Explaining Network Services

# Explain the Use of Network Addressing Services DNS (port 53) converts complex IP to human readable URL, it also works the other way. This allows me to type google.com into a browser, DNS will look up the IP and take me there automatically. ## Dynamic Host Configuration Protocol DHCP port (68 & 69) -> gives new machines an IP on a network - you can also statically configure specific machines to always get the same IP when the machine is powered on - arp broadcasts from the host to find and acquire DHCP and IP ## DHCP Server Configuration - Appliance vs NOS implementation - Scope - Range of IP address available to lease to clients on a particular subnet - Defined by start and end IP addresses and netmask - Redundant DHCP services should use non-overlapping address pools - automatic IP assignment means -> leasing addressing to machines, there will be a TTL where the IP will drop dead and DHCP will give another IP ## DHCP Options Configuration - Lease time determines how long client keeps it address - long lease reduces DHCP traffic but may risk address pool exhaustion - Environments with high host turnover will configure short leases - T1 time and T2 timers - client can renew after 50% of the lease time has passed in order to keep the same IP - after 87.5% has passed the client will try to renew with any available DHCP server - Options - Default gateway - IP address(es) of DNS servers - DNS suffix (domain name) to be used by the client - NTP, file transfer (TFTP), VoIP proxy, etc.. - Server options vs scope options ## DHCP Reservations and Exclusions - static assignments and exclusions - Things like servers will use this - use IP addresses outside the address pool - Exclude specific IP address from pool range - MAC/IP reservation - ALWAYS allocate a device the same pre-selected IP - mapped to MAC address or NIC ID - Automatic allocation - Leased IPs ## DHCP Relay and IP Helper - DHCP relay agent/RFC 1542 compliant router - Forwards BOOTP/DHCP traffic broadcasts to a specified interface for a DHCP server - forwards responses from server back to appropriate client subnet - basically relays arp DHCP broadcasts to the correct port the DHCP server is on - IP helper - Cisco command supporting operation of DHCP relay - Can forward various types of broadcast traffic (not just DHCP) ## DHCPv6 Server Config - Client uses multicast ff:02::1:2 to locate server over port UDP/546 (client) and UDP/547 (server) - Stateless - Host obtains prefix from router advertisement (RA) - RA advertises presence of DHCPv6 server to provide additional options - Stateful - DHCPv6 server provides routable IPv6 address # Explain the use of Name Resolution Services ## Host Names and FQDN - Fully qualified domain name (FQDN) - host name + domain suffix (the domain the machine belongs to) `ipconfig /all` - "localhostname.DNSsuffix" - "fatdaddygamingmachine.attlocal.net" - Domain suffix - Domain name + top level domain (TLD) - Sub domains - Naming rules - hostname must be unique within domain - labels separated by periods - max length of 253 characters overall and 63 characters per label (excluding periods) ## Domain Name System (DNS) - hierarchical distributed database of name resource records - root domain contains 13 servers (a-M) - generic Top level domains (TLDs) managed by ICANN and regional registries - Domains can be registered within an appropriate TLD - TLD types: - generic: .com, .org. net, .info, etc... - sponsored: .gov, .edu, etc... - country code: .uk, .ca, .de, etc... - always read from left to right ![[Pasted image 20230525105147.png|500]] ## Name Resolution Using DNS ![[DNS resolution.png]] ## Resource Record Types - start of authority (SOA) - primary DNS name server that is authoritative for the zone - contact information for the site (responsible person, serial number, zone) - Serial number for version control - Name Server (NS) - 2 or more NS records are usually configured for redundancy - Primary (editable) vs secondary (read-only) - you dont want people to have access to your primary SOA dns server, as they could map out your entire network ## Host Address and Canonical Name Records - IPv4 Host (A) - host records to resolve a name to an IPv4 Records - IPv6 Host (AAAA) - Host record to resolve a name to an IPv6 address - Canonical Name (CNAME) - Alternative name for a particular A or AAAA record ## Mail Exchange, Service, and Text Records - Mail exchange (MX) - Identifies a host record that functions as an email server for the domain - Servers distinguished by priority value - Service (SRV) - Identifies a host record that is providing a particular network service or protocol - think.... kerberos, ldap - Text (TXT) - stores an free-form text that may be needed to support other network services (text records) - Sender policy Framework (SPF) - DomainKeys Identified E-mail (DKIM) ## Pointer Records - Forward vs reverse lookup zones - Forward -> is everything above, looks at the A record. resolves names to IP **NAMES -> IP ADDRESS** - Reverse -> (PTR) resolve IP address to names **IP ADDRESS -> NAMES** - Pointer (PTR) - Resolves an IP address to a host name - in.addr.arpa domain - ip6.arpa domain # Configure DNS Services ## DNS Server Configuration - Service on port UDP/53 or TCP/53 - TCP is needed if IPv6 is used or using DNSSEC - Zones: - Primary -> zone records held on the server are editable. Changes must be carefully replicated and synced. MUST update serial number for each change - Secondary -> server holds a read only copy of the zone. - Maintained thru a process of replication called zone transfer from a primary web server. - secondary server is typically provided on 2 or more separate servers to provide fault tolerance and load balancing. - serial number is critical for the zone transfer - Cache-only -> don't maintain a zone - non authoritative records - Authoritative (holds zone records) vs non-authoritative (responds from cache) - name server holding complete records for a domain is **AUTHORITATIVE** - a record in the zone identifies the server as a name server for that namespace - Primary and secondary name servers are authoritative - DNS caching - each resource record can have a default TTL value measured in seconds - instruct resolvers how long a query result can be kept in cache - settings a low TTL allows records to be update more quickly but increases server load and client latency - Server vs client cache - performed by bother server and client machines - If there is a change to a resource record, server and client caching means that the updated record can be relatively slow to propagate around the Internet. These changes need to be managed carefully to avoid causing outages. ## Internal vs External DNS - internal DNS zones - Name records for private servers and services - Only available to internal clients - block access from internet - internal applications (SQL databases, records, helpdesk) - External DNS zones -> records you want the public to see, like web services - Public services (websites, email, etc.) - Host on **internet-accessible** name servers - Forwarding and conditional forwarding - name servers can be configured to resolve queries via forwarding. A forwarder transmits a client query to another DNS server and routes the replies it gets back to the client. A conditional forwarder performs this task for certain domains only. For example, you might configure a DNS server that is authoritative for the local private network (internal DNS), but that forwards any requests for Internet domains to an external DNS resolver run by your ISP. - The function of a resolver is to perform recursive queries in response to requests from client systems (stub resolvers). - If a name server is not authoritative for the requested domain, it can either perform a recursive query to locate an authoritative name server or it can forward the request to another name server. ## nslookup way to query DNS. `nslookup -Option Host DNSServer` ## dig this is a security tool Domain Information Groper (dig) - cli tool for querying DNS servers that ship with the BIND DNS soft ware publish by ISC Dig can be run pointing at a specific DNS server; otherwise, it will use the default resolver. Without any specific settings it queries the DNS root zone. A simple query looks like: `dig host`. -> this will search the address record for the host domain, or FQDN or PTR record for an IP address.