====== Topic 207: Domain Name Server ======

Perteneciente a [[informatica:certificaciones:lpic:lpic-2|LPIC-2]]

Deberás poder configurar BIND para que funcione como un servidor DNS solo de almacenamiento en caché. Crear un archivo de zona para una zona de avance o retroceso y sugerencias para servidores de nivel raíz. Configurar un servidor DNS para que se ejecute como un usuario no root y se ejecute en una jaula chroot.

Módulos:

  * [[informatica:certificaciones:lpic:lpic-2:207_domain_name_server:207.1|207.1 Basic DNS server configuration]] (3)
  * [[informatica:certificaciones:lpic:lpic-2:207_domain_name_server:207.2|207.2 Create and maintain DNS zones]] (3)
  * [[informatica:certificaciones:lpic:lpic-2:207_domain_name_server:207.3|207.3 Securing a DNS server]] (2)

Lo importante de cara al examen:

  * Localización de los ficheros de configuración y utilidades de sevidor BIND.
  * Tipos de servidores DNS (master, slave, cache).
  * Definición de zonas.
  * Creación y modificación de ficheros de zonas directa e inversa.
  * Uso de directivas allow-query/allow-transfer.
  * Configuración Bind en chroot.
  * Conocimiento de DNSSEC.
  * Configuración y uso de firmas de transacción (TSIG).
===== Tests =====

**What is the purpose of a PTR record?**

  * To provide name to IP resolution. 
  * To provide IP to name resolution. (**Solución**)
  * To direct email to a specific host.
  * To provide additional host information.
  * To direct clients to another nameserver .

**Using only commands included with named, what is the command, with options or parameters, to make named re-read its zone files?**

  * ''rndc reload''

**According to the configuration below, what is the e-mail address of the administrator for this domain?**

<code>
$TTL 86400
$ORIGIN certkiller.com
@    IN    SOA    mars.certkiller.com. hostmaster.certkiller.com. (
                  2005020801
                  10800
                  3600
                  604800
                  86400 );
</code>

  * ''hostmaster@certkiller.com''

**The mailserver is currently called fred, while the primary MX record points to mailhost.example.org. What must be
done to direct example.org email towards fred?**

  * Add an A record for mailhost to fred's IP address.
  * Add a CNAME record from mailhost to fred. (**Solución**)
  * Add another MX record pointing to fred's IP address.
  * Add a PTR record from mailhost to fred.

Sería algo como:

<code>
fred    IN    CNAME    mailhost.example.org.
</code>


**DNSSEC is used for?**

  * Encrypted DNS queries between nameservers.
  * Cryptographic authentication of DNS zones.  (**Solución**)
  * Secondary DNS queries for local zones.
  * Defining a secure DNS section.
  * Querying a secure DNS section.

No se cifra la información, solo se firma para verificar la autenticidad.

**The DNS service is used provide translation of IP addresses to names and is part of the TCP/IP standards that provide this type of functionality.**

  * Verdadero (**Solución**)
  * Falso

**The primary configuration file for the BIND name service is located at /etc/named.conf.**

  * Verdadero (**Solución**)
  * Falso

**The command 'dig@10.0.1.100 mylabserver.com' would provide what information?**

  * None of the above
  * All defined name servers for the 'mylabserver.com' domain
  * All domain information for 'mylabserver.com' domain using the nameserver '10.0.1.100'  (**Solución**)
  * All information pertaining to the names assigned to IP 10.0.1.100

**The primary configuration file for client DNS queries is:**

  * None of the Above
  * ''/etc/nsswitch.conf''
  * ''/etc/named.conf''
  * ''/etc/resolv.conf '' (**Solución**)

**What are the primary internet name servers called?**

  * Backbone servers
  * List servers
  * Name servers
  * Root servers (**Solución**)