Configuring DNS with Dnsmasq

Loading...

來自 Google 的課程

System Administration and IT Infrastructure Services

2852 個評分

Google

System Administration and IT Infrastructure Services

2852 個評分

課程 4（共 5 門，Specialization Google IT Support Professional Certificate）

This course will transition you from working on a single computer to an entire fleet. Systems administration is the field of IT that’s responsible for maintaining reliable computers systems in a multi-user environment. In this course, you’ll learn about the infrastructure services that keep all organizations, big and small, up and running. We’ll deep dive on cloud so that you’ll understand everything from typical cloud infrastructure setups to how to manage cloud resources. You'll also learn how to manage and configure servers and how to use industry tools to manage computers, user information, and user productivity. Finally, you’ll learn how to recover your organization’s IT infrastructure in the event of a disaster. By the end of this course you’ll be able to: ● utilize best practices for choosing hardware, vendors, and services for your organization. ● understand how the most common infrastructure services that keep an organization running work, and how to manage infrastructure servers. ● understand how to make the most of the cloud for your organization. ● manage an organization’s computers and users using the directory services, Active Directory, and OpenLDAP. ● choose and manage the tools that your organization will use. ● backup your organization’s data and know how to recover your IT infrastructure in the case of a disaster. ● utilize systems administration knowledge to plan and improve processes for IT environments.

從本節課中

Network and Infrastructure Services

In the second week of this course, we'll learn about network and infrastructure services. We will cover what IT infrastructure services are and what their role is in system administration. We'll also learn about server operating systems, virtualization, network services, DNS for web services, and how to troubleshoot network services. By the end of this module, you will know the most common IT infrastructure services you'll encounter when handling system administration tasks.

Configuring DNS with Dnsmasq6:14

Configuring DHCP with Dnsmasq7:51

與講師見面

Google

In large enterprise deployments,

you probably have different programs serving each of

the networking services that we covered in this module.

In smaller set-ups you may be better off having

a centralized solution that handles all services.

Let's look at dnsmasq;

a program that provides DNS,

DHCP, TFTP and PXE services in a simple package.

This will let us do some hands on configuration of

these services even if it's not as complex as other networking solutions.

Let's start by installing dnsmasq in this machine.

So, I'm going to type in sudo apt get install dnsmasq.

Once we've installed dnsmasq it's immediately enabled with the most basic functionality.

It provides a cache for DNS queries.

This means that you can make DNS requests to it,

and you'll remember the answer so your machine doesn't need to

ask an external DNS survey each time you make the query.

In order to check this functionality,

we'll use the dig command,

which lets us query DNS servers and see their answers.

So, let's ask our DNS server running in local host for the address of www.example.com.

We do this by running dig www.example.com @localhost.

The part after the at sign indicates which DNS server we want to use.

Here, we have the reply from our query.

Our DNS server is telling us the IP address for the domain example.com.

How do we know that this query was actually

answered by the service the machine is running?

We can run the service in debug mode so we get

more information about what's going on behind the scenes.

This isn't how you would normally run the service,

but it's useful for understanding what's happening.

So, let's stop the dnsmasq service that's running,

and then start it in debug mode.

So now, I'm going to type in sudo service dnsmasq stop,

then type in sudo dnsmasq the -d and then pass the -q.

By passing d and q,

we're telling dnsmasq that we want to run it in

debug mode and that we wanted to log the queries that we execute.

When it starts, it prints in the compilation options

that are enabled and the configuration files that are used.

Now, we can query again with our friendly dig command.

If we run the command again,

we will get the same answer and we'll see the debug output in the dnsmasq console.

So, in my second console now,

I'm going to go ahead and type in dig www.example.com @localhost.

This is showing us that our dnsmasq service received the query,

forward it to the configure DNS server and then reply to the original machine.

If we query for the same host name again,

we'll see that instead of asking the other DNS server,

dnsmasq replies with the cached query.

So now my second console.

I'm going to type in, again, dig www.example.com @localhost.

So, if I hit enter, for now a dnsmasq is operating as a simple caching DNS server.

But we can make it do more than that.

For example, we can give it a list of host names and

IPs and had this service give authoritative answers for them.

You might remember that when trying to resolve a host name to an IP,

they can be servers that store the information about the mappings,

which can then provide the authoritative answers while other servers

will only be able to forward and delegate

the queries to the server that had the information.

These files have the same format as the exe host file.

I created this file that lists the internal host that I want to be able to resolve.

So, I'm going to type in cat myhosts.

As you see, it's a very simple format.

You just had to list which IP is associated with each host.

We use the h parameter to tell us

dnsmasq that we want to include this list in the information being served.

So, I'm going to cancel this,

clear and I'm going to type in

sudo dnsmasq -d -q -H myhosts.

Now that we have our list of host loaded,

let's query with dig.

So now, my second console.

I'm going to type in dig oxygen.local @localhost.

As dnsmasq is authoritative about this host,

there's nobody to forward the question to.

It also lists which file is using to get the information need.

Finally let's see what the output looks like when

we ask for information that it doesn't have.

So I'm going to type in dig hydrogen.local @localhost.

We see that it replied that the authoritative service are

the root servers but that I couldn't find any results.

What did the running dnsmasq say?

Since the requested name isn't in the list of hosts known to our DNS server,

it forwarded the query to the configure DNS server.

The reply for that was NXDOMAIN which means none existent

domain.While dnsmasq is as simple as it gets,

you've now seen what a DNS server looks like in action. Cool, right?

探索我們的目錄

免費加入並獲得個性化推薦、更新和優惠。

Coursera 致力於普及全世界最好的教育，它與全球一流大學和機構合作提供在線課程。

© 2019 Coursera Inc. 保留所有權利。

通過 App Store 下載

通過 Google Play 獲取