KEAMANAN INFORMASI DAN ADMINISTRASI JARINGAN OPENCOURSEWARE UNIVERSITAS PEMBANGUNAN JAYA dns server
PRAKTIKUM ADMINISTRASI
JARINGAN KOMPUTER
DNS SERVER
(Domain Name System)
PRAKTIKUM ADMINISTRASI
JARINGAN KOMPUTER
DNS SERVER
DNS SERVER
(Domain Name System)
I. Apa itu DNS?
Domain Name System (DNS) adalah
distribute database system yang digunakan untuk pencarian nama komputer
(name resolution) di jaringan yang mengunakan TCP/IP(Transmission Control
Protocol/Internet Protocol). DNS biasa digunakan pada aplikasi yangterhubung
ke Internet seperti web browser atau e-mail, dimana DNS membantu memetakan
host name sebuah komputer ke IP address.
DNS dapat disamakan fungsinya dengan buku telepon.
Dimana setiap komputer dijaringan Internet memiliki host name (nama
komputer) dan Internet Protocol (IP) address. Secara umum, setiap client
yang akan mengkoneksikan komputer yang satu ke komputer yang lain, akan
menggunakan host name.
Lalu komputer anda akan menghubungi DNS server untuk mencek host name
yang anda minta tersebut berapa IP address-nya. IP address ini yang digunakan
untuk mengkoneksikan komputer anda dengan komputer lainnya.
Packet Tracer Lab
Working with the Application Layer: DHCP, DNS, and HTTP
This is an example of what your final topology should look like.
Instructions:
1. Start Packet Tracer using Realtime mode.
Options -> Preferences
Enable “Show Link Lights”
o Disable “Hide Device Label”
2. Configuring the DHCP Server
Add a server.
Global Settings:
Change the Display Name to “DHCP Server”
Set the Gateway to 172.16.0.1
FastEthernet:
Set the IP address to 172.16.0.10
Set the Subnet Mask to 255.255.0.0
HTTP:
Set HTTP Service and HTTPS Service to Off
DHCP:
DNS:
Set the Default Gateway to 172.16.0.1
Set the DNS Server to 172.16.0.11
Set the Start IP Address to 172.16.0.100
Set the Service to Off
2. Configuring the DNS Server
Add a server.
Global Settings:
Change the Display Name to “DNS Server”
Set the Gateway to 172.16.0.1
FastEthernet:
Set the IP address to 172.16.0.11
Set the Subnet Mask to 255.255.0.0
HTTP:
Set HTTP Service and HTTPS Service to Off
DHCP:
DNS:
Set the Service to Off
Entering the www.tsrb.edu Domain Name
o Enter for the Domain Name www.tsrb.edu
o Enter for IP Address 172.16.0.20
o Click Add
Entering the www.internal.com Domain Name
o Enter for the Domain Name www.internal.com
o Enter for IP Address 172.16.0.30
o Click Add
3. Configuring the www.tsrb.edu Web Server
Add a server.
Global Settings:
Change the Display Name to “Web Server: www.tsrb.edu”
Set the Gateway to 172.16.0.1
FastEthernet:
Set the IP address to 172.16.0.20
Set the Subnet Mask to 255.255.0.0
DHCP:
DNS:
Set the Service to Off
Set the Service to Off
HTTP
Change the sentence, “Welcome to Packet Tracer 5.0, the best thing since.....
Packet Tracer 4.0.” to “ Welcome to Tsrb's public web page!” You may add other
information as well.
4. Configuring the www.internal.com Web Server
Add a server.
Global Settings:
Change the Display Name to “Web Server: www.internal.com”
Set the Gateway to 172.16.0.1
FastEthernet:
Set the IP address to 172.16.0.30
Set the Subnet Mask to 255.255.0.0
DHCP:
DNS:
Set the Service to Off
Set the Service to Off
HTTP
Change the sentence, “Welcome to Packet Tracer 5.0, the best thing since.....
Packet Tracer 4.0.” to “ This is the corporate internal network!” You may add other
information as well.
5. Configure Two Client Computers using DHCP
Add two client computers.
Global Settings:
Change the Display Names to “Dynamic 1” and to “Dynamic 2” respectively
Set the Gateway/DNS to DHCP
FastEthernet:
Set the IP Configuration to DHCP
6. Configure One Client Computers using Static IP Addressing
Add two client computers.
Global Settings:
Change the Display Name to “Static”
Set the Gateway/DNS to Static
Set Gateway to 172.16.0.1
Set the DNS Server to 172.16.0.11
FastEthernet:
Be sure the configuration is set to Static
Set the IP address to 172.16.0.90
Set the Subnet Mask to 255.255.0.0
7. Adding switches
Add two switches.
Connect the servers to one switch using a straight-through cable.
Connect the client computers to the other switch using a straight-through cable.
Interconnect the two switches using a crossover cable.
8. Verify connectivity
Ping (ICMP)
o From a client computer use the Desktop Command prompt to ping the other client
computers and the servers.
o Example: From the Dynamic 1 client, C> ping 172.16.0.20
o The first one or two pings may fail, but you should receive a reply on the later pings. This
is due to the ping timing out while the ARP process takes place (later).
Web Browser (HTTP)
o On the client computers use the Desktop Web Browser, enter the URLs of the Web
Servers www.tsrb.edu and www.internal.com.
o You should see the web pages that you created on these servers.
9. Using Simulation Mode
Click on Simulation.
Note: To reset a simulation, click on “Reset Simulation”
Click on Edit Filters
Choose Show All/None so that all the boxes (protocols) are unchecked.
Select (check) the following protocols: DHCP, ICMP, HTTP, DNS.
Web Browser (HTTP)
On the client computers use the Desktop Web Browser, enter the URLs of the Web
Servers www.tsrb.edu or www.internal.com.
Click on Auto Capture/Play (automatically forwards the packets) or Capture Forward
(must keep clicking to advance the packets)
DHCP
Reset the simulation by clicking on “Reset Simulation”
To view DHCP, on one of the “Dynamic “client computers using DHCP go to the Desktop
Command prompt.
To have the client computer ask for new IP address and other information from the DHCP
server, enter the command: C> ipconfig /renew
II. DNS Server Linux
1.
Installasi bind9
# apt-get install bind9
2.
Catatlah di direktori mana saja program DHCP server diinstall
# dpkg –L bind9
3.
Konfigurasi file /etc/resolv.conf
File /etc/resolv.conf perlu dikonfigurasi
untuk menyeting komputer yang kita gunakan
adalah sebagai DNS Server maka option nameserver kita isi dengan nomor IP
address dari IP dari komputer itu sendiri.
# vim /etc/resolv.conf
domain nano.co.id
search nano.co.id
nameserver 10.252.108.45
4.
Copy template database ke /var/cache/bind
# cp /etc/bind/db.local /var/cache/bind/nano.co.id.db
# cp /etc/bind/db.255 /var/cache/bind/nano.co.id.rev
5.
Edit file database file
# vim /var/cache/bind/nano.co.id.db
;
; BIND data file for local loopback interface
;
$TTL
@
604800
IN
SOA
www.nano.co.id. root.nano.co.id. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200
;
Expire
604800 ) ; Negative Cache TTL
;
@
IN NS
localhost.
@
IN A
127.0.0.1
www
IN A
chan
IN
ftp
IN
10.252.108.45
A
10.252.108.54
CNAME www
6.
Edit file database reverse file
# vim
/var/cache/bind/nano.co.id.rev
;
; BIND reverse data file for broadcast zone
;
$TTL
@
604800
IN
SOA
www.nano.co.id. root.nano.co.id. (
1
604800
86400
2419200
; Refresh
; Retry
; Expire
; Serial
604800 )
; Negative Cache TTL
;
@
IN
45
IN
54
IN
NS
localhost.
PTR www.nano.co.id.
PTR chan.nano.co.id
7. Edit file configurasi named.conf.local
# vim /etc/bind/named.conf.local
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
zone "nano.co.id" {
type master;
file "/var/cache/bind/nano.co.id.db";
};
zone "108.252.10.in-addr.arpa"{
type master;
file "/var/cache/bind/nano.co.id.rev";
};
8. Edit named.conf.option
# vim /etc/bind/named.conf.options
options {
directory
"/var/cache/bind";
query-source address * port 53;
forwarders
{
202.154.187.2;
202.154.187.3;
};
allow-query
{
any;
127.0.0.1;
};
auth-nxdomain yes;
# conform to RFC1035
listen-on-v6 { any; };
};
9. Restart bind9
# /etc/init.d/bind9 restart
10. Cek dengan menggunakan nslookup
# nslookup www.nano.co.id
III Dynamic DNS Server
1. Installasi DHCP3 seperti pada praktikum DHCP
2. Memasukkan key penanda pada bind
# vim /etc/bind/named.conf.local
Tambahkan baris dibawah ini pada bagian paling atas dari script:
include "/etc/bind/rndc.key";
controls {
inet 127.0.0.1 port 953
allow {
127.0.0.1;
} keys { "rndc-key"; };
};
Catatan: key (seperti rndc.key) dapat di buat sendiri dengan cara
# dnssec-keygen -a hmac-md5 -b 128 -n user
Tambahkan scrip dibawah ini:
notify yes;
allow-update {
127.0.0.1;
key
"rndc-key";
};
Sehingga file /etc/bind/named.conf.local menjadi :
include "/etc/bind/rndc.key";
controls {
inet 127.0.0.1 port 953
allow {
127.0.0.1;
} keys { "rndc-key"; };
};
zone "nano.co.id" {
type master;
file "/var/cache/bind/nano.co.id.db";
notify yes;
allow-update {
127.0.0.1;
key
};
"rndc-key";
};
zone "108.252.10.in-addr.arpa"{
type master;
file "/var/cache/bind/nano.co.id.rev";
notify yes;
allow-update {
127.0.0.1;
key
"rndc-key";
};
};
3. Restart bind9
# /etc/init.d/bind9 restart
4.Edit file configurasi dhcp3
# vim /etc/dhcp3/dhcpd.conf
Tambahkan baris dibawah ini pada bagian paling atas dari script:
ddns-updates
on;
ddns-update-style
interim;
ddns-domainname
ddns-rev-domainname
"nano.co.id";
"in-addr.arpa";
include "/etc/bind/rndc.key";
zone nano.co.id. {
primary 127.0.0.1;
key rndc-key;
}
zone 108.252.10.in-addr.arpa. {
primary 127.0.0.1;
key rndc-key;
}
5. Restart dhcp3
# /etc/init.d/dhcp3-server restart
6. Konfigurasi di client
# vim /etc/dhcp3/dhclient.conf
send host-name "eclipse";
send dhcp-client-identifier ;
JARINGAN KOMPUTER
DNS SERVER
(Domain Name System)
PRAKTIKUM ADMINISTRASI
JARINGAN KOMPUTER
DNS SERVER
DNS SERVER
(Domain Name System)
I. Apa itu DNS?
Domain Name System (DNS) adalah
distribute database system yang digunakan untuk pencarian nama komputer
(name resolution) di jaringan yang mengunakan TCP/IP(Transmission Control
Protocol/Internet Protocol). DNS biasa digunakan pada aplikasi yangterhubung
ke Internet seperti web browser atau e-mail, dimana DNS membantu memetakan
host name sebuah komputer ke IP address.
DNS dapat disamakan fungsinya dengan buku telepon.
Dimana setiap komputer dijaringan Internet memiliki host name (nama
komputer) dan Internet Protocol (IP) address. Secara umum, setiap client
yang akan mengkoneksikan komputer yang satu ke komputer yang lain, akan
menggunakan host name.
Lalu komputer anda akan menghubungi DNS server untuk mencek host name
yang anda minta tersebut berapa IP address-nya. IP address ini yang digunakan
untuk mengkoneksikan komputer anda dengan komputer lainnya.
Packet Tracer Lab
Working with the Application Layer: DHCP, DNS, and HTTP
This is an example of what your final topology should look like.
Instructions:
1. Start Packet Tracer using Realtime mode.
Options -> Preferences
Enable “Show Link Lights”
o Disable “Hide Device Label”
2. Configuring the DHCP Server
Add a server.
Global Settings:
Change the Display Name to “DHCP Server”
Set the Gateway to 172.16.0.1
FastEthernet:
Set the IP address to 172.16.0.10
Set the Subnet Mask to 255.255.0.0
HTTP:
Set HTTP Service and HTTPS Service to Off
DHCP:
DNS:
Set the Default Gateway to 172.16.0.1
Set the DNS Server to 172.16.0.11
Set the Start IP Address to 172.16.0.100
Set the Service to Off
2. Configuring the DNS Server
Add a server.
Global Settings:
Change the Display Name to “DNS Server”
Set the Gateway to 172.16.0.1
FastEthernet:
Set the IP address to 172.16.0.11
Set the Subnet Mask to 255.255.0.0
HTTP:
Set HTTP Service and HTTPS Service to Off
DHCP:
DNS:
Set the Service to Off
Entering the www.tsrb.edu Domain Name
o Enter for the Domain Name www.tsrb.edu
o Enter for IP Address 172.16.0.20
o Click Add
Entering the www.internal.com Domain Name
o Enter for the Domain Name www.internal.com
o Enter for IP Address 172.16.0.30
o Click Add
3. Configuring the www.tsrb.edu Web Server
Add a server.
Global Settings:
Change the Display Name to “Web Server: www.tsrb.edu”
Set the Gateway to 172.16.0.1
FastEthernet:
Set the IP address to 172.16.0.20
Set the Subnet Mask to 255.255.0.0
DHCP:
DNS:
Set the Service to Off
Set the Service to Off
HTTP
Change the sentence, “Welcome to Packet Tracer 5.0, the best thing since.....
Packet Tracer 4.0.” to “ Welcome to Tsrb's public web page!” You may add other
information as well.
4. Configuring the www.internal.com Web Server
Add a server.
Global Settings:
Change the Display Name to “Web Server: www.internal.com”
Set the Gateway to 172.16.0.1
FastEthernet:
Set the IP address to 172.16.0.30
Set the Subnet Mask to 255.255.0.0
DHCP:
DNS:
Set the Service to Off
Set the Service to Off
HTTP
Change the sentence, “Welcome to Packet Tracer 5.0, the best thing since.....
Packet Tracer 4.0.” to “ This is the corporate internal network!” You may add other
information as well.
5. Configure Two Client Computers using DHCP
Add two client computers.
Global Settings:
Change the Display Names to “Dynamic 1” and to “Dynamic 2” respectively
Set the Gateway/DNS to DHCP
FastEthernet:
Set the IP Configuration to DHCP
6. Configure One Client Computers using Static IP Addressing
Add two client computers.
Global Settings:
Change the Display Name to “Static”
Set the Gateway/DNS to Static
Set Gateway to 172.16.0.1
Set the DNS Server to 172.16.0.11
FastEthernet:
Be sure the configuration is set to Static
Set the IP address to 172.16.0.90
Set the Subnet Mask to 255.255.0.0
7. Adding switches
Add two switches.
Connect the servers to one switch using a straight-through cable.
Connect the client computers to the other switch using a straight-through cable.
Interconnect the two switches using a crossover cable.
8. Verify connectivity
Ping (ICMP)
o From a client computer use the Desktop Command prompt to ping the other client
computers and the servers.
o Example: From the Dynamic 1 client, C> ping 172.16.0.20
o The first one or two pings may fail, but you should receive a reply on the later pings. This
is due to the ping timing out while the ARP process takes place (later).
Web Browser (HTTP)
o On the client computers use the Desktop Web Browser, enter the URLs of the Web
Servers www.tsrb.edu and www.internal.com.
o You should see the web pages that you created on these servers.
9. Using Simulation Mode
Click on Simulation.
Note: To reset a simulation, click on “Reset Simulation”
Click on Edit Filters
Choose Show All/None so that all the boxes (protocols) are unchecked.
Select (check) the following protocols: DHCP, ICMP, HTTP, DNS.
Web Browser (HTTP)
On the client computers use the Desktop Web Browser, enter the URLs of the Web
Servers www.tsrb.edu or www.internal.com.
Click on Auto Capture/Play (automatically forwards the packets) or Capture Forward
(must keep clicking to advance the packets)
DHCP
Reset the simulation by clicking on “Reset Simulation”
To view DHCP, on one of the “Dynamic “client computers using DHCP go to the Desktop
Command prompt.
To have the client computer ask for new IP address and other information from the DHCP
server, enter the command: C> ipconfig /renew
II. DNS Server Linux
1.
Installasi bind9
# apt-get install bind9
2.
Catatlah di direktori mana saja program DHCP server diinstall
# dpkg –L bind9
3.
Konfigurasi file /etc/resolv.conf
File /etc/resolv.conf perlu dikonfigurasi
untuk menyeting komputer yang kita gunakan
adalah sebagai DNS Server maka option nameserver kita isi dengan nomor IP
address dari IP dari komputer itu sendiri.
# vim /etc/resolv.conf
domain nano.co.id
search nano.co.id
nameserver 10.252.108.45
4.
Copy template database ke /var/cache/bind
# cp /etc/bind/db.local /var/cache/bind/nano.co.id.db
# cp /etc/bind/db.255 /var/cache/bind/nano.co.id.rev
5.
Edit file database file
# vim /var/cache/bind/nano.co.id.db
;
; BIND data file for local loopback interface
;
$TTL
@
604800
IN
SOA
www.nano.co.id. root.nano.co.id. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200
;
Expire
604800 ) ; Negative Cache TTL
;
@
IN NS
localhost.
@
IN A
127.0.0.1
www
IN A
chan
IN
ftp
IN
10.252.108.45
A
10.252.108.54
CNAME www
6.
Edit file database reverse file
# vim
/var/cache/bind/nano.co.id.rev
;
; BIND reverse data file for broadcast zone
;
$TTL
@
604800
IN
SOA
www.nano.co.id. root.nano.co.id. (
1
604800
86400
2419200
; Refresh
; Retry
; Expire
; Serial
604800 )
; Negative Cache TTL
;
@
IN
45
IN
54
IN
NS
localhost.
PTR www.nano.co.id.
PTR chan.nano.co.id
7. Edit file configurasi named.conf.local
# vim /etc/bind/named.conf.local
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
zone "nano.co.id" {
type master;
file "/var/cache/bind/nano.co.id.db";
};
zone "108.252.10.in-addr.arpa"{
type master;
file "/var/cache/bind/nano.co.id.rev";
};
8. Edit named.conf.option
# vim /etc/bind/named.conf.options
options {
directory
"/var/cache/bind";
query-source address * port 53;
forwarders
{
202.154.187.2;
202.154.187.3;
};
allow-query
{
any;
127.0.0.1;
};
auth-nxdomain yes;
# conform to RFC1035
listen-on-v6 { any; };
};
9. Restart bind9
# /etc/init.d/bind9 restart
10. Cek dengan menggunakan nslookup
# nslookup www.nano.co.id
III Dynamic DNS Server
1. Installasi DHCP3 seperti pada praktikum DHCP
2. Memasukkan key penanda pada bind
# vim /etc/bind/named.conf.local
Tambahkan baris dibawah ini pada bagian paling atas dari script:
include "/etc/bind/rndc.key";
controls {
inet 127.0.0.1 port 953
allow {
127.0.0.1;
} keys { "rndc-key"; };
};
Catatan: key (seperti rndc.key) dapat di buat sendiri dengan cara
# dnssec-keygen -a hmac-md5 -b 128 -n user
Tambahkan scrip dibawah ini:
notify yes;
allow-update {
127.0.0.1;
key
"rndc-key";
};
Sehingga file /etc/bind/named.conf.local menjadi :
include "/etc/bind/rndc.key";
controls {
inet 127.0.0.1 port 953
allow {
127.0.0.1;
} keys { "rndc-key"; };
};
zone "nano.co.id" {
type master;
file "/var/cache/bind/nano.co.id.db";
notify yes;
allow-update {
127.0.0.1;
key
};
"rndc-key";
};
zone "108.252.10.in-addr.arpa"{
type master;
file "/var/cache/bind/nano.co.id.rev";
notify yes;
allow-update {
127.0.0.1;
key
"rndc-key";
};
};
3. Restart bind9
# /etc/init.d/bind9 restart
4.Edit file configurasi dhcp3
# vim /etc/dhcp3/dhcpd.conf
Tambahkan baris dibawah ini pada bagian paling atas dari script:
ddns-updates
on;
ddns-update-style
interim;
ddns-domainname
ddns-rev-domainname
"nano.co.id";
"in-addr.arpa";
include "/etc/bind/rndc.key";
zone nano.co.id. {
primary 127.0.0.1;
key rndc-key;
}
zone 108.252.10.in-addr.arpa. {
primary 127.0.0.1;
key rndc-key;
}
5. Restart dhcp3
# /etc/init.d/dhcp3-server restart
6. Konfigurasi di client
# vim /etc/dhcp3/dhclient.conf
send host-name "eclipse";
send dhcp-client-identifier ;