Book: Pro DNS and BIND
Every time you get e-mail, every time you access a web page, you use the Domain NameSystem (DNS). In fact, over 2 billion such requests hit the DNS root-servers alone every day.Every one of those 2 billion requests originate from a DNS that supports a group of local users,and every one of them is finally answered by a DNS server that may support a high-volumecommercial web site or a modest, but much loved, family web site. This book is about understanding,configuring, diagnosing, and securing the DNS servers that do the vital work.Many years ago when I set up my first pair of DNS servers, I wasted my time looking forsome practical advice and some sensible description of the theory involved. I found neither.I completed the DNS rite-of-passage—this book was born from that experience.DNS is a complex subject, but it is also unnecessarily cloaked in mystery and mythology.This book, I hope, is a sensible blend of practical advice and theory. You can treat it as a simplepaint-by-numbers guide to everything from a simple caching DNS to the most complex secureDNS (DNSSEC) implementations. But the background information is there for those timeswhen you not only need to know what to do, but you also need to know why you are doing it,and how you can modify the process to meet your unique needs.This book is about running DNS systems based on BIND 9.3.0—the first stable release thatincludes support for the latest DNSSEC (DNSSEC.bis) standards and a major functionalupgrade from previous BIND 9 releases. If you run or administer a DNS system, are thinkingabout running a DNS system, need to upgrade to support IPv6 DNS, need to secure a DNS forzone transfer, dynamic update, or other reasons, need to implement DNSSEC, or simply wantto understand the DNS system, then this book is designed to provide you with a single pointof reference. The book progressively builds up from simple concepts to full security-awareDNSSEC configurations. The various features, parameters, and Resource Records that youwill need are all described and in the majority of cases illustrated with one or more examples.The book contains a complete reference on zone files, Resource Records, and BIND’s named.confconfiguration file parameters. Programmers and the insatiably curious will find BIND’s SimpleDatabase API, resolver library interfaces, and the gory details of DNS wire-format messagescompelling reading.