Cover image for DNS and BIND cookbook
Title:
DNS and BIND cookbook
Personal Author:
Liu, Cricket
Publication Information:
Sebastopol, CA : O'Reilly Media, 2003
ISBN:
9780596004101
Subject Term:
Internet domain names

Internet addresses

Computer network protocols

Available:*

Library
Item Barcode
Call Number
Material Type
Item Category 1
Status
Searching...
 30000010115919 TK5105.8835 L58 2003 Open Access Book Book
Searching...

On Order

Summary

Summary

The DNS & BIND Cookbook presents solutions to the many problems faced by network administrators responsible for a name server. Following O'Reilly's popular problem-and-solution cookbook format, this title is an indispensable companion to DNS & BIND , 4th Edition, the definitive guide to the critical task of name server administration. The cookbook contains dozens of code recipes showing solutions to everyday problems, ranging from simple questions, like, "How do I get BIND?" to more advanced topics like providing name service for IPv6 addresses. It's full of BIND configuration files that you can adapt to your sites requirements.With the wide range of recipes in this book, you'll be able to Check whether a name is registered Register your domain name and name servers Create zone files for your domains Protect your name server from abuse Set up back-up mail servers and virtual email addresses Delegate subdomains and check delegation Use incremental transfer Secure zone transfers Restrict which queries a server will answer Upgrade to BIND 9 from earlier version Perform logging and troubleshooting Use IPv6 and much more. These recipes encompass all the day-to-day tasks you're faced with when managing a name server, and many other tasks you'll face as your site grows. Written by Cricket Liu, a noted authority on DNS, and the author of the bestselling DNS & BIND and DNS on Windows 2000 , the DNS & BIND Cookbook belongs in every system or network administrator's library.


Author Notes

Cricket Liu matriculated at the University of California's Berkeley campus, that great bastion of free speech, unencumbered Unix, and cheap pizza. He joined Hewlett-Packard after graduation and worked for HP for nine years. Cricket began managing the hp.com zone after the Loma Prieta earthquake forcibly transferred the zone's management from HP Labs to HP's Corporate Offices (by cracking a sprinkler main and flooding Labs' computer room). Cricket was hostmaster@hp.com for over three years, and then joined HP's Professional Services Organization to cofound HP's Internet Consulting Program. Cricket left HP in 1997 to form Acme Byte & Wire, a DNS consulting and training company, with his friend (and now co-author) Matt Larson. Network Solutions acquired Acme in June 2000, and later the same day merged with VeriSign. Cricket worked for a year as Director of DNS Product Management for VeriSign Global Registry Services. Cricket joined Men & Mice, an Icelandic company specializing in DNS software and services, in September, 2001. He is currently their Vice President, Research & Development. Cricket, his wife, Paige, and their son, Walt, live in Colorado with two Siberian Huskies, Annie and Dakota. On warm weekend afternoons, you'll probably find them on the flying trapeze or wakeboarding behind Betty Blue.


Table of Contents

Prefacep. xi
1. Getting Startedp. 1
1.1 Finding More Information About DNS and BINDp. 1
1.2 Asking Questions You Can't Find Answers Top. 2
1.3 Getting a List of Top-Level Domainsp. 3
1.4 Checking Whether a Domain Name Is Registeredp. 4
1.5 Registering a Domain Namep. 5
1.6 Registering Name Serversp. 7
1.7 Registering a Reverse-Mapping Domainp. 7
1.8 Transferring Your Domain Name to Another Registrarp. 9
1.9 Choosing a Version of BINDp. 10
1.10 Finding Out Which Version of BIND You're Runningp. 11
1.11 Getting BINDp. 12
1.12 Building and Installing BINDp. 13
1.13 Getting a Precompiled Version of BINDp. 14
1.14 Creating a named.conf Filep. 15
1.15 Configuring a Name Server as the Primary Master for a Zonep. 16
1.16 Configuring a Name Server as a Slave for a Zonep. 17
1.17 Configuring a Name Server as Authoritative for Multiple Zonesp. 18
1.18 Starting a Name Serverp. 19
1.19 Stopping a Name Serverp. 20
1.20 Starting named at Boot Timep. 21
2. Zone Datap. 23
2.1 Creating a Zone Data Filep. 23
2.2 Adding a Hostp. 26
2.3 Adding an Aliasp. 27
2.4 Adding a Mail Destinationp. 28
2.5 Making the Domain Name of Your Zone Point to Your Web Serverp. 29
2.6 Pointing a Domain Name to a Particular URLp. 30
2.7 Setting Up Round Robin Load Distributionp. 31
2.8 Adding a Domain Name in a Subdomain Without Creating a New Zonep. 32
2.9 Preventing Remote Name Servers from Caching a Resource Recordp. 33
2.10 Adding a Multihomed Hostp. 34
2.11 Updating a Name Server's Root Hints Filep. 35
2.12 Using a Single Data File for Multiple Zonesp. 35
2.13 Using Multiple Data Files for a Single Zonep. 37
2.14 Resetting Your Zone's Serial Numberp. 37
2.15 Making Manual Changes to a Dynamically Updated Zonep. 39
2.16 Moving a Hostp. 40
2.17 Mapping Any Domain Name in a Zone to a Single IP Addressp. 41
2.18 Adding Similar Recordsp. 43
2.19 Making Your Services Easy to Findp. 44
2.20 Storing the Location of a Host in DNSp. 45
2.21 Filtering a Host Table into Zone Data Filesp. 47
3. BIND Name Server Configurationp. 48
3.1 Configuring a Name Server to Work with ndcp. 49
3.2 Configuring a Name Server to Work with rndcp. 50
3.3 Using rndc with a Remote Name Serverp. 52
3.4 Allowing "Illegal" Characters in Domain Namesp. 54
3.5 Dividing a Large named.conf File into Multiple Filesp. 55
3.6 Organizing Zone Data Files in Different Directoriesp. 56
3.7 Configuring a Name Server as Slave for All of Your Zonesp. 57
3.8 Finding an Offsite Slave Name Server for Your Zonep. 58
3.9 Protecting a Slave Name Server from Abusep. 59
3.10 Allowing Dynamic Updatesp. 60
3.11 Configuring a Name Server to Forward Dynamic Updatesp. 62
3.12 Notifying a Slave Name Server Not in a Zone's NS Recordsp. 63
3.13 Limiting NOTIFY Messagesp. 64
3.14 Configuring a Name Server to Forward Queries to Another Name Serverp. 66
3.15 Configuring a Name Server to Forward Some Queries to Other Name Serversp. 67
3.16 Configuring a Name Server Not to Forward Certain Queriesp. 68
3.17 Returning Different Answers to Different Queriersp. 69
3.18 Determining the Order in Which a Name Server Returns Answersp. 71
3.19 Setting Up a Slave Name Server for a Zone in Multiple Viewsp. 72
3.20 Disabling Cachingp. 77
3.21 Limiting the Memory a Name Server Usesp. 77
3.22 Configuring IXFRp. 79
3.23 Limiting the Size of the IXFR Log Filep. 80
3.24 Configuring a Name Server to Listen Only on Certain Network Interfacesp. 80
3.25 Running a Name Server on an Alternate Portp. 81
3.26 Setting Up a Root Name Serverp. 83
3.27 Returning a Default Recordp. 84
3.28 Configuring DNS to Let Clients Find the Closest Serverp. 85
3.29 Handling Dialup Connectionsp. 87
4. Electronic Mailp. 89
4.1 Configuring a Backup Mail Server in DNSp. 89
4.2 Configuring Multiple Mail Servers in DNSp. 90
4.3 Configuring Mail to Go to One Server and the Web to Anotherp. 91
4.4 Configuring DNS for "Virtual" Email Addressesp. 92
4.5 Configuring DNS So a Mail Server and the Email It Sends Pass Anti-Spam Testsp. 93
5. BIND Name Server Operationsp. 94
5.1 Figuring Out How Much Memory a Name Server Will Needp. 94
5.2 Testing a Name Server's Configurationp. 95
5.3 Viewing a Name Server's Cachep. 96
5.4 Flushing (Clearing) a Name Server's Cachep. 97
5.5 Modifying Zone Data Without Restarting the Name Serverp. 98
5.6 Adding or Removing Zones Without Restarting or Reloading the Name Serverp. 99
5.7 Initiating a Zone Transferp. 100
5.8 Restarting a Name Server Automatically If It Diesp. 101
5.9 Restarting a Name Server with the Same Argumentsp. 102
5.10 Controlling Multiple named Processes with rndcp. 102
5.11 Controlling Multiple named Processes with ndcp. 104
5.12 Finding Out Who's Querying a Name Serverp. 105
5.13 Measuring a Name Server's Performancep. 106
5.14 Measuring Queries for Records in Particular Zonesp. 109
5.15 Monitoring a Name Serverp. 110
5.16 Limiting Concurrent Zone Transfersp. 111
5.17 Limiting Concurrent TCP Clientsp. 112
5.18 Limiting Concurrent Recursive Clientsp. 113
5.19 Dynamically Updating a Zonep. 114
5.20 Sending Dynamic Updates to a Particular Name Serverp. 115
5.21 Setting Prerequisites in a Dynamic Updatep. 116
5.22 Sending TSIG-Signed Dynamic Updatesp. 117
5.23 Setting Up a Backup Primary Master Name Serverp. 118
5.24 Promoting a Slave Name Server to the Primary Masterp. 119
5.25 Running Multiple Primary Master Name Servers for the Same Zonep. 120
5.26 Creating a Zone Programmaticallyp. 121
5.27 Migrating from One Domain Name to Anotherp. 122
6. Delegation and Registrationp. 124
6.1 Delegating a Subdomainp. 124
6.2 Delegating a Subdomain of a Reverse-Mapping Zonep. 125
6.3 Delegating Reverse-Mapping for Networks with Non-Octet Masksp. 126
6.4 Delegating Reverse-Mapping for Networks Smaller than a /24p. 128
6.5 Checking Delegationp. 129
6.6 Moving a Name Serverp. 131
6.7 Changing Your Zone's Name Serversp. 133
7. Securityp. 134
7.1 Concealing a Name Server's Versionp. 134
7.2 Configuring a Name Server to Work with a Firewall (or Vice Versa)p. 137
7.3 Setting Up a Hidden Primary Master Name Serverp. 139
7.4 Setting Up a Stealth Slave Name Serverp. 140
7.5 Configuring an Authoritative-Only Name Serverp. 141
7.6 Configuring a Caching-Only Name Serverp. 142
7.7 Running a Name Server in a chroot() Jailp. 143
7.8 Running the Name Server as a User Other than Rootp. 144
7.9 Defining a TSIG Keyp. 145
7.10 Securing Zone Transfersp. 147
7.11 Restricting the Queries a Name Server Answersp. 149
7.12 Preventing a Name Server from Querying a Particular Remote Name Serverp. 150
7.13 Preventing a Name Server from Responding to DNS Traffic from Certain Networksp. 151
7.14 Protecting a Name Server from Spoofingp. 152
8. Interoperability and Upgradingp. 154
8.1 Upgrading from BIND 4 to BIND 8 or 9p. 154
8.2 Upgrading from BIND 8 to BIND 9p. 155
8.3 Configuring a Name Server to Accommodate a Slave Running BIND 4p. 157
8.4 Configuring a BIND Name Server to Accommodate a Slave Running the Microsoft DNS Serverp. 158
8.5 Configuring a BIND Name Server as a Slave to a Microsoft DNS Serverp. 159
8.6 Preventing Windows Computers from Trying to Update Your Zonesp. 160
8.7 Handling Windows Registration with a BIND Name Serverp. 161
8.8 Handling Active Directory with a Name Serverp. 163
8.9 Configuring a DHCP Server to Update a BIND Name Serverp. 165
9. Resolvers and Programmingp. 168
9.1 Configuring a Resolver to Query a Remote Name Serverp. 168
9.2 Configuring a Resolver to Resolve Single-Label Domain Namesp. 169
9.3 Configuring a Resolver to Append Multiple Domain Names to Argumentsp. 170
9.4 Sorting Multiple Addresses in a Responsep. 171
9.5 Changing the Resolver's Timeoutp. 172
9.6 Configuring the Order in Which a Resolver Uses DNS,/etc/hosts, and NISp. 173
9.7 Looking Up Records Programmaticallyp. 175
9.8 Transferring a Zone Programmaticallyp. 177
9.9 Updating a Zone Programmaticallyp. 178
9.10 Signing Queries and Dynamic Updates with TSIG Programmaticallyp. 179
10. Logging and Troubleshootingp. 181
10.1 Finding a Syntax Error in a named.conf Filep. 181
10.2 Finding a Syntax Error in a Zone Data Filep. 182
10.3 Sending Log Messages to a Particular Filep. 183
10.4 Discarding a Category of Messagesp. 185
10.5 Determining Which Category a Message Is Inp. 186
10.6 Sending syslog Output to Another Hostp. 187
10.7 Logging Dynamic Updatesp. 188
10.8 Rotating Log Filesp. 190
10.9 Looking Up Records with digp. 191
10.10 Reverse-Mapping an Address with digp. 193
10.11 Transferring a Zone Using digp. 195
10.12 Tracing Name Resolution Using digp. 196
11. IPv6p. 199
11.1 Configuring a Name Server to Listen for Queries on an IPv6 Interfacep. 199
11.2 Configuring a Name Server to Send Queries from a Particular IPv6 Addressp. 200
11.3 Adding a Host with an IPv6 Interfacep. 201
11.4 Configuring rndc to Work Over IPv6p. 203
Indexp. 204