Labeled NFS/Demo/Manual/DNS - Revision history http://selinuxproject.org/w/?title=Labeled_NFS/Demo/Manual/DNS&action=history Revision history for this page on the wiki en MediaWiki 1.23.13 Thu, 28 Mar 2024 08:58:05 GMT CraigGrube: /* Setting Up DNS for testing */ http://selinuxproject.org/w/?title=Labeled_NFS/Demo/Manual/DNS&diff=400&oldid=prev http://selinuxproject.org/w/?title=Labeled_NFS/Demo/Manual/DNS&diff=400&oldid=prev <p>‎<span dir="auto"><span class="autocomment">Setting Up DNS for testing</span></span></p> <table class='diff diff-contentalign-left'> <col class='diff-marker' /> <col class='diff-content' /> <col class='diff-marker' /> <col class='diff-content' /> <tr style='vertical-align: top;'> <td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td> <td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 15:03, 12 December 2008</td> </tr><tr><td colspan="2" class="diff-lineno">Line 1:</td> <td colspan="2" class="diff-lineno">Line 1:</td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>= Setting Up DNS for testing =</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>= Setting Up DNS for testing =</div></td></tr> <tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>This is a brief HOWTO on setting up the BIND DNS server for the example domains used throughout this tutorial.</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>This is a brief HOWTO on setting up the BIND DNS server for the example domains used throughout this tutorial<ins class="diffchange diffchange-inline">.&#160; The information regarding DNS configuration at the beginning of the automated installation instructions assumes a separate system (from the server) provides DNS services.&#160; The manual instructions place the DNS server with the other server components on one system, however there</ins></div></td></tr> <tr><td colspan="2">&#160;</td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline">is no reason why the steps can not be modified to move the DNS server component to a separate system</ins>.</div></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>One of the pre-requisites for Kerberos and LDAP is that important machines must have matching forward and reverse DNS names. This means that you cannot simply assign an alias (i.e. CNAME) to an existing machine and have it work. &#160;</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>One of the pre-requisites for Kerberos and LDAP is that important machines must have matching forward and reverse DNS names. This means that you cannot simply assign an alias (i.e. CNAME) to an existing machine and have it work. &#160;</div></td></tr> </table> Fri, 12 Dec 2008 15:03:34 GMT CraigGrube http://selinuxproject.org/page/Talk:Labeled_NFS/Demo/Manual/DNS CraigGrube: /* Reverse DNS */ http://selinuxproject.org/w/?title=Labeled_NFS/Demo/Manual/DNS&diff=383&oldid=prev http://selinuxproject.org/w/?title=Labeled_NFS/Demo/Manual/DNS&diff=383&oldid=prev <p>‎<span dir="auto"><span class="autocomment">Reverse DNS</span></span></p> <table class='diff diff-contentalign-left'> <col class='diff-marker' /> <col class='diff-content' /> <col class='diff-marker' /> <col class='diff-content' /> <tr style='vertical-align: top;'> <td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td> <td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 19:17, 11 December 2008</td> </tr><tr><td colspan="2" class="diff-lineno">Line 77:</td> <td colspan="2" class="diff-lineno">Line 77:</td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>;</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>;</div></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>;</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>;</div></td></tr> <tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>13&#160; &#160; &#160; IN PTR&#160; <del class="diffchange diffchange-inline">sefos</del>.example.com.</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>13&#160; &#160; &#160; IN PTR&#160; <ins class="diffchange diffchange-inline">seserver</ins>.example.com.</div></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr> <tr><td colspan="2" class="diff-lineno">Line 84:</td> <td colspan="2" class="diff-lineno">Line 84:</td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>52&#160; &#160; &#160; IN PTR client3.example.com.</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>52&#160; &#160; &#160; IN PTR client3.example.com.</div></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&lt;/pre&gt;</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&lt;/pre&gt;</div></td></tr> <tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;"></del></div></td><td colspan="2">&#160;</td></tr> <tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;"></del></div></td><td colspan="2">&#160;</td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>== Start named ==</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>== Start named ==</div></td></tr> </table> Thu, 11 Dec 2008 19:17:38 GMT CraigGrube http://selinuxproject.org/page/Talk:Labeled_NFS/Demo/Manual/DNS CraigGrube: /* Forward zone */ http://selinuxproject.org/w/?title=Labeled_NFS/Demo/Manual/DNS&diff=382&oldid=prev http://selinuxproject.org/w/?title=Labeled_NFS/Demo/Manual/DNS&diff=382&oldid=prev <p>‎<span dir="auto"><span class="autocomment">Forward zone</span></span></p> <table class='diff diff-contentalign-left'> <col class='diff-marker' /> <col class='diff-content' /> <col class='diff-marker' /> <col class='diff-content' /> <tr style='vertical-align: top;'> <td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td> <td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 19:17, 11 December 2008</td> </tr><tr><td colspan="2" class="diff-lineno">Line 57:</td> <td colspan="2" class="diff-lineno">Line 57:</td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>; one machine for all three services. A record for machine, CNAMEs for services.</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>; one machine for all three services. A record for machine, CNAMEs for services.</div></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>; NOTE: use sefos in all kerberos/nfs/ldap configuration files!</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>; NOTE: use sefos in all kerberos/nfs/ldap configuration files!</div></td></tr> <tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del class="diffchange diffchange-inline">sefos </del>&#160; &#160; &#160; &#160; A&#160; &#160; &#160; 192.168.201.13</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline">seserver </ins>&#160; &#160; &#160; &#160; A&#160; &#160; &#160; 192.168.201.13</div></td></tr> <tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del class="diffchange diffchange-inline">kerberos&#160; &#160; &#160; CNAME&#160; sefos</del></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div></div></td></tr> <tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del class="diffchange diffchange-inline">nfs&#160; &#160; &#160; &#160; &#160; CNAME&#160; sefos</del></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div></div></td></tr> <tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del class="diffchange diffchange-inline">ldap&#160; &#160; &#160; &#160; &#160; CNAME&#160; sefos</del></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div></div></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>seclient&#160; &#160; &#160; A&#160; &#160; &#160; 192.168.201.50</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>seclient&#160; &#160; &#160; A&#160; &#160; &#160; 192.168.201.50</div></td></tr> </table> Thu, 11 Dec 2008 19:17:26 GMT CraigGrube http://selinuxproject.org/page/Talk:Labeled_NFS/Demo/Manual/DNS CraigGrube: New page: = Setting Up DNS for testing = This is a brief HOWTO on setting up the BIND DNS server for the example domains used throughout this tutorial. One of the pre-requisites for Kerberos and LD... http://selinuxproject.org/w/?title=Labeled_NFS/Demo/Manual/DNS&diff=337&oldid=prev http://selinuxproject.org/w/?title=Labeled_NFS/Demo/Manual/DNS&diff=337&oldid=prev <p>New page: = Setting Up DNS for testing = This is a brief HOWTO on setting up the BIND DNS server for the example domains used throughout this tutorial. One of the pre-requisites for Kerberos and LD...</p> <p><b>New page</b></p><div>= Setting Up DNS for testing =<br /> This is a brief HOWTO on setting up the BIND DNS server for the example domains used throughout this tutorial.<br /> <br /> One of the pre-requisites for Kerberos and LDAP is that important machines must have matching forward and reverse DNS names. This means that you cannot simply assign an alias (i.e. CNAME) to an existing machine and have it work. <br /> <br /> The &lt;code&gt;host&lt;/code&gt; command can help you determine if forward and reverse DNS match (see test after setup).<br /> <br /> First, install the BIND nameserver:<br /> # yum install bind bind-utils<br /> <br /> == named configuration ==<br /> This example configuration file uses the private network 192.168.201.0, with 192.168.201.13 being the DNS/Kerberos/LDAP/NFSv4 server.<br /> <br /> Add two zones to &lt;code&gt;/etc/named.conf&lt;/code&gt;; one for forward and one for reverse.<br /> <br /> &lt;pre&gt;<br /> zone &quot;example.com&quot; in{<br /> type master;<br /> file &quot;example.com&quot;;<br /> };<br /> // reverse map for class C 192.168.201.0<br /> zone &quot;201.168.192.IN-ADDR.ARPA&quot; in{<br /> type master;<br /> file &quot;192.168.201.rev&quot;;<br /> };<br /> &lt;/pre&gt;<br /> <br /> The default configuration file will only listen on the localhost address. You will need to set the listen-on and allow-query addresses in the options section so that named can respond to queries on the local network.<br /> <br /> &lt;pre&gt;<br /> options {<br /> // ...<br /> listen-on port 53 { 192.168.201.13; 127.0.0.1; };<br /> allow-query { 192.168.201.0/24; 127.0.0.1/32; };<br /> <br /> };<br /> &lt;/pre&gt;<br /> <br /> == Forward zone ==<br /> Create &lt;code&gt;/var/named/example.com&lt;/code&gt;<br /> <br /> &lt;pre&gt;<br /> $TTL 6D<br /> @ IN SOA dns.example.com. root.example.com. (<br /> 200806256 ; Serial<br /> 1H ; Refresh<br /> 300 ; Retry<br /> 2D ; Expire<br /> 12H) ; Minimum TTL<br /> NS dns.example.com.<br /> ;<br /> localhost A 127.0.0.1<br /> <br /> ; address of machine acting as DNS server<br /> dns A 192.168.201.13<br /> <br /> ; one machine for all three services. A record for machine, CNAMEs for services.<br /> ; NOTE: use sefos in all kerberos/nfs/ldap configuration files!<br /> sefos A 192.168.201.13<br /> kerberos CNAME sefos<br /> nfs CNAME sefos<br /> ldap CNAME sefos<br /> <br /> seclient A 192.168.201.50<br /> client2 A 192.168.201.51<br /> client3 A 192.168.201.52<br /> &lt;/pre&gt;<br /> <br /> == Reverse DNS ==<br /> Create &lt;code&gt;/var/named/192.168.201.rev&lt;/code&gt;:<br /> &lt;pre&gt;<br /> $TTL 6D<br /> @ IN SOA dns.example.com. root.example.com. (<br /> 200806201 ; Serial<br /> 1H ; Refresh<br /> 300 ; Retry<br /> 2D ; Expire<br /> 12H) ; Minimum TTL<br /> NS dns.example.com.<br /> ;<br /> ;<br /> 13 IN PTR sefos.example.com.<br /> <br /> <br /> 50 IN PTR seclient.example.com.<br /> 51 IN PTR client2.example.com.<br /> 52 IN PTR client3.example.com.<br /> &lt;/pre&gt;<br /> <br /> <br /> <br /> == Start named ==<br /> In targeted mode:<br /> service named start<br /> <br /> In MLS mode:<br /> run_init service named start<br /> <br /> == Configure Local Name Resolution ==<br /> Add the local interface to the resolver search path in /etc/resolv.conf, above any other nameservers. This step will also have to be performed on any clients (unless they are dhcp clients, and your dhcp server is configured to hand out the new name server).<br /> <br /> &lt;pre&gt;<br /> # search domain, so short names can be used<br /> #(e.g. 'sefos' instead of sefos.example.com<br /> search example.com<br /> <br /> # new nameserver<br /> nameserver 192.168.201.13<br /> <br /> # old nameserver, as a fallback<br /> nameserver 192.168.201.1<br /> &lt;/pre&gt;<br /> <br /> == Test reverse DNS ==<br /> # host sefos<br /> sefos.example.com has address 192.168.201.13<br /> # host 192.168.201.13<br /> 13.201.168.192.in-addr.arpa domain name pointer sefos.example.com.<br /> <br /> == Turn on named at boot ==<br /> chkconfig named on<br /> <br /> == Firewalls ==<br /> The following lines should be added to /etc/sysconfig/iptables before<br /> the INPUT REJECT rule to allow udp queries to port 53/udp:<br /> -A INPUT -m udp -p udp --dport 53 -j ACCEPT<br /> <br /> Then iptables should be restarted:<br /> # service iptables restart</div> Thu, 11 Dec 2008 13:13:15 GMT CraigGrube http://selinuxproject.org/page/Talk:Labeled_NFS/Demo/Manual/DNS