
40
|
Chapter 3: The Domain Name System
Getting into the BIND
Most of the DNS servers in the world are run by the Berkeley Internet Name Dae-
mon, or BIND. BIND is standard on every version of Unix and Linux. Since adminis-
trators are certain to run into it, this chapter covers BIND in detail.
The most popular alternative to BIND is the djbdns suite. It works
well, is used by many large nameservers, and has an arguably simpler
configuration. See http://cr.yp.to/djbdns.html for details.
We won’t offer a history lesson on BIND, because the subject would put you to
sleep. Still, we do need to address one historical concern. Some people continue to
use an antiquated, deprecated release of BIND: version 4. In this chapter, we use the
newer version 9.
If you work on a system with DNS configuration files that look different from the
syntax shown in this chapter, it’s probably because the system uses BIND 4. As we
said earlier, businesses hate to replace working systems, and it may require a catas-
trophe to get an IT department to upgrade to BIND 8 or 9. Because of the potential
for security exploits in BIND 4, however, you should strongly suggest such an
upgrade. (By the way, the version numbering jumped from 4 to 8 to match Send-
mail’s versions; don’t let anyone sell you BIND 5, 6, or 7.)
Components of BIND
BIND comes with three components. The first is the service or daemon that runs the
answering side ...