Chapter 2.4: DNS and DHCP Configuration

Resource Records (RR)

◦These are the database records of the domain name services.

◦There are over 30 record types, including IP addresses, certificates, and host alias names.

◦These configurations are critical and require careful checking, backing up, and testing.

A Records (Address Records)

◦Defines the IPv4 address of a host.

◦This is the most popular query type for DNS.

◦Modifying an A record changes the hostname to IP address resolution.

AAAA Records

◦Defines the IPv6 address of a host.

◦Managed by the same DNS server as A records, but are distinct record types.

CNAME Records (Canonical Name Records)

◦Establishes a name as an alias of another, canonical name.

◦Allows one physical server to host multiple services.

MX Records (Mail Exchanger Record)

◦Determines the host name for the mail server.

◦Note that an MX record is a name, not an IP address.

TXT Records (Text Records)

◦Contains human-readable text information, originally for informal public information.

◦Can be used for verification purposes (e.g., proving domain administration).

◦Commonly used for email security, where external email servers validate information from your DNS.

DKIM (Domain Keys Identified Mail)

◦Used to digitally sign a domain's outgoing mail.

◦Validated by mail servers (not usually seen by end-users), with the public key located in the DKIM TXT record.

SPF (Sender Policy Framework)

◦An SPF protocol defines a list of all servers authorized to send emails for a specific domain.

◦Helps prevent mail spoofing by allowing mail servers to check if incoming mail came from an authorized host.

DMARC (Domain-based Message Authentication, Reporting, and Conformance)

◦An extension of SPF and DKIM that helps prevent unauthorized email use (spoofing).

◦Allows you to define a policy in a DMARC TXT record for how external email servers should handle emails that don't validate through SPF or DKIM (e.g., accept, send to spam, or reject).

◦Can also send compliance reports to the email administrator.

DHCP Leases (DORA Process)

◦The four-step process a client uses to obtain an IP address from a DHCP server:

▪Discover: The client finds a DHCP server.

▪Offer: The server offers an IP address to the client.

▪Request: The client requests to lock in the offer.

▪Acknowledge: The DHCP server confirms the IP assignment.

DHCP Scopes

◦Configured on the DHCP server to define the range of IP addresses (and excluded addresses) that can be assigned.

◦Also includes the subnet mask, lease durations, and other options like DNS server and default gateway.

DHCP Pools

◦A grouping of IP addresses, with each subnet typically having its own scope.

◦A scope is generally a single contiguous pool of IP addresses, though exclusions can be made within it.

Address Reservation

◦An administratively configured method to assign a specific IP address to a particular MAC address within the DHCP server.

◦Also known as Static DHCP Assignment, Static DHCP, or IP Reservation.