dns server in lan

DNS server in LAN

to use domain name(e.g. gitlab.com) in LAN rather than IP, it needs every local host machine to store all key-values:: host-IP. if the LAN has many host machines, it will be difficult to maintain. Setting up DNS server will help to automatically map the ip to domain or reverse in the LAN.

bind9

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
apt-get install bind9
```
### /etc/bind/named.conf.local
```shell
zone "gitlab.com" {
type: master;
file "/etc/bind/db.ip2gitlab.com" ;
};
zone "101.20.10.in-addr.arpa" {
type: master;
file "/etc/bind/db.gitlab2ip.com" ;
};
```
### /etc/bind/db.gitlab2ip.com
[dns zone file format](https://help.dyn.com/how-to-format-a-zone-file/)
gitlab2ip zone file is mapping from domain to ip, as following sample, it works like:
www.$ORIGIN --> 10.20.101.119
```shell
; command
$TTL 6000
;@ refer to current zone file
; DNS-server-FDNQ notification-email
$ORIGIN gitlab.com
@ IN SOA server email (
2 ;
1d ;
1h ;
5min ;
)
@ IN NS server
www IN A 10.20.101.119
server IN A 10.20.101.119

/etc/bind/db.ip2gitlab.com

ip2gitlab zone file is from ip to domain mapping,

1
2
3
4
5
6
7
8
9
10
11
$TTL 6000
$ORIGIN 101.20.10.in-addr.arpa
@ IN SOA server. email. (
2 ;
1d ;
1h ;
5min ;
)
@ IN NS server
119 IN A www.gitlab.com
119 IN A server.gitlab.com

nslookup

nslookup www.gitlab.com   #dns forward (domain 2 ip)

nslookup  10.20.101.119   #reverse (ip 2 domain)

settings

if the DNS setted above(DNS-git) is the only DNS server in the LAN, then this DNS works like a gateway, to communicate by domain name, every local host talk to it first, to understand the domain name.

but in a large size company LAN newtwork, there may already has a DNS server hosted at IT department (DNS-IT), with a fixed IP e.g. 10.10.101.101, and all localhost machines actually set DNS-IT as the default DNS. DNS-git will work as a sub-DNS server.

Inside the small team, either every localhost change default DNS to DNS-git, then DNS-git become the sub-network server.

if every localhost still keep DNS-IT, there is no way(?) to use DNS-git service in LAN, and even make conflicts, as the DNS-git localhost machine will listen on all TCP/IP ports, every new gitlab.com access request (input as IP address) will get an output as domain name, but the others can’t understand this domain-name…

what happened with two DNS server in LAN ?

how email works

Mail User Agent(MUA), e.g. Outlook, Foxmail, used to receive and send emails.

MUA is not directly sent emails to end users, but through Mail Transfer Agent(MTA), e.g. SendMail, Postfix.

an email sent out from MUA will go through one or more MTA, finally reach to Mail Delivery Agent(MDA), the email then store in some database, e.g. mailbox

the receiver then use MUA to review the email in the mailbox

ps, one day work as a IT admin ….