 Non-authoritative answer: Name: rane.domain.com Address: 192.168.42.8
The traceroute utility allows you to determine the path a packet is taking across your network and into other networks. This is very useful for debugging network connection problems, especially when you suspect the trouble is located in someone else's network.
Using the ICMP protocol (same as ping), traceroute looks up each machine along the path to a destination host and displays the corresponding name and IP address for that site. With each name is the number of milliseconds each of the three tiers took to get to the destination.
To use traceroute, use the destination hostname or IP address as the parameter—for example,
traceroute www.hyperreal.org
would return something similar to the following:
traceroute to hyperreal.org (204.62.130.147), 30 hops max, 40 byte packets
1 fe0-0.cr1.NUQ.globalcenter.net (205.216.146.77) 0.829 ms 0.764 ms 0.519 ms
2 pos6-0.cr2.SNV.globalcenter.net (206.251.0.30) 1.930 ms 1.839 ms 1.887 ms
3 fe1-0.br2.SNV.globalcenter.net (206.251.5.2) 2.760 ms 2.779 ms 2.517 ms
4 sl-stk-17-H10/0-T3.sprintlink.net (144.228.147.9) 5.117 ms 6.160 ms 6.109 ms
5 sl-stk-14-F0/0.sprintlink.net (144.228.40.14) 5.453 ms 5.985 ms 6.157 ms
6 sl-wired-2-S0-T1.sprintlink.net (144.228.144.138) 10.987 ms 25.130 ms 11.831
Âms
7 sf2-s0.wired.net (205.227.206.22) 30.453 ms 15.800 ms 21.220 ms
8 taz.hyperreal.org (204.62.130.147) 16.745 ms 14.914 ms 13.018 ms
If you see any start characters (such as *) instead of a hostname, that machine may likely be unavailable for a variety of reasons (network failure and firewall protection being the most common). Also be sure to note the time it takes to get from one site to another. If you feel your connection is going excessively slow, it might just be one connection in the middle that is slowing you down and not the site itself.
traceroute is also a good way to measure the connectivity of a site. If you are in the process of evaluating an ISP, try doing a traceroute from its site to a number of other sites, especially to
Page 261
large communications companies such as Sprint (www.sprint.net) and MCI. Count how many hops as well as how much time per hop it takes to reach its network. This is often reasonable grounds for comparing one ISP to another.
As mentioned earlier, DNS comes in three flavors: primary, secondary, and caching.
Primary DNS is the most authoritative of the three. When a DNS server is primary for a domain, it is considered to have the most up-to-date records for all the hosts in that site.
Secondary DNS is not quite as authoritative as primary, but it is considered authoritative. Typically, backup or offsite DNS servers for a domain are configured as secondary; hence, they don't receive the updates as quickly as the primary servers do. For all practical purposes though, they are considered authoritative.
Caching DNS servers are not authoritative at all. When a query is made to a caching server for the first time, the query is forwarded to an authoritative server. If that server is not authoritative over the domain being queried, the request is forwarded until the authoritative server answers the query and returns it back to the caching server. The caching server keeps the entry in its local cache and continues to return that answer until the entry expires.
All DNS servers should be configured to perform caching functions.
Depending on your site's configuration, you might not even need a nameserver of your own. For instance, if you are connecting to an already existing network, there might already be a nameserver for you to use. On the other hand, if you are setting up a new department, you might want to set up a caching server for your local machines to reduce load on your site's primary server.
| TIP |
If you plan on setting up and using a PPP connection, you should definitely set up your own caching DNS server. This will reduce the load on your PPP connection. |
This is the file that is read in when named is started. Each line in the named.boot file begins with a keyword or a semicolon indicating that line to be a comment. The format of the file is
; Comments begin with the semicolon directory directory_name cache . filename primary domain filename secondary domain ip_addr filename forwarders ip_addr [...]
Page 262
The directory keyword tells named where any filenames mentioned in the configuration are located in the system.
The cache keyword makes named perform caching functions. The file listed at the end of the cache line contains a list of all the root DNS servers on the Internet. These root servers are needed to prime named's cache. You can get the latest list of root servers from the InterNIC at ftp://rs.internic.net/domain/named.cache.
Lines beginning with primary indicate that the server is a primary DNS server for the listed domain. The entries for that server are listed in the file noted at the end of the line.
As you can predict, lines beginning with secondary make named behave as a secondary DNS server for the specified domain. This entry requires two parameters for a given domain: the IP address of the primary server and the file into which it should cache the entries pulled from the primary server. Depending on how the primary server is configured, the cached data is updated periodically via a zone transfer.
The forwarders line tells named to whom DNS queries should be forwarded if it cannot resolve queries on its own. If you are running a caching-only server, this should be your secondary or primary server for your site. If you are primary for your site, this should forward to your ISP's DNS server.
As shown in the preceding section, the primary line in the /etc/named.boot file points to a file that contains the information needed by named in order to be primary for the specified domain. The file format for these configuration files are unfortunately a bit tricky and require care when setting up. Be especially careful with periods. A misplaced period can quickly become difficult to track down.
The format of each line in the configuration file is as follows:
name IN record_type data
name is the hostname you are dealing with. Any hostnames that do not end in a period automatically get the domain name appended to them. The second column, IN, is actually a parameter telling named to use the Internet class of records. Two other classes exist: CH for ChaosNet and HS for Hesiod. ChaosNet has been long obsolete and HS was meant to be a replacement for NIS but has been overshadowed by NIS+.
The third and fourth columns, record_type and data, respectively, indicate what kind of record you are dealing with and the parameters associated with it. There are eight possible records: