Synopses & Reviews
DNS and BIND tells you everything you need to work with one of the Internet's fundamental building blocks: the distributed host information database that's responsible for translating names into addresses, routing mail to its proper destination, and even listing phone numbers with the new ENUM standard. This book brings you up-to-date with the latest changes in this crucial service.
The fifth edition covers BIND 9.3.2, the most recent release of the BIND 9 series, as well as BIND 8.4.7. BIND 9.3.2 contains further improvements in security and IPv6 support, and important new features such as internationalized domain names, ENUM (electronic numbering), and SPF (the Sender Policy Framework).
Whether you're an administrator involved with DNS on a daily basis or a user who wants to be more informed about the Internet and how it works, you'll find that this book is essential reading.
Topics include:
- What DNS does, how it works, and when you need to use it
- How to find your own place in the Internet's namespace
- Setting up name servers
- Using MX records to route mail
- Configuring hosts to use DNS name servers
- Subdividing domains (parenting)
- Securing your name server: restricting who can query your server, preventing unauthorized zone transfers, avoiding bogus servers, etc.
- The DNS Security Extensions (DNSSEC) and Transaction Signatures (TSIG)
- Mapping one name to several servers for load sharing
- Dynamic updates, asynchronous notification of change to a zone, and incremental zone transfers
- Troubleshooting: using nslookup and dig, reading debugging output, common problems
- DNS programming using the resolver library and Perl's Net::DNS module
Synopsis
Distributed host information databases are responsible for translating names into addresses, routing mail to its proper destination, and many other services. This edition brings readers up to date on the new 9.3 version of BIND.
About the Author
Cricket Liu graduated from the University of California, Berkeley, that great bastion of free speech, unencumbered Unix, and cheap pizza. He joined Hewlett-Packard after graduation and worked for HP for nine years.Cricket began managing the hp.com zone after the Loma Prieta earthquake forcibly transferred the zone's management from HP Labs to HP's Corporate Offices (by cracking a sprinkler main and flooding a Labs computer room). Cricket was
[email protected] for over three years, and then joined HP's Professional Services Organization to co-found HP's Internet Consulting Program.Cricket left HP in 1997 to form Acme Byte & Wire, a DNS consulting and training company, with his friend Matt Larson. Network Solutions acquired Acme in June 2000, and later the same day merged with VeriSign. Cricket worked for a year as Director of DNS Product Management for VeriSign Global Registry Services.Cricket joined Infoblox, a company that develops DNS and DHCP appliances, in March, 2003. He is currently their Vice President of Architecture.Cricket, his wife, Paige, their son, Walt, and daughter, Greta, live in California with their two Siberian Huskies, Annie and Dakota.
Paul Albitz is a software engineer at Hewlett-Packard. Paul earned a Bachelor of Science degree from the University of Wisconsin, LaCrosse, and a Master of Science degree from Purdue University.Paul worked on BIND for the HP-UX 7.0 and 8.0 releases. During this time he developed the tools used to run the hp.com domain. Since then Paul has worked on various HP products during his 19 year career: HP JetDirect software, HP OfficeJet fax firmware, HPPhoto web site, and HP Photosmart Premier software.Paul and his wife Katherine live in San Diego California with their two cats, Gracie and Tiffany.
Table of Contents
Preface; Versions; What's New in the Fifth Edition?; Organization; Audience; Obtaining the Example Programs; How to Contact Us; Conventions Used in This Book; Using Code Examples; Safari® Enabled; Quotations; Acknowledgments; Chapter 1: Background; 1.1 A (Very) Brief History of the Internet; 1.2 On the Internet and Internets; 1.3 The Domain Name System, in a Nutshell; 1.4 The History of BIND; 1.5 Must I Use DNS?; Chapter 2: How Does DNS Work?; 2.1 The Domain Namespace; 2.2 The Internet Domain Namespace; 2.3 Delegation; 2.4 Nameservers and Zones; 2.5 Resolvers; 2.6 Resolution; 2.7 Caching; Chapter 3: Where Do I Start?; 3.1 Getting BIND; 3.2 Choosing a Domain Name; Chapter 4: Setting Up BIND; 4.1 Our Zone; 4.2 Setting Up Zone Data; 4.3 Setting Up a BIND Configuration File; 4.4 Abbreviations; 4.5 Hostname Checking; 4.6 Tools; 4.7 Running a Primary Nameserver; 4.8 Running a Slave Nameserver; 4.9 Adding More Zones; 4.10 What's Next?; Chapter 5: DNS and Electronic Mail; 5.1 MX Records; 5.2 Movie.edu's Mail Server; 5.3 What's a Mail Exchanger, Again?; 5.4 The MX Algorithm; 5.5 DNS and Email Authentication; Chapter 6: Configuring Hosts; 6.1 The Resolver; 6.2 Resolver Configuration; 6.3 Sample Resolver Configurations; 6.4 Minimizing Pain and Suffering; 6.5 Additional Configuration Files; 6.6 The Windows XP Resolver; Chapter 7: Maintaining BIND; 7.1 Controlling the Nameserver; 7.2 Updating Zone Datafiles; 7.3 Organizing Your Files; 7.4 Changing System File Locations; 7.5 Logging; 7.6 Keeping Everything Running Smoothly; Chapter 8: Growing Your Domain; 8.1 How Many Nameservers?; 8.2 Adding More Nameservers; 8.3 Registering Nameservers; 8.4 Changing TTLs; 8.5 Planning for Disasters; 8.6 Coping with Disaster; Chapter 9: Parenting; 9.1 When to Become a Parent; 9.2 How Many Children?; 9.3 What to Name Your Children; 9.4 How to Become a Parent: Creating Subdomains; 9.5 Subdomains of in-addr.arpa Domains; 9.6 Good Parenting; 9.7 Managing the Transition to Subdomains; 9.8 The Life of a Parent; Chapter 10: Advanced Features; 10.1 Address Match Lists and ACLs; 10.2 DNS Dynamic Update; 10.3 DNS NOTIFY (Zone Change Notification); 10.4 Incremental Zone Transfer (IXFR); 10.5 Forwarding; 10.6 Views; 10.7 Round-Robin Load Distribution; 10.8 Nameserver Address Sorting; 10.9 Preferring Nameservers on Certain Networks; 10.10 A Nonrecursive Nameserver; 10.11 Avoiding a Bogus Nameserver; 10.12 System Tuning; 10.13 Compatibility; 10.14 The ABCs of IPv6 Addressing; 10.15 Addresses and Ports; Chapter 11: Security; 11.1 TSIG; 11.2 Securing Your Nameserver; 11.3 DNS and Internet Firewalls; 11.4 The DNS Security Extensions; Chapter 12: nslookup and dig; 12.1 Is nslookup a Good Tool?; 12.2 Interactive Versus Noninteractive; 12.3 Option Settings; 12.4 Avoiding the Search List; 12.5 Common Tasks; 12.6 Less Common Tasks; 12.7 Troubleshooting nslookup Problems; 12.8 Best of the Net; 12.9 Using dig; Chapter 13: Reading BIND Debugging Output; 13.1 Debugging Levels; 13.2 Turning On Debugging; 13.3 Reading Debugging Output; 13.4 The Resolver Search Algorithm and Negative Caching (BIND 8); 13.5 The Resolver Search Algorithm and Negative Caching (BIND 9); 13.6 Tools; Chapter 14: Troubleshooting DNS and BIND; 14.1 Is NIS Really Your Problem?; 14.2 Troubleshooting Tools and Techniques; 14.3 Potential Problem List; 14.4 Transition Problems; 14.5 Interoperability and Version Problems; 14.6 TSIG Errors; 14.7 Problem Symptoms; Chapter 15: Programming with the Resolver and Nameserver Library Routines; 15.1 Shell Script Programming with nslookup; 15.2 C Programming with the Resolver Library Routines; 15.3 Perl Programming with Net::DNS; Chapter 16: Architecture; 16.1 External, Authoritative DNS Infrastructure; 16.2 Forwarder Infrastructure; 16.3 Internal DNS Infrastructure; 16.4 Operations; 16.5 Keeping Up with DNS and BIND; Chapter 17: Miscellaneous; 17.1 Using CNAME Records; 17.2 Wildcards; 17.3 A Limitation of MX Records; 17.4 Dial-up Connections; 17.5 Network Names and Numbers; 17.6 Additional Resource Records; 17.7 ENUM; 17.8 Internationalized Domain Names; 17.9 DNS and WINS; 17.10 DNS, Windows, and Active Directory; DNS Message Format and Resource Records; A.1 Master File Format; A.2 DNS Messages; A.3 Resource Record Data; BIND Compatibility Matrix; Compiling and Installing BIND on Linux; C.1 Instructions for BIND 8; C.2 Instructions for BIND 9; Top-Level Domains; BIND Nameserver and Resolver Configuration; E.1 BIND Nameserver Boot File Directives and Configuration File Statements; E.2 BIND 8 Configuration File Statements; E.3 BIND 9 Configuration File Statements; E.4 BIND Resolver Statements; E.5 BIND 9 Options Statement; Colophon;