CEN3303-Administrasi Sistem - Pertemuan 6

Pengenalan Konsep DNS Jenis DNS Server Implementasi DNS Konsep DHCP Implementasi DHCP Windows DNS/DHCP Integrasi DNS-DHCP Keamanan Troubleshooting Best Practices Studi Kasus DNS Simulator

Pertemuan 6: Konfigurasi DNS dan DHCP

1. Pendahuluan

DNS (Domain Name System) dan DHCP (Dynamic Host Configuration Protocol) adalah dua layanan jaringan fundamental yang menjadi tulang punggung infrastruktur IT modern.

Essential Skills: Memahami cara mengkonfigurasi dan mengelola kedua layanan ini adalah keterampilan essential bagi administrator sistem.

DNS

Domain Name System

"Phonebook of the Internet"

Port 53 UDP/TCP

DHCP

Dynamic Host Configuration

Automatic IP Assignment

Port 67/68 UDP

2. Domain Name System (DNS)

Apa itu DNS?

Sistem terdistribusi yang menerjemahkan nama domain ke alamat IP
"Phonebook of the Internet" - Mencari IP berdasarkan nama
Menggunakan port 53 (UDP untuk query, TCP untuk zone transfer)
Hierarchical distributed database system

DNS Resolution

google.com → 172.217.194.113

Komponen DNS:

DNS Resolver

Client yang melakukan query

Contoh: ISP resolver, Google DNS

Root Server

Server tingkat teratas

13 root servers worldwide

TLD Server

Top-Level Domain

.com, .org, .id, dll

Authoritative Server

Pemegang data domain

NS records domain

Jenis Record DNS:

Record Type	Purpose	Contoh	TTL
`A`	IPv4 address	`google.com → 172.217.194.113`	300
`AAAA`	IPv6 address	`google.com → 2a00:1450:4001:815::200e`	300
`CNAME`	Canonical name (alias)	`www → google.com`	300
`MX`	Mail exchange	`@ → mail.google.com`	3600
`NS`	Name server	`@ → ns1.google.com`	172800
`TXT`	Text information	`SPF, DKIM records`	3600
`PTR`	Pointer (reverse DNS)	`113.194.217.172 → google.com`	3600

DNS Hierarchy & Resolution Process:

Client

→

Resolver

→

Root Server

→

TLD Server

→

Authoritative

→

IP Address

3. Types of DNS Servers

Recursive Resolver

Menerima query dari client dan melakukan full resolution

Contoh:

Google DNS (8.8.8.8)
Cloudflare DNS (1.1.1.1)
ISP DNS servers

Fungsi:

Cache DNS records
Reduce external queries
Improve response time

Authoritative Nameserver

Menyimpan record untuk domain tertentu

Contoh:

ns1.google.com
ns2.cloudflare.com
Custom DNS servers

Fungsi:

Store zone files
Answer queries for domains
Domain authority

Forwarder

Meneruskan query ke server lain

Use Case:

Internal DNS forward to external
Split horizon DNS
Content filtering

Contoh Konfigurasi:

# BIND9 forwarders

forwarders {

  8.8.8.8;

  8.8.4.4;

};

Caching Server

Menyimpan hasil query untuk mempercepat resolusi

Benefits:

Reduce latency
Lower bandwidth usage
Improve reliability

Cache Management:

# View DNS cache

rndc dumpdb -cache

# Clear DNS cache

rndc flush

systemd-resolve --flush-caches

4. Implementasi DNS di Linux

BIND9 Installation:

Ubuntu/Debian

# Update dan install BIND9

sudo apt update

sudo apt install bind9 bind9utils bind9-doc

# Start service

sudo systemctl enable bind9

sudo systemctl start bind9

CentOS/RHEL

# Install BIND

sudo yum install bind bind-utils

# atau dengan dnf

sudo dnf install bind bind-utils

# Start service

sudo systemctl enable named

sudo systemctl start named

File Konfigurasi Penting:

named.conf

Main configuration file

/etc/bind/named.conf

include "/etc/bind/named.conf.options";

include "/etc/bind/named.conf.local";

named.conf.local

Local zones configuration

/etc/bind/named.conf.local

zone "company.local" {

  type master;

  file "/var/cache/bind/db.company.local";

};

named.conf.options

Global options

/etc/bind/named.conf.options

options {

  directory "/var/cache/bind";

  forwarders { 8.8.8.8; };

};

Zone File Example:

/var/cache/bind/db.company.local

; Zone file for company.local

$TTL 604800

@ IN SOA company.local. admin.company.local. (

    2024101501 ; Serial

    604800     ; Refresh

    86400      ; Retry

    2419200    ; Expire

    604800 )    ; Negative Cache TTL

; Name servers

@    IN    NS    ns1.company.local.

@    IN    NS    ns2.company.local.

; A records

ns1    IN    A    192.168.1.10

ns2    IN    A    192.168.1.11

www    IN    A    192.168.1.100

mail    IN    A    192.168.1.200

; CNAME records

ftp     IN    CNAME    www

Testing DNS Configuration:

nslookup

nslookup www.company.local 192.168.1.10

dig

dig @192.168.1.10 www.company.local

host

host www.company.local 192.168.1.10

Check Configuration Syntax

# Check main config

named-checkconf

# Check zone file

named-checkzone company.local /var/cache/bind/db.company.local

Service Management

# Reload configuration

systemctl reload bind9

# Check service status

systemctl status bind9

# View query log

tail -f /var/log/syslog | grep named

5. Dynamic Host Configuration Protocol (DHCP)

Apa itu DHCP?

Protokol untuk memberikan konfigurasi IP secara otomatis ke client
Menggunakan port 67 (server) dan 68 (client)
Menggunakan UDP broadcast untuk communication
Dynamic, automatic IP management untuk network devices

DHCP Benefits

Automatic IP Configuration

Centralized Management

Reduced Administration

DHCP Process (DORA):

Discover

→

Client mencari DHCP server

Offer

→

Server menawarkan IP address

Request

→

Client meminta IP yang ditawarkan

Acknowledge

Server mengkonfirmasi dan memberikan lease

Komponen DHCP:

Scope

Range IP addresses yang dapat diberikan

192.168.1.100-200

Lease

Durasi penggunaan IP oleh client

Default: 24 hours

Reservation

IP tetap untuk client tertentu

Based on MAC address

Options

Konfigurasi tambahan

Gateway, DNS, domain

6. DHCP Server di Linux

ISC DHCP Server Installation:

Ubuntu/Debian

# Install DHCP server

sudo apt update

sudo apt install isc-dhcp-server

# Configure interface

sudo nano /etc/default/isc-dhcp-server

# Set INTERFACESv4="eth0"

CentOS/RHEL

# Install DHCP server

sudo yum install dhcp

# atau dengan dnf

sudo dnf install dhcp-server

# Start service

sudo systemctl enable dhcpd

sudo systemctl start dhcpd

DHCP Server Configuration:

/etc/dhcp/dhcpd.conf

# Global options

option domain-name "company.local";

option domain-name-servers 192.168.1.10, 8.8.8.8;

default-lease-time 600;

max-lease-time 7200;

authoritative;

# Subnet declaration

subnet 192.168.1.0 netmask 255.255.255.0 {

  range 192.168.1.100 192.168.1.200;

  option routers 192.168.1.1;

  option subnet-mask 255.255.255.0;

  option broadcast-address 192.168.1.255;

}

# Fixed address for specific MAC

host printer {

  hardware ethernet 08:00:27:4a:5b:6c;

  fixed-address 192.168.1.50;

}

DHCP Management:

Monitoring DHCP Leases

# View current leases

cat /var/lib/dhcp/dhcpd.leases

# Monitor DHCP activity

tail -f /var/log/syslog | grep dhcp

# Check server status

systemctl status isc-dhcp-server

Configuration Testing

# Test configuration syntax

dhcpd -t

# Test with specific config file

dhcpd -cf /etc/dhcp/dhcpd.conf -t

# Debug mode

dhcpd -d

12. DNS Resolution Simulator

Interactive DNS Lookup Simulator

DNS Query:

Domain Name:

Record Type:

Quick Tests:

Resolution Process:

Enter a domain and click "Perform DNS Lookup" to see the resolution process...

Query Results:

Results will appear here...

Ringkasan Pembelajaran

Pada pertemuan ini kita telah mempelajari konfigurasi dan manajemen DNS dan DHCP, dua layanan jaringan fundamental untuk infrastruktur IT modern.

Key Takeaways:

Pemahaman DNS hierarchy dan resolution process
Konfigurasi BIND9 DNS server di Linux
Setup ISC DHCP server untuk automatic IP assignment
Integrasi DNS dan DHCP dengan dynamic updates

Next Topic Preview:

Pertemuan berikutnya: Layanan SSH dan FTP - remote access dan file transfer yang aman.

Sebelumnya Selanjutnya: Bagian-2