DNS and BIND (5th Edition)
Format: PDF / Kindle (mobi) / ePub
DNS and BIND tells you everything you need to work with one of the Internet's fundamental building blocks: the distributed host information database that's responsible for translating names into addresses, routing mail to its proper destination, and even listing phone numbers with the new ENUM standard. This book brings you up-to-date with the latest changes in this crucial service.
The fifth edition covers BIND 9.3.2, the most recent release of the BIND 9 series, as well as BIND 8.4.7. BIND 9.3.2 contains further improvements in security and IPv6 support, and important new features such as internationalized domain names, ENUM (electronic numbering), and SPF (the Sender Policy Framework).
Whether you're an administrator involved with DNS on a daily basis or a user who wants to be more informed about the Internet and how it works, you'll find that this book is essential reading.
- What DNS does, how it works, and when you need to use it
- How to find your own place in the Internet's namespace
- Setting up name servers
- Using MX records to route mail
- Configuring hosts to use DNS name servers
- Subdividing domains (parenting)
- Securing your name server: restricting who can query your server, preventing unauthorized zone transfers, avoiding bogus servers, etc.
- The DNS Security Extensions (DNSSEC) and Transaction Signatures (TSIG)
- Mapping one name to several servers for load sharing
- Dynamic updates, asynchronous notification of change to a zone, and incremental zone transfers
- Troubleshooting: using nslookup and dig, reading debugging output, common problems
- DNS programming using the resolver library and Perl's Net::DNS module
Two other flags in queries: AD and CD. Both are part of the standard DNS query header; they were allocated from previously unused space.[*] AD stands for Authenticated Data. It's set by DNSSEC-capable nameservers in responses only if they've verified all the DNSSEC-related records included in the message. A nameserver returning any records that failed to verify, or simply weren't from a signed zone, would clear the AD bit. The AD bit is designed to allow resolvers that query a nameserver that.
Additional. Header section The header section is present in every query and response message. The operation code nslookup reports is always QUERY. There are other opcodes for asynchronous notification of zone changes (NOTIFY) and for dynamic updates (UPDATE), but nslookup doesn't see those because it just sends regular queries and receives responses. The ID in the header associates a response with a query and detects duplicate queries or responses. You have to look in the header flags to see.
Anymore. Return value 1 has been replaced by return values 4–7. What if I Don't Have named-xfer? If you've upgraded to BIND 9 and don't have a named-xfer binary, you can still use nslookup or dig to do a zone transfer. Either query tool will give you some of the information that named-xfer would have given you. For example, to use dig to do the same zone transfer we showed you earlier, you can run: %dig @toystory.movie.edu movie.edu. axfr With nslookup, you can change your nameserver.
(void) fprintf(stderr, "unexpected return code\n"); break; } } To compile this program using the resolver and nameserver routines in libc: %cc -o check_soa check_soa.c Or, if you've newly compiled the BIND code as we describe in Appendix C and want to use the latest header files and resolver library: %cc -o check_soa -I/usr/local/src/bind/src/include \ check_soa.c /usr/local/src/bind/src/lib/libbind.a Here is what the output looks like: %check_soa mit.edu BITSY.MIT.EDU has serial number.
English. For example, in the following diagram, the octets are transmitted in the order they are numbered: 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 1 | 2 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 3 | 4 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 5 | 6 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Whenever an octet represents a numeric quantity, the leftmost bit in the diagram is the high order, or most significant, bit. That is, the bit labeled 0 is the most significant bit. For.