O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

DNS & BIND Cookbook

Book Description

The DNS & BIND Cookbook presents solutions to the many problems faced by network administrators responsible for a name server. Following O'Reilly's popular problem-and-solution cookbook format, this title is an indispensable companion to DNS & BIND, 4th Edition, the definitive guide to the critical task of name server administration. The cookbook contains dozens of code recipes showing solutions to everyday problems, ranging from simple questions, like, "How do I get BIND?" to more advanced topics like providing name service for IPv6 addresses. It's full of BIND configuration files that you can adapt to your sites requirements.With the wide range of recipes in this book, you'll be able to

  • Check whether a name is registered
  • Register your domain name and name servers
  • Create zone files for your domains
  • Protect your name server from abuse
  • Set up back-up mail servers and virtual email addresses
  • Delegate subdomains and check delegation
  • Use incremental transfer
  • Secure zone transfers
  • Restrict which queries a server will answer
  • Upgrade to BIND 9 from earlier version
  • Perform logging and troubleshooting
  • Use IPv6
and much more.These recipes encompass all the day-to-day tasks you're faced with when managing a name server, and many other tasks you'll face as your site grows. Written by Cricket Liu, a noted authority on DNS, and the author of the bestselling DNS & BIND and DNS on Windows 2000, the DNS & BIND Cookbook belongs in every system or network administrator's library.

Table of Contents

  1. A Note Regarding Supplemental Files
  2. Preface
    1. Platform and Version
    2. Organization
    3. Audience
    4. Other Books and Resources
    5. Conventions Used in This Book
    6. Comments and Questions
    7. Acknowledgments
  3. 1. Getting Started
    1. Introduction
    2. Finding More Information About DNS and BIND
    3. Asking Questions You Can’t Find Answers To
    4. Getting a List of Top-Level Domains
    5. Checking Whether a Domain Name Is Registered
    6. Registering a Domain Name
    7. Registering Name Servers
    8. Registering a Reverse-Mapping Domain
    9. Transferring Your Domain Name to Another Registrar
    10. Choosing a Version of BIND
    11. Finding Out Which Version of BIND You’re Running
    12. Getting BIND
    13. Building and Installing BIND
    14. Getting a Precompiled Version of BIND
    15. Creating a named.conf File
    16. Configuring a Name Server as the Primary Master for a Zone
    17. Configuring a Name Server as a Slave for a Zone
    18. Configuring a Name Server as Authoritative for Multiple Zones
    19. Starting a Name Server
    20. Stopping a Name Server
    21. Starting named at Boot Time
  4. 2. Zone Data
    1. Introduction
    2. Creating a Zone Data File
    3. Adding a Host
    4. Adding an Alias
    5. Adding a Mail Destination
    6. Making the Domain Name of Your Zone Point to Your Web Server
    7. Pointing a Domain Name to a Particular URL
    8. Setting Up Round Robin Load Distribution
    9. Adding a Domain Name in a Subdomain Without Creating a New Zone
    10. Preventing Remote Name Servers from Caching a Resource Record
    11. Adding a Multihomed Host
    12. Updating a Name Server’s Root Hints File
    13. Using a Single Data File for Multiple Zones
    14. Using Multiple Data Files for a Single Zone
    15. Resetting Your Zone’s Serial Number
    16. Making Manual Changes to a Dynamically Updated Zone
    17. Moving a Host
    18. Mapping Any Domain Name in a Zone to a Single IP Address
    19. Adding Similar Records
    20. Making Your Services Easy to Find
    21. Storing the Location of a Host in DNS
    22. Filtering a Host Table into Zone Data Files
  5. 3. BIND Name Server Configuration
    1. Introduction
    2. Configuring a Name Server to Work with ndc
    3. Configuring a Name Server to Work with rndc
    4. Using rndc with a Remote Name Server
    5. Allowing “Illegal” Characters in Domain Names
    6. Dividing a Large named.conf File into Multiple Files
    7. Organizing Zone Data Files in Different Directories
    8. Configuring a Name Server as Slave for All of Your Zones
    9. Finding an Offsite Slave Name Server for Your Zone
    10. Protecting a Slave Name Server from Abuse
    11. Allowing Dynamic Updates
    12. Configuring a Name Server to Forward Dynamic Updates
    13. Notifying a Slave Name Server Not in a Zone’s NS Records
    14. Limiting NOTIFY Messages
    15. Configuring a Name Server to Forward Queries to Another Name Server
    16. Configuring a Name Server to Forward Some Queries to Other Name Servers
    17. Configuring a Name Server Not to Forward Certain Queries
    18. Returning Different Answers to Different Queriers
    19. Determining the Order in Which a Name Server Returns Answers
    20. Setting Up a Slave Name Server for a Zone in Multiple Views
    21. Disabling Caching
    22. Limiting the Memory a Name Server Uses
    23. Configuring IXFR
    24. Limiting the Size of the IXFR Log File
    25. Configuring a Name Server to Listen Only on Certain Network Interfaces
    26. Running a Name Server on an Alternate Port
    27. Setting Up a Root Name Server
    28. Returning a Default Record
    29. Configuring DNS to Let Clients Find the Closest Server
    30. Handling Dialup Connections
  6. 4. Electronic Mail
    1. Introduction
    2. Configuring a Backup Mail Server in DNS
    3. Configuring Multiple Mail Servers in DNS
    4. Configuring Mail to Go to One Server and the Web to Another
    5. Configuring DNS for “Virtual” Email Addresses
    6. Configuring DNS So a Mail Server and the Email It Sends Pass Anti-Spam Tests
  7. 5. BIND Name Server Operations
    1. Introduction
    2. Figuring Out How Much Memory a Name Server Will Need
    3. Testing a Name Server’s Configuration
    4. Viewing a Name Server’s Cache
    5. Flushing (Clearing) a Name Server’s Cache
    6. Modifying Zone Data Without Restarting the Name Server
    7. Adding or Removing Zones Without Restarting or Reloading the Name Server
    8. Initiating a Zone Transfer
    9. Restarting a Name Server Automatically If It Dies
    10. Restarting a Name Server with the Same Arguments
    11. Controlling Multiple named Processes with rndc
    12. Controlling Multiple named Processes with ndc
    13. Finding Out Who’s Querying a Name Server
    14. Measuring a Name Server’s Performance
    15. Measuring Queries for Records in Particular Zones
    16. Monitoring a Name Server
    17. Limiting Concurrent Zone Transfers
    18. Limiting Concurrent TCP Clients
    19. Limiting Concurrent Recursive Clients
    20. Dynamically Updating a Zone
    21. Sending Dynamic Updates to a Particular Name Server
    22. Setting Prerequisites in a Dynamic Update
    23. Sending TSIG-Signed Dynamic Updates
    24. Setting Up a Backup Primary Master Name Server
    25. Promoting a Slave Name Server to the Primary Master
    26. Running Multiple Primary Master Name Servers for the Same Zone
    27. Creating a Zone Programmatically
    28. Migrating from One Domain Name to Another
  8. 6. Delegation and Registration
    1. Introduction
    2. Delegating a Subdomain
    3. Delegating a Subdomain of a Reverse-Mapping Zone
    4. Delegating Reverse-Mapping for Networks with Non-Octet Masks
    5. Delegating Reverse-Mapping for Networks Smaller than a /24
    6. Checking Delegation
    7. Moving a Name Server
    8. Changing Your Zone’s Name Servers
  9. 7. Security
    1. Introduction
    2. Concealing a Name Server’s Version
    3. Configuring a Name Server to Work with a Firewall (or Vice Versa)
    4. Setting Up a Hidden Primary Master Name Server
    5. Setting Up a Stealth Slave Name Server
    6. Configuring an Authoritative-Only Name Server
    7. Configuring a Caching-Only Name Server
    8. Running a Name Server in a chroot( ) Jail
    9. Running the Name Server as a User Other than Root
    10. Defining a TSIG Key
    11. Securing Zone Transfers
    12. Restricting the Queries a Name Server Answers
    13. Preventing a Name Server from Querying a Particular Remote Name Server
    14. Preventing a Name Server from Responding to DNS Traffic from Certain Networks
    15. Protecting a Name Server from Spoofing
  10. 8. Interoperability and Upgrading
    1. Introduction
    2. Upgrading from BIND 4 to BIND 8 or 9
    3. Upgrading from BIND 8 to BIND 9
    4. Configuring a Name Server to Accommodate a Slave Running BIND 4
    5. Configuring a BIND Name Server to Accommodate a Slave Running the Microsoft DNS Server
    6. Configuring a BIND Name Server as a Slave to a Microsoft DNS Server
    7. Preventing Windows Computers from Trying to Update Your Zones
    8. Handling Windows Registration with a BIND Name Server
    9. Handling Active Directory with a Name Server
    10. Configuring a DHCP Server to Update a BIND Name Server
  11. 9. Resolvers and Programming
    1. Introduction
    2. Configuring a Resolver to Query a Remote Name Server
    3. Configuring a Resolver to Resolve Single-Label Domain Names
    4. Configuring a Resolver to Append Multiple Domain Names to Arguments
    5. Sorting Multiple Addresses in a Response
    6. Changing the Resolver’s Timeout
    7. Configuring the Order in Which a Resolver Uses DNS, /etc/hosts, and NIS
    8. Looking Up Records Programmatically
    9. Transferring a Zone Programmatically
    10. Updating a Zone Programmatically
    11. Signing Queries and Dynamic Updates with TSIG Programmatically
  12. 10. Logging and Troubleshooting
    1. Introduction
    2. Finding a Syntax Error in a named.conf File
    3. Finding a Syntax Error in a Zone Data File
    4. Sending Log Messages to a Particular File
    5. Discarding a Category of Messages
    6. Determining Which Category a Message Is In
    7. Sending syslog Output to Another Host
    8. Logging Dynamic Updates
    9. Rotating Log Files
    10. Looking Up Records with dig
    11. Reverse-Mapping an Address with dig
    12. Transferring a Zone Using dig
    13. Tracing Name Resolution Using dig
  13. 11. IPv6
    1. Introduction
    2. Configuring a Name Server to Listen for Queries on an IPv6 Interface
    3. Configuring a Name Server to Send Queries from a Particular IPv6 Address
    4. Adding a Host with an IPv6 Interface
    5. Configuring rndc to Work Over IPv6
  14. Index
  15. About the Author
  16. Colophon
  17. Copyright