Cover image for DNS & Bind Cookbook

Book description

The DNS & BIND Cookbook presents solutions to the many problems faced by network administrators responsible for a name server. Following O'Reilly's popular problem-and-solution cookbook format, this title is an indispensable companion to DNS & BIND, 4th Edition, the definitive guide to the critical task of name server administration. The cookbook contains dozens of code recipes showing solutions to everyday problems, ranging from simple questions, like, "How do I get BIND?" to more advanced topics like providing name service for IPv6 addresses. It's full of BIND configuration files that you can adapt to your sites requirements. With the wide range of recipes in this book, you'll be able to

  • Check whether a name is registered

  • Register your domain name and name servers

  • Create zone files for your domains

  • Protect your name server from abuse

  • Set up back-up mail servers and virtual email addresses

  • Delegate subdomains and check delegation

  • Use incremental transfer

  • Secure zone transfers

  • Restrict which queries a server will answer

  • Upgrade to BIND 9 from earlier version

  • Perform logging and troubleshooting

  • Use IPv6

and much more. These recipes encompass all the day-to-day tasks you're faced with when managing a name server, and many other tasks you'll face as your site grows. Written by Cricket Liu, a noted authority on DNS, and the author of the bestselling DNS & BIND and DNS on Windows 2000, the DNS & BIND Cookbook belongs in every system or network administrator's library.

Table of Contents

  1. DNS & Bind Cookbook
    1. SPECIAL OFFER: Upgrade this ebook with O’Reilly
    2. A Note Regarding Supplemental Files
    3. Preface
      1. Platform and Version
      2. Organization
      3. Audience
      4. Other Books and Resources
      5. Conventions Used in This Book
      6. Comments and Questions
      7. Acknowledgments
    4. 1. Getting Started
      1. Introduction
      2. Finding More Information About DNS and BIND
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      3. Asking Questions You Can’t Find Answers To
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      4. Getting a List of Top-Level Domains
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      5. Checking Whether a Domain Name Is Registered
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      6. Registering a Domain Name
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      7. Registering Name Servers
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      8. Registering a Reverse-Mapping Domain
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      9. Transferring Your Domain Name to Another Registrar
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      10. Choosing a Version of BIND
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      11. Finding Out Which Version of BIND You’re Running
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      12. Getting BIND
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      13. Building and Installing BIND
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      14. Getting a Precompiled Version of BIND
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      15. Creating a named.conf File
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      16. Configuring a Name Server as the Primary Master for a Zone
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      17. Configuring a Name Server as a Slave for a Zone
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      18. Configuring a Name Server as Authoritative for Multiple Zones
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      19. Starting a Name Server
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      20. Stopping a Name Server
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      21. Starting named at Boot Time
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
    5. 2. Zone Data
      1. Introduction
      2. Creating a Zone Data File
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      3. Adding a Host
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      4. Adding an Alias
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      5. Adding a Mail Destination
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      6. Making the Domain Name of Your Zone Point to Your Web Server
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      7. Pointing a Domain Name to a Particular URL
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      8. Setting Up Round Robin Load Distribution
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      9. Adding a Domain Name in a Subdomain Without Creating a New Zone
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      10. Preventing Remote Name Servers from Caching a Resource Record
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      11. Adding a Multihomed Host
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      12. Updating a Name Server’s Root Hints File
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      13. Using a Single Data File for Multiple Zones
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      14. Using Multiple Data Files for a Single Zone
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      15. Resetting Your Zone’s Serial Number
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      16. Making Manual Changes to a Dynamically Updated Zone
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      17. Moving a Host
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      18. Mapping Any Domain Name in a Zone to a Single IP Address
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      19. Adding Similar Records
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      20. Making Your Services Easy to Find
        1. Problem
        2. Solution
        3. Discussion
      21. Storing the Location of a Host in DNS
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      22. Filtering a Host Table into Zone Data Files
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
    6. 3. BIND Name Server Configuration
      1. Introduction
      2. Configuring a Name Server to Work with ndc
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      3. Configuring a Name Server to Work with rndc
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      4. Using rndc with a Remote Name Server
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      5. Allowing “Illegal” Characters in Domain Names
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      6. Dividing a Large named.conf File into Multiple Files
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      7. Organizing Zone Data Files in Different Directories
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      8. Configuring a Name Server as Slave for All of Your Zones
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      9. Finding an Offsite Slave Name Server for Your Zone
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      10. Protecting a Slave Name Server from Abuse
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      11. Allowing Dynamic Updates
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      12. Configuring a Name Server to Forward Dynamic Updates
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      13. Notifying a Slave Name Server Not in a Zone’s NS Records
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      14. Limiting NOTIFY Messages
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      15. Configuring a Name Server to Forward Queries to Another Name Server
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      16. Configuring a Name Server to Forward Some Queries to Other Name Servers
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      17. Configuring a Name Server Not to Forward Certain Queries
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      18. Returning Different Answers to Different Queriers
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      19. Determining the Order in Which a Name Server Returns Answers
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      20. Setting Up a Slave Name Server for a Zone in Multiple Views
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      21. Disabling Caching
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      22. Limiting the Memory a Name Server Uses
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      23. Configuring IXFR
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      24. Limiting the Size of the IXFR Log File
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      25. Configuring a Name Server to Listen Only on Certain Network Interfaces
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      26. Running a Name Server on an Alternate Port
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      27. Setting Up a Root Name Server
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      28. Returning a Default Record
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      29. Configuring DNS to Let Clients Find the Closest Server
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      30. Handling Dialup Connections
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
    7. 4. Electronic Mail
      1. Introduction
      2. Configuring a Backup Mail Server in DNS
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      3. Configuring Multiple Mail Servers in DNS
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      4. Configuring Mail to Go to One Server and the Web to Another
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      5. Configuring DNS for “Virtual” Email Addresses
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      6. Configuring DNS So a Mail Server and the Email It Sends Pass Anti-Spam Tests
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
    8. 5. BIND Name Server Operations
      1. Introduction
      2. Figuring Out How Much Memory a Name Server Will Need
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      3. Testing a Name Server’s Configuration
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      4. Viewing a Name Server’s Cache
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      5. Flushing (Clearing) a Name Server’s Cache
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      6. Modifying Zone Data Without Restarting the Name Server
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      7. Adding or Removing Zones Without Restarting or Reloading the Name Server
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      8. Initiating a Zone Transfer
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      9. Restarting a Name Server Automatically If It Dies
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      10. Restarting a Name Server with the Same Arguments
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      11. Controlling Multiple named Processes with rndc
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      12. Controlling Multiple named Processes with ndc
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      13. Finding Out Who’s Querying a Name Server
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      14. Measuring a Name Server’s Performance
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      15. Measuring Queries for Records in Particular Zones
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      16. Monitoring a Name Server
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      17. Limiting Concurrent Zone Transfers
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      18. Limiting Concurrent TCP Clients
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      19. Limiting Concurrent Recursive Clients
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      20. Dynamically Updating a Zone
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      21. Sending Dynamic Updates to a Particular Name Server
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      22. Setting Prerequisites in a Dynamic Update
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      23. Sending TSIG-Signed Dynamic Updates
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      24. Setting Up a Backup Primary Master Name Server
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      25. Promoting a Slave Name Server to the Primary Master
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      26. Running Multiple Primary Master Name Servers for the Same Zone
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      27. Creating a Zone Programmatically
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      28. Migrating from One Domain Name to Another
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
    9. 6. Delegation and Registration
      1. Introduction
      2. Delegating a Subdomain
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      3. Delegating a Subdomain of a Reverse-Mapping Zone
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      4. Delegating Reverse-Mapping for Networks with Non-Octet Masks
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      5. Delegating Reverse-Mapping for Networks Smaller than a /24
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      6. Checking Delegation
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      7. Moving a Name Server
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      8. Changing Your Zone’s Name Servers
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
    10. 7. Security
      1. Introduction
      2. Concealing a Name Server’s Version
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      3. Configuring a Name Server to Work with a Firewall (or Vice Versa)
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      4. Setting Up a Hidden Primary Master Name Server
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      5. Setting Up a Stealth Slave Name Server
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      6. Configuring an Authoritative-Only Name Server
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      7. Configuring a Caching-Only Name Server
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      8. Running a Name Server in a chroot( ) Jail
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      9. Running the Name Server as a User Other than Root
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      10. Defining a TSIG Key
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      11. Securing Zone Transfers
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      12. Restricting the Queries a Name Server Answers
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      13. Preventing a Name Server from Querying a Particular Remote Name Server
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      14. Preventing a Name Server from Responding to DNS Traffic from Certain Networks
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      15. Protecting a Name Server from Spoofing
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
    11. 8. Interoperability and Upgrading
      1. Introduction
      2. Upgrading from BIND 4 to BIND 8 or 9
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      3. Upgrading from BIND 8 to BIND 9
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      4. Configuring a Name Server to Accommodate a Slave Running BIND 4
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      5. Configuring a BIND Name Server to Accommodate a Slave Running the Microsoft DNS Server
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      6. Configuring a BIND Name Server as a Slave to a Microsoft DNS Server
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      7. Preventing Windows Computers from Trying to Update Your Zones
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      8. Handling Windows Registration with a BIND Name Server
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      9. Handling Active Directory with a Name Server
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      10. Configuring a DHCP Server to Update a BIND Name Server
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
    12. 9. Resolvers and Programming
      1. Introduction
      2. Configuring a Resolver to Query a Remote Name Server
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      3. Configuring a Resolver to Resolve Single-Label Domain Names
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      4. Configuring a Resolver to Append Multiple Domain Names to Arguments
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      5. Sorting Multiple Addresses in a Response
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      6. Changing the Resolver’s Timeout
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      7. Configuring the Order in Which a Resolver Uses DNS, /etc/hosts, and NIS
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      8. Looking Up Records Programmatically
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      9. Transferring a Zone Programmatically
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      10. Updating a Zone Programmatically
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      11. Signing Queries and Dynamic Updates with TSIG Programmatically
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
    13. 10. Logging and Troubleshooting
      1. Introduction
      2. Finding a Syntax Error in a named.conf File
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      3. Finding a Syntax Error in a Zone Data File
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      4. Sending Log Messages to a Particular File
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      5. Discarding a Category of Messages
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      6. Determining Which Category a Message Is In
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      7. Sending syslog Output to Another Host
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      8. Logging Dynamic Updates
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      9. Rotating Log Files
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      10. Looking Up Records with dig
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      11. Reverse-Mapping an Address with dig
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      12. Transferring a Zone Using dig
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      13. Tracing Name Resolution Using dig
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
    14. 11. IPv6
      1. Introduction
      2. Configuring a Name Server to Listen for Queries on an IPv6 Interface
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      3. Configuring a Name Server to Send Queries from a Particular IPv6 Address
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      4. Adding a Host with an IPv6 Interface
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
      5. Configuring rndc to Work Over IPv6
        1. Problem
        2. Solution
        3. Discussion
        4. See Also
    15. Index
    16. About the Author
    17. Colophon
    18. SPECIAL OFFER: Upgrade this ebook with O’Reilly