2.6 - DNS Configuration, DHCP Configuration, VLANs and VPNs Flashcards
DNS
Domain name system
Human readable names to computer readable IPs
Hierarchical
-follow path
Distributed database
-many DNS servers
-13 root server clusters (over 1,000 actual servers)
-hundreds of gTLDs (generic top level domains) (ex: .com, .org, .net, etc)
-275+ ccTLDs (country code top level domains) (ex: .us, .ca, .uk, etc)
DNS records
RR (resource records)
-database records of DNS
30+ record types
-IPs, certs, host alias names, etc
Important + critical configs
-check settings, backup, and test
Address records
A or AAAA
Defines IP of host
-most popular query
A records = for IPv4 addresses
-modify A record to change host name to IP resolution
AAAA records = for IPv6 addresses
-same DNS server, different records
Mail exchanger record (MX)
Determines host name for mail server
-NOT an IP address -> just a name
IN MX mail.mydomain.name.
Text records (TXT)
Human readable text info
-useful public info
Can be used for verification
-if u have access to DNS then u must be the admin of the domain name
Usually used for email security
-external email servers validate info from ur DNS
nslookup
Sender policy framework (SPF)
SPF protocol
-list of all servers authorized to send emails for the domain
-prevents mail spoofing
-mail servers perform check to see if incoming mail actually came from an authorized host
Domain keys identified mail (DKIM)
Digitally sign a domain’s outgoing mail
-mail servers validate (not typically seen by end user)
-public key = in DKIM TXT record
DMARC
Domain based message authentication, reporting, and conformance
-prevents spoofing
-extension of SPF + DKIM
You decide what external email servers should do with emails that don’t validate through SPF or DKIM
-policy written into DMARC TXT record
-accept all, send to spam, or reject email
-compliance reports can be sent to email administrator
DHCP Configuration - Scope properties
IP range
- and excluded addresses
Subnet mask
Lease durations
Other scope options
-DNS server
-default gateway
-VOIP servers
DHCP Pools (DHCP config)
Grouping of IP addresses
-each subject has own scope
-192.168.1.0/24
-192.168.2.0/24
-192.168.3.0/2
-etc
Scope = generally contiguous pool of IPs
-DHCP exceptions can be made inside scope
DHCP address assignment (DHCP config)
Dynamic assignment
-DHCP server has big pool of addresses to give out
-addresses reclaimed after lease period
Automatic reassignment
-similar to dynamic allocation
-DHCP server has list of past assignments
-you’ll always get same IP address
DHCP address allocation (DHCP config)
Address reservation
-administratively configured
Table of MAC addresses
-each MAC address has matching IP address
Other names
-static DHCP assignment
-static DHCP
-static assignment
-IP reservation
DHCP leases (DHCP config)
Leasing your address
-temporary
-can seem permanent
Allocation
-assigned lease time by DHCP server
-administratively configured
Reallocation
-reboot computer
-confirms lease
Workstation can manually release IP address
-moving to another subnet
DHCP renewal (DHCP config)
T1 timer
-Check in with lending DHCP to renew IP address
-50% of the lease time (by default)
T2 timer
-if original DHCP is down, try rebinding with any DHCP server
-87.5% of lease time (7/8ths)
LANs
Local area networks
Group of devices in same broadcast domain
