by pan » Wed Sep 29, 2021 2:16 pm
Code: Select all
# now we will install a recursive dns server (deadwood) and client-side tools (nslookup) in r
apt-get install maradns-deadwood dnsutils
# deadwood requires a resource configuration file, by default at /etc/maradns/deadwood/dwood3rc
echo "ipv4_bind_addresses = \"172.16.1.1\"" > /etc/maradns/deadwood/dwood3rc
echo "chroot_dir = \"/etc/maradns\"" >> /etc/maradns/deadwood/dwood3rc
echo "recursive_acl = \"172.16.1.0/24, 192.168.1.0/24, 10.10.1.0/24\"" >> /etc/maradns/deadwood/dwood3rc
# run deadwood on r
ip netns exec r deadwood
and expected output
Code: Select all
Deadwood version 3.2.09
Deadwood: A DNS UDP non-recursive cache (IPv6 supported)
We bound to 1 addresses
Using default ICANN root servers: 198.41.0.4,192.228.79.201,192.33.4.12,199.7.91.13,192.203.230.10,192.5.5.241,192.112.36.4,
128.63.2.53,192.36.148.17,192.58.128.30,193.0.14.129,199.7.83.42,202.12.27.33
to see the dns interaction between h1 and r
Code: Select all
# ip netns exec r tcpdump -l -n -i r-eth0 udp port 53
to see the dns interaction between r and external dns servers
Code: Select all
# tcpdump -n -l -i host-nat udp port 53
to trigger the dns interaction, use nslookup on h1
Code: Select all
# ip netns exec h1 nslookup www.cs.uvic.ca. 172.16.1.1
and expected output on h1
Code: Select all
Server: 172.16.1.1
Address: 172.16.1.1#53
Non-authoritative answer:
www.cs.uvic.ca canonical name = rweb.cs.uvic.ca.
Name: rweb.cs.uvic.ca
Address: 142.104.71.16
on r
Code: Select all
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on r-eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
20:51:42.548454 IP 192.168.1.100.42260 > 172.16.1.1.53: 6500+ A? www.cs.uvic.ca. (32)
20:51:43.647167 IP 172.16.1.1.53 > 192.168.1.100.42260: 6500 2/0/0 CNAME rweb.cs.uvic.ca., A 142.104.71.16 (67)
20:51:43.647523 IP 192.168.1.100.41385 > 172.16.1.1.53: 8322+ AAAA? rweb.cs.uvic.ca. (33)
20:51:44.702377 IP 172.16.1.1.53 > 192.168.1.100.41385: 8322 0/1/0 (86)
and on piconet
Code: Select all
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on host-nat, link-type EN10MB (Ethernet), capture size 262144 bytes
20:51:42.548553 IP 172.16.1.1.15625 > 192.203.230.10.53: 13771 A? www.cs.uvic.ca. (32)
20:51:42.552287 IP 192.203.230.10.53 > 172.16.1.1.15625: 13771- 0/4/8 (285)
20:51:42.552412 IP 172.16.1.1.15695 > 199.4.144.2.53: 7262 A? www.cs.uvic.ca. (32)
20:51:42.591183 IP 199.4.144.2.53 > 172.16.1.1.15695: 7262- 0/3/3 (143)
20:51:42.591337 IP 172.16.1.1.18745 > 216.171.224.23.53: 35109 A? www.cs.uvic.ca. (32)
20:51:43.646471 IP 172.16.1.1.17633 > 142.104.80.2.53: 11340 [b2&3=0x80] A? www.cs.uvic.ca. (32)
20:51:43.647072 IP 142.104.80.2.53 > 172.16.1.1.17633: 11340* 2/5/5 CNAME rweb.cs.uvic.ca., A 142.104.71.16 (248)
20:51:43.647594 IP 172.16.1.1.16239 > 216.171.224.23.53: 40863 AAAA? rweb.cs.uvic.ca. (33)
20:51:44.701501 IP 172.16.1.1.16366 > 142.104.80.2.53: 12437 [b2&3=0x80] AAAA? rweb.cs.uvic.ca. (33)
20:51:44.702292 IP 142.104.80.2.53 > 172.16.1.1.16366: 12437* 0/1/0 (86)
[code]# now we will install a recursive dns server (deadwood) and client-side tools (nslookup) in r
apt-get install maradns-deadwood dnsutils
# deadwood requires a resource configuration file, by default at /etc/maradns/deadwood/dwood3rc
echo "ipv4_bind_addresses = \"172.16.1.1\"" > /etc/maradns/deadwood/dwood3rc
echo "chroot_dir = \"/etc/maradns\"" >> /etc/maradns/deadwood/dwood3rc
echo "recursive_acl = \"172.16.1.0/24, 192.168.1.0/24, 10.10.1.0/24\"" >> /etc/maradns/deadwood/dwood3rc
# run deadwood on r
ip netns exec r deadwood[/code] and expected output [code]Deadwood version 3.2.09
Deadwood: A DNS UDP non-recursive cache (IPv6 supported)
We bound to 1 addresses
Using default ICANN root servers: 198.41.0.4,192.228.79.201,192.33.4.12,199.7.91.13,192.203.230.10,192.5.5.241,192.112.36.4,
128.63.2.53,192.36.148.17,192.58.128.30,193.0.14.129,199.7.83.42,202.12.27.33[/code]
to see the dns interaction between h1 and r [code]# ip netns exec r tcpdump -l -n -i r-eth0 udp port 53[/code]
to see the dns interaction between r and external dns servers [code]# tcpdump -n -l -i host-nat udp port 53[/code]
to trigger the dns interaction, use nslookup on h1 [code]# ip netns exec h1 nslookup www.cs.uvic.ca. 172.16.1.1[/code] and expected output on h1 [code]Server: 172.16.1.1
Address: 172.16.1.1#53
Non-authoritative answer:
www.cs.uvic.ca canonical name = rweb.cs.uvic.ca.
Name: rweb.cs.uvic.ca
Address: 142.104.71.16[/code] on r [code]tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on r-eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
20:51:42.548454 IP 192.168.1.100.42260 > 172.16.1.1.53: 6500+ A? www.cs.uvic.ca. (32)
20:51:43.647167 IP 172.16.1.1.53 > 192.168.1.100.42260: 6500 2/0/0 CNAME rweb.cs.uvic.ca., A 142.104.71.16 (67)
20:51:43.647523 IP 192.168.1.100.41385 > 172.16.1.1.53: 8322+ AAAA? rweb.cs.uvic.ca. (33)
20:51:44.702377 IP 172.16.1.1.53 > 192.168.1.100.41385: 8322 0/1/0 (86)[/code] and on piconet [code]tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on host-nat, link-type EN10MB (Ethernet), capture size 262144 bytes
20:51:42.548553 IP 172.16.1.1.15625 > 192.203.230.10.53: 13771 A? www.cs.uvic.ca. (32)
20:51:42.552287 IP 192.203.230.10.53 > 172.16.1.1.15625: 13771- 0/4/8 (285)
20:51:42.552412 IP 172.16.1.1.15695 > 199.4.144.2.53: 7262 A? www.cs.uvic.ca. (32)
20:51:42.591183 IP 199.4.144.2.53 > 172.16.1.1.15695: 7262- 0/3/3 (143)
20:51:42.591337 IP 172.16.1.1.18745 > 216.171.224.23.53: 35109 A? www.cs.uvic.ca. (32)
20:51:43.646471 IP 172.16.1.1.17633 > 142.104.80.2.53: 11340 [b2&3=0x80] A? www.cs.uvic.ca. (32)
20:51:43.647072 IP 142.104.80.2.53 > 172.16.1.1.17633: 11340* 2/5/5 CNAME rweb.cs.uvic.ca., A 142.104.71.16 (248)
20:51:43.647594 IP 172.16.1.1.16239 > 216.171.224.23.53: 40863 AAAA? rweb.cs.uvic.ca. (33)
20:51:44.701501 IP 172.16.1.1.16366 > 142.104.80.2.53: 12437 [b2&3=0x80] AAAA? rweb.cs.uvic.ca. (33)
20:51:44.702292 IP 142.104.80.2.53 > 172.16.1.1.16366: 12437* 0/1/0 (86)[/code]