All Courses
Ultimate HTTP Warrior Ultimate DNS Warrior Ultimate Apache Web Server Warrior
Blog
About Contact

Become the Ultimate DNS Warrior

 

Buy this course

 This course includes:

 
  • ~12.5 hours on-demand video
  • Includes all protocol advancements
  • Downloadable commands and configuration
  • Full lifetime access
  • Certificate of Completion
 

Who is this course for:

This course has been designed for all IT Professionals looking forward to learn the DNS protocol and how to install, configure, operate and troubleshoot a BIND DNS Server.

The course covers the DNS protocol and BIND Server from scratch to expert level.

 

Requirements:

  • Basic networking and linux knowledge
  • Access to a Linux server - cloud / eve-ng / gns3
  • Access to intermediate network devices such as routers / switches / firewalls

 

Course Outcomes:

  • Thorough understanding of the DNS protocol.
  • Understand how DNS works within large production grade environments
  • Use dig and other tools to troubleshoot a wide variety of DNS issues
  • Gain confidence to troubleshoot complex DNS issues
  • Install, configure, tweak and tune the BIND as a recursive caching resolver
  • Install, configure, tweak and tune the BIND as an Authoritative DNS Server
  • Master the advanced side of DNS - EDNDS, ECS, Views, DDNS, DNSSEC, DNS Cookies, DNS Firewall and more
  • Gain confidence to clear interviews with top tier organizations like Amazon, Google, Facebook etc. 

 

What sets this course apart from others:

  • High quality production standards
  • Respect for time - every second of the course is used to deliver precise and practical information 
  • Goes deep into the protocol following the RFC
  • Comprehensive coverage of almost all DNS related concepts
  • All topics are explained with practical labs
  • Explains not just the protocol but how it works in the context of a large production network - how different network devices interact with DNS traffic
  • Deep dive into the protocol and real world implementations
  • Focus on troubleshooting rather than just configuration

What you will learn:

  • In depth working of the protocol as per the DNS RFCs
  • Components of the DNS System
  • DNS Namespace - Fully Qualified Domain Name (FQDN)

  • Hierarchical Administration - Registry/Registrar/Registrant

  • Zones and Resource Records

  • Concept of Delegation

  • Types of DNS Servers - Authoritative vs Resolvers

  • Iterative vs Recursive DNS Queries

  • The 13 Root DNS Servers
  • Forward vs Reverse Zones
  • Resource Record Format
  • Purpose, format, usage and rules for most common Resource Records such as SOA, NS, A, AAAA, PTR, CNAME, TXT, MX and SRV and CAA Records
  • Wildcard Records
  • DNS Packet Format
  • DNS response Status Codes

  • Deep Dive into the complete DNS resolution process

  • What are White Label or branded or Vanity Name Servers?

  • How Glue records break circular reference?
  • DNS Response Caching and TTL
  • How caching works at the End Client
  • How caching works at the Resolver
  • The perils of caching
  • What is BIND?
  • How dig +trace works?
  • Setting up a Recursive Resolver
  • Tuning the Resolver
  • Setting up a Caching Server and Forwarding Queries
  • Setting up Authoritative Master and Slave Name Servers
  • How Zone transfers work - AXFR vs IXFR, Notify mechanism, SOA record timers?
  • Complete walkthrough of buying a Domain and setting up Internet facing Branded Name Servers
  • Different Architectures used in Corporate Networks
  • How to perform Sub Domain Delegation
  • Different DNS related Files and settings on Windows and Linux end clients 
  • Deep Dive into Extension Mechanisms for DNS (EDNS)
  • Views or Split DNS
  • EDNS Client Subnet (ECS) 
  • Name Server Identifier (NSID)
  • Dynamic DNS Updates (DDNS)
  • How to delegate reverse zones which don't fall on classful boundaries
  • Deep Dive into DNSSEC - DNSSEC records, zone signing, establishing chain of trust, DNSSEC flags, failure scenarios
  • How to implement DNSSEC on BIND, Key maintenance and troubleshooting
  • DNS Firewall (RPZ) using local and 3rd party rule providers
  • DDOS protection and filtering features on BIND - clients per query, fetches-per-zone, fetches-per-server, recursive-clients and tcp-clients, Response Rate Limiting (RRL), Blackhole, NXDOMAIN redirection
  • New DNS Transport mechanisms- DNS over HTTPS (DoH and DNS over TLS (DoT)
  • New DNS security features - DNS Cookies
  • Whois, EPP Status codes and related Domain settings and issues
  • How to troubleshoot different variety of DNS resolution issues
  • How to troubleshoot BIND server under heavy load
  • How end client stub resolver softwares such as Systemd-resolved and Dnsmasq can be leveraged to enabled caching
  • Best practices and steps to follow when transferring domain registration/hosted zone

Course Curriculum

Module 1: The Basics
DNS 101 (07:51)
Hierarchical DNS Namespace (07:49)
Zones, Resource Records and the Concept of Delegation (12:15)
Types of DNS Servers and Types of DNS Queries (14:59)
Forward vs Reverse DNS Zone (04:49)
Module 2: The Main Resource Records
SOA and NS Records (12:49)
A, AAAA and PTR Records (03:48)
CNAME, MX, TXT and SRV Records (14:11)
Module 3: Lab
Introduction to the Lab (11:45)
Module 4: DNS Packet Structure and Interacting with the DNS System
DNS Header (12:46)
Using dig and nslookup to interact with the DNS System - Part 1 (21:33)
Using dig and nslookup to interact with the DNS System - Part 2 (26:29)
Module 5: The DNS Resolution Process and Caching
The entire DNS Resolution Process (17:58)
White Label (branded/vanity) Name Servers (11:58)
How caching works at the End Client (13:34)
How caching works at the Resolver (19:13)
dig +trace (08:37)
Module 6: Working with BIND
What is BIND? (04:06)
Setting up a Recursive Resolver (30:51)
Tuning the Resolver (22:38)
Setting up a Caching Server and Forwarding Queries (13:56)
Setting up Authoritative Name Server (20:32)
Setting up Slave Name Server (21:36)
Buying a Domain and setting up Branded Name Servers (24:39)
Different Architectures used in Corporate Networks (06:37)
Sub Domain Delegation (09:42)
Module 7: Advanced DNS
End Client DNS Files and Behaviors (17:10)
EDNS (23:22)
Views or Split DNS (06:07)
ECS and NSID (15:09)
Dynamic DNS Updates (11:22)
Classless Reverse Delegation (06:08)
Module 8: DNS Security
DNSSEC - Theory (18:25)
DNSSEC - Practical (29:55)
DNSSEC on Bind (20:12)
DNS Firewall (RPZ) (18:20)
Blackhole, RRL, Minimal any, NXDOMAIN redirection, Dot/Doh (24:52)
Cookies (18:54)
Module 9: Troubleshooting
Troubleshooting domain issues (10:44)
Troubleshooting subdomain delegation issues (08:26)
Troubleshooting DNS resolution issues (57:44)
Troubleshooting DNS and BIND (23:29)
Module 10: Bonus Content
System-resolved and Dnsmasq (11:03)
Transferring Domain Best practices (08:53)
How to install and setup Eve-ng (45:10)

Detailed Course Syllabus

Your instructor

Shreevar is an experienced Network Engineer with 18 years of experience working with leading tech giants like AWS Premium Network Support.

Having worked in solutions and support in Layer 1 through Layer 7 technologies Shreevar now specializes in end to end network troubleshooting across a wide spectrum of technologies including AWS, LAN, WAN, VPNs, Routing&Switching, Load Balancing, Firewalls, Proxies, Web and DNS Servers, complex web application architectures and network automation.

He is now focussed on designing deeply technical comprehensive one stop training programs for his students enabling them to reach expert level within the shortest possible time and without having to waste time looking for content.