Course Summary

This is a complete training course that covers the DNS system and all its constituent parts.
The training is aimed at system administrators or people with similar needs.
It provides practical and theoretical knowledge of DNS and the BIND software.
During the course, a Linux-based operating system is used for the various laboratory sessions.
Participants will learn how to set up and configure BIND to provide functionality that is covered theoretically in the different chapters, such as delegation, redundancy, multiple views, etc.

  • The basic theory behind the domain name system, DNS.
  • The functions of the most common record types.
  • How to configure a DNS server in its different roles.
  • Setting up a DNS server based on BIND in different scenarios.
  • What choices and possibilities you have when designing and managing a DNS environment

For those who want to be able to install, configure, troubleshoot and manage DNS services in different sets and environments.

Basic knowledge of network communication using TCP/IP. For the labs, familiarity with UNIX is helpful, but not essential.

1. structure

  • History
  • DNS construction and queries
  • Functions of the different posts
  • Domain versus zone
  • Recursive or Iterative requests
  • Linkage between different levels
    • ROOT
    • Top Level Domain (TLD)
    • Domain name

2. basic configuration

  • Repetition of Linux commands
  • Configuration files
  • Setting up a zone
  • Tools to monitor/control/configure BIND
  • Verification of functionality and configuration

3. delegation of domains

  • Purpose and meaning of delegation
  • Interaction between upper/underlying servers
  • Glue records
  • Administrative interaction

4. Master and slave servers

  • Security, Redundancy
  • AXFR, IXFR
  • Zone Transfers
  • Interaction between Master and Slave
  • Zone files and synchronization control

5. DNS in detail

  • Basic package format
  • Recursion, Caching
  • Post types
  • Access rights
  • Forwarders

6. Delegation in practice

  • How does it work in Sweden, other countries and between operators?
  • Within your own organization?
  • RIR and IP addresses

7. Reverse lookup

  • Management of in-addr.arpa
  • Delegation of CIDR blocks

8. Security and DNS

  • Vulnerabilities, Security Holes and Updates
  • DNSSEC, TSIG
  • Securing our DNS environment
  • Attacks against DNS
    • DNS Cache Poisoning
    • D.O.S attacker
    • AXFR transfers

9. Advanced configuration of BIND

  • Address translation
  • Multiple Views / Split DNS
  • IPv6 lookup and configuration
  • ÅÄÖ in domain names (IDN)
  • DNS and DHCP, Dynamic updates
  • Interconnection with SPAM protection.

Exercises:

  • Installation and set-up of BIND.
  • Delegation of forward and reverse domains.
  • Communication with upper and lower domains.
  • Configuring the firewall with BIND
  • Setting up office networks with multiple views.
  • Testing and verification of BIND configuration
  • Securing BIND in a chrooted environment

 

Course Overview

25 900 kr

3 days

Can’t find a (suitable) date, but are interested in the course? Send in an expression of interest and we will do what we can to find a suitable opportunity.

Customized Courses

The course can be adapted from several perspectives:

  • Content and focus area
  • Extent and scope
  • Delivery approach

In interaction with the course leader, we ensure that the course meets your needs.

Skicka intresseanmälan för utbildningen

Send an expression of interest for the training