HET306/HIT8163 - Unix for Telecommunications

BIND Assignment - v2 (Feb 2013)

Unix for Telecommunications

Assignment Handout

As per the Unit Outline - this assignment makes up 20% of your final mark for this Unit. You must achieve a minimum of
40% in the assignment to be eligible for a pass.
If you have been allocated two rule hosts, you are expected to complete your assignment on your highest numbered RULE
host. If you have been allocated three rule hosts, you are expected to complete your assignment on your middle numbered
RULE host. Submission for the assignment is outlined below.
I. O UTLINE
The corporation in which you work runs and maintains a DNS server which it uses to offer DNS services to customers.
Until recently, requested changes to the DNS database from your customers has been minimal and handled via a simple request
system:
The customer asks for a change to the database
You stop the DNS server
The zone database files are updated
The DNS server is restarted
Update requests have recently increased to the point where this system has become unmanageable. Your boss has asked to
you to investigate a system that allows the database to be updated dynamically:
The DNS server does not need to be stopped
Updates can be performed via a scripted and/or web-page approach
Access can be given to customers to update their own entries
To accomplish this task, you have been assigned to deploy and configure a BIND server with dynamic update capability,
along with a series of scripts and CGI based web pages to update the database contents.
This assignment is divided into two parts with Part A being due approximately half way through the semester and Part B
due near the end of semester.
II. PART A
The first part of your task is to research the functionality of DNS and the DNS service as deployed in the Internet, and the
standards behind dynamic updating of DNS information. You are also required to research the deployment and implementation
of BIND in its provision of dynamic DNS services. Your report should NOT discuss the design of your implementation
but rather how dynamic DNS updates and the associated protocol works. The aim of this part of the assignment is to get
an understanding of the DNS service and its functionality in the network, and also to determine the basic mechanics behind
providing a multi-user, dyanmic DNS system.
A. DNS and BIND
You need to research how DNS and BIND behave and how it provides access to a distributed database across the Internet.
Your report needs to summarise DNS operation in general, as well as the deployment of BIND and how it works within the
DNS framework.
B. Dynamic DNS Updates
You need to research dynamic DNS updates, and how BIND currently supports this functionality. You need to discuss the
dynamic update methods and their various advantages and disadvantages, as well as summarise what happens within BIND
when a dynamic update is made.
C. Multi-User Functionality
Your company would be looking to provide the following functionality to your customers.
Adding a new entry (including reverse lookups) to the database
Removing entries (including reverse lookups) to the database
Updating entries (including reverse lookups) to the database
This functionality needs to be provided individually to each customer such that un-authorised modifications are not possible.
You need to consider how to provide this service while limiting customer access to only modify the entries that they are
responsible for.
Your research should result in a basic requirements list along with a plan for what needs to be implemented to support these
requirements.
page 1

HET306/HIT8163 - Unix for Telecommunications

BIND Assignment - v2 (Feb 2013)

D. Scripts
There are two types of scripts you can deploy, command-line based scripts and a CGI-based interface. You should investigate
the limitations of what can be performed within either of these two requirements and prepare a basic design plan for
implementing your required features using both approaches.
This section of your report should NOT include any code or configuration files, but rather discuss the general operation of
your proposed solution.
E. Assessment
The assessment component for Part A of the assignment is worth 20 marks or half of the overall assessment component
for this assignment. You will be expected to complete a report of no more than 7 pages in PDF format covering the aspects
listed above. The marking guide for this report follows.
Component
DNS and BIND Overview
DNS Overview
Distributed Database Implementation
BIND Implementation and Overview
Dynamic DNS Updates
Discussion of BIND and dynamic DNS
Dynamic update methods pros vs cons
How BIND deals with dynamic updates
Multi-user Functionality
How you might implement multi-user access
Restriction on which zones can be updated
System Requirements List
Scripting
Command-line Scripts discussion
CGI-based Scripts discussion
Report
Clarity, completeness and quality
Penalties
Late submission per working day late
Page limit per page over 7 pages
Total

Score
4

-2
-2
20

III. PART B
Once your basic plan has been considered, you will now be required to build your DNS dynamic update system. This will
involve configuring and deploying BIND on your (highest or middle)-numbered RULE host along with Apache and any scripts
you develop. Depending upon which scripting language you choose to use, you may need to install and configure your system
with other software via the ports tree.
A. BIND
Your BIND server should be configured to:
Support dynamic updates to any zone files managed by your company and any virtual clients you support
Support dynamic updates to reverse-lookup zones for the 136.186.230.*/24 network
Allow public queries for lookups
B. Accounts
Accounts should be created for each of your virtual customers. Each customer should have:
Login details (to be provided in your final assignment)
A forward lookup zone created and allocated to them
Access to scripting facilities below to update their entries
Note: Creating accounts for and managing restricted database access for individual users is an optional part of the
assignment for bonus marks

page 2

HET306/HIT8163 - Unix for Telecommunications

BIND Assignment - v2 (Feb 2013)

C. Scripts
Both command-line based and CGI based scripts should be developed to allow updating of information in the zone database
files.
Hint: A backend script that actually updates information could be called by both the command-line and CGI based scripts
to perform the actual updates
The scripts should check user authentication details (if applicable), and provide a list of current zone database entries that
user can change before allowing the user to manage their allocated entries.
This will require your script to:
Poll the DNS server to retrieve the current database entries
Provide a means for the user to select an entry to update/delete
Provide a means for adding a new entry
If an IP address is given in the 136.186.230.0/24 network, then all updates must also be performed to the reverse-lookup
zone for this network as well.
D. Instructions
You are required to produce a brief set of documentation that contains the following information for part B of the assignment.
Script Details
A listing of the locations and names of all the scripts you developed. For any command-line based scripts a brief set
of instructions including parameter listing and sample calls
Web Pages
A pointer to the web site hosting the CGI based update scripts and any relevant instructions for how to use the scripts
Client Details If supported
If client-based updates are provided then a list of:
User account details including usernames and passwords
Which zones each user is allowed to update
How to create a new account/zone for a new customer
This documentation will be primarily assesed on its accuracy and completeness.
E. Assessment
The assessment component for Part B of the assignment is worth 20 marks or half of the overall assessment component
for this assignment. You will be expected to submit a brief report containing the instructions as listed above and to submit
your RULE host for testing of your work.
Component
BIND Server
Correctly configured to accept dynamic update requests
DNS Zones configured to support dynamic updates
Accepting DNS public queries
Forwarding requests to Swinburne DNS
Scripts Command-line and CGI Based
Successfully add new entry to database
Successfully update entries in database
Successfully remove entries from database
Correctly update both forward and reverse entries
Documentation
Script details, instructions and examples
Web page details and associated information
Bonus Marks
Command-line script multi-user support
CGI-based script multi-user support
Forgetting to provide documentation of account information
Penalties
Late submission per working day late
Total

Score
6

11

2
2
-1
-2
20

IV. S UBMISSION R EQUIREMENTS

All submitted documentation must be in Portable Document Format (PDF) format.
page 3

HET306/HIT8163 - Unix for Telecommunications

BIND Assignment - v2 (Feb 2013)

A. Part A
Part A of this assignment is due at 11:00pm on Wednesday Week 6. The requirements you must adhere to are:
Submission of your PDF report must be completed via the Faculty ESP submission system at http://esp.ict.swin.edu.au
An upper page limit of 7 pages
The report must be formatted using the IEEE template as used during the lab in Week 4. You may choose to submit your
report in either one or two column format
The online submission system timestamps your report, a late submission will result in the penalty of loss of 10% of the
possible assignment mark per day for a maximum of five days. Later submissions will result in a score of 0
B. Part B
Part B of this assignment is due at 4:00pm on Wednesday Week 11. Your submission will consist of one PDF documents.
The submission procedure is the same as for Part A of this assignment.
Pay careful attention to the earlier submission time (4:00pm), this is because I must manually login to check for
submissions each day.
The online submission system will be checked daily at 4:00pm, access to your assignment RULE Host will be closed once it
has been determined that you have submitted your assignment. Your RULE host configuration will be checked for functionality
against the project requirements and compared with the content of your submitted documentation. Access to your other RULE
hosts will remain to allow you to complete your lab and other work.
Late submission will incur a penalty of 10% for each 24 hour period following the submission date up to a maximum of
five days. Submissions beyond this deadline will receive a mark of zero. This penalty will apply unless you have asked for and received - an extension.
C. Plagiarism
Please be aware of Swinburnes plagiarism policies and procedures:
http://www.it.swin.edu.au/students/plagiarism guide.pdf
Part of this is citation of work, a guide is available at:
http://www.swin.edu.au/lib/guides/harvard system.pdf
D. Failure to Hand in Assignment
Having home network connection problems (including VPN issues) is not considered an excuse for late, or non-submission.
Email submission of labs will not be accepted. Make sure that you setup and test your VPN access before relying on VPN
access to submit work.
After lab hrs access to RULE system:
The RULE system can be accessed from any computer on Swinburnes internal network using appropriate ssh client
software (such as PuTTY). For access from outside of Swinburnes network the following links will help:
Connection to Swinburnes internal network via the Internet:
http://www.its.swin.edu.au/guides/VPN/index.html

page 4