Preface
I’m a pretty good casual Scrabble® player. Not a great one, mind you, but good enough so that close friends and family don’t much like playing with me. (My sister claims that she doesn’t like to play with me because I always cheated when we played games as kids, but I have no recollection of that.) I have a decent-sized vocabulary, I’m a good speller, and I’ve been doing the New York Times Crossword since I worked at HP and my manager, Lee, taught me the basics, so I now know all kinds of otherwise-useless crossword-puzzle words. But I’m still far from a great player.
A friend of mine, who’s among the brightest people I know, told me about a friend of his who’s a top competitive Scrabble player. He’d never played him before, so he challenged him to a game one day. On his second turn, my friend had six common letters in his rack, UDINTS, plus the blank (which, for those of you uninitiated in the ways of Scrabble, can be used as any letter). He was sure there were plays that would let him bingo -- play all seven of his letters and earn a coveted 50 point bonus.
He told his opponent as much, who replied, “Well, let me see!” After looking over the tiles for a moment, he said, “Oh, yeah, there are at least 15 bingos there.” Somewhat incredulously, my friend said, “Yeah, right. What are they?” To which his opponent replied, “You could make your blank any of AEFILMQRGNU, and make any of the following across the E:
| Making it an “A”: AUDIENTS |
| Making it an “E”: DETINUES |
| Making it an “F”: UNSIFTED |
| Making it an “I”: NUDITIES, DISUNITE, or UNTIDIES |
| Making it an “L”: UNLISTED, INSULTED, or DILUENTS |
| Making it an “M”: MISTUNED |
| Making it a “Q”: SQUINTED |
| Making it an “R”: INTRUDES |
| Making it an “G”: DUNGIEST |
| Making it an “N”: DUNNITES |
| Making it a “U”: UNSUITED |
Now, this guy wasn’t so quick with anagrams that he came up with all of these on the fly. No, he knew a Scrabble mnemonic device -- a recipe, if you will -- for remembering them all: finding the anagram DUNNITES, he remembered the magic sentence “A fire quelling material,” any of whose letters can be added to UDINTS and E to make a bingo. Of course, he did have to come up with the anagrams of each combination of letters, which is no mean feat. (Dunnite, ironically, is the name of a high explosive -- not exactly the stuff to be smothering the ol’ campfire with.)
You’d think that all you’d need to play a wicked game of Scrabble is an outsized vocabulary, but there’s much more to it than that. To become a competitive Scrabble player, you need to devote hundreds of hours to memorization: all of the English words you can spell with a “Q” but no “U”; all the two-letter words; all the three-letter words.[1] In my brain, too much valuable space is wasted remembering which country the ccTLD fm belongs to (the Federated States of Micronesia, and I swear I didn’t have to look it up) to commit stuff like that to memory.
Now, many name server administrators have a good grasp of the basics of DNS theory and name server configuration -- they’re fluent. But to be a complete administrator, you also need a set of commonly (and not-so-commonly) used BIND configurations. Then, when the occasion arises, you can bingo and impress the boss. Or go home early. Whichever.
Unlike Scrabble players, you don’t need to hold all this in your head. I often pop open DNS and BIND (O’Reilly & Associates) to check the syntax of some less-common named.conf substatements, so I certainly don’t expect everyone to remember all of the nuances of BIND configuration. And while I think DNS and BIND is a good book for learning about DNS theory and BIND configuration, I must admit it’s somewhat less useful as a reference than as a tutorial. Sometimes you just don’t feel up to slogging through a whole chapter to figure out how to set up classless in-addr.arpa delegation, and you can’t find the answer you’re looking for in the relevant mailing lists -- or you’re uncertain of the answer you do find.
This book is designed to “round you out” as a name server administrator by showing you just what you can do with BIND and how to do it, from the straightforward (the 10 English words with a “Q” but no “U”) to the intricate (all the bingos you can make with SATINE plus a blank).
This book expressly doesn’t concentrate on DNS theory. For that, I’d (not surprisingly) recommend DNS and BIND. Without an understanding of the theory behind DNS, you’re like the Southeast Asian Scrabble players who memorize the spelling -- but not the meaning or pronunciation -- of tens of thousands of English words: all syntax, no semantics.
As in other O’Reilly Cookbooks, the chapters in this book begin with simpler recipes and progress toward the more complex. The simpler recipes should be useful to anyone with a basic knowledge of DNS, while the more advanced may come in handy to even seasoned hostmasters. Each recipe starts with an explanation of a problem and a concise solution to that problem, followed by a more detailed explanation of the solution and, often, variations. At the end, you’ll find references to other, related recipes and more complete coverage of the topics in DNS and BIND and elsewhere.
Platform and Version
This book covers both BIND 8 and 9 name servers. The latest versions of these name servers as of this book’s publication were 8.3.3 and 9.2.1. Thanks to the availability of early snapshots of BIND 9.3.0, I’ve been able to include a few peeks at its features.
When a feature I’ve described is only available in a particular version of BIND, I’ve tried to note that in the recipe. In general, however, I’d recommend running the latest released version of BIND 8 or 9.
I run my name servers on FreeBSD (currently the 4.5 release), so many of the examples are drawn from that operating system.
Organization
Chapter 1, covers what you need to know to get started with a BIND name server: downloading and compiling BIND, registering a new domain name and configuring a name server. Chapter 2, describes how to create a zone data file and add records to it. Chapter 3, covers configuring BIND 8 and 9 name servers, from setting a name server’s working directory to serving multiple views of a single zone.
Chapter 4, describes how to set up email destinations, while Chapter 5, covers topics in name server control and management. Chapter 6, describes both how to establish and police delegation from your zone to its subzones, and how to manage the delegation to your zone from its parent.
The last five chapters deal with more specialized topics. Chapter 7, contains recipes on securing your name server against various types of attacks. Chapter 8, describes the pitfalls of running multiple versions of BIND name servers or heterogeneous name server environments, and warns of gotchas when upgrading from one version of BIND to another. Chapter 9, describes both basic resolver configuration and simple resolver programming using Perl’s Net::DNS module. Chapter 10, provides troubleshooting tips. Finally, Chapter 11, covers IPv6: setting up a name server to respond to IPv6-based queries, and handling the forward- and reverse-mapping of hosts with IPv6 addresses.
Audience
This book is intended primarily for system and network administrators who manage zones and one or more BIND name servers. However, the recipes in certain chapters may be of interest to a broader audience:
Other Books and Resources
Many of the recipes in this book include references to other books and a few web-based resources. Here’s a list of those:
- Apache, The Definitive Guide, Peter Laurie and Ben Laurie (O’Reilly & Associates)
For coverage of how to configure virtual hosts in Apache.
- The BIND 9 Administrator Reference Manual, the Nominum BIND Development Team; the Internet Software Consortium (http://www.nominum.com/resources/documentation/Bv9ARM.pdf)
Nicknames “the ARM,” this is the standard configuration reference for BIND 9 name servers, invaluable for name server administrators.
- DNS and BIND, by Paul Albitz and Cricket Liu (O’Reilly)
Textbook-style coverage of the Domain Name System and its BIND implementation, organized to follow the maturation of an administrator.
- DNS on Windows 2000, by Matt Larson and Cricket Liu (O’Reilly)
A special edition of DNS and BIND that substitutes the Microsoft DNS Server for the BIND name server.
Conventions Used in This Book
The following typographic conventions are used in this book:
- Italic
Used for filenames, directories, domain names, variables, and URLs.
Constant WidthUsed for code examples.
Constant Width ItalicUsed to indicate replaceables in examples.
This book uses one terminological convention that merits special note. There are many BIND configuration substatements that you can use within several different statements. For example, you can specify allow-transfer within a zone statement, within an options statement, and within a view statement. When I’m referring only to the first use, I call it the allow-transfer zone substatement. When referring to any of the three, I just call it the allow-transfer substatement. While I’m not sure this convention is common, it seemed like a natural, compact way of expressing the idea.
Comments and Questions
Please address comments and questions concerning this book to the publisher:
| O’Reilly & Associates, Inc. |
| 1005 Gravenstein Highway North |
| Sebastopol, CA 95472 |
| (800) 998-9938 (in the United States or Canada) |
| (707) 829-0515 (international or local) |
| (707) 829-0104 (fax) |
We have a web page for this book, where we list errata, examples, or any additional information. You can access this page at:
| http://www.oreilly.com/catalog/dnsbindckbk/ |
To comment or ask technical questions about this book, send email to:
| bookquestions@oreilly.com |
For more information about our books, conferences, Resource Centers, and the O’Reilly Network, see our web site at:
| http://www.oreilly.com |
Acknowledgments
First, I’d like to thank this book’s reviewers, Robbie Allen, Nate Campi and Jay Kreibich, whose close reading of the text caught more errors than I’d like to admit to, and whose suggestions improved nearly every recipe. I’d also like to thank the Internet Software Consortium and Nominum, for their hard work on the development of BIND 8 and 9, without which I imagine my career would have veered in a wildly different direction.
While I’m up on this podium, let me acknowledge the unsung heroes of the BIND Users and BIND 9 Users mailing lists, who do a tremendous job of answering dozens of DNS and BIND questions each week -- some of them for the nth time. I hope this book helps alleviate their workload a little. Who knows? Maybe we’ll be able to use it like the longtime regulars in the bar, telling each other jokes by calling out each joke’s number: “How do I point my domain name at a particular URL?” Section 2.7![2]
I’m grateful to my friend Paul Phillips, for the use of his Scrabble anecdote, and for his occasional -- but always entertaining -- dispatches from the world of professional poker. And I am, as ever, indebted to my friend Paul Albitz, under whose wing I got my start, and who sets a sterling example as a patient teacher, selfless coauthor and methodical engineer.
The folks at O’Reilly, as always, have been wonderful to work with, especially my editor, Mike Loukides.
Finally, my love and thanks to my family: to my mom, my first reviewer, whose voice you undoubtedly hear in my writing; to my dad, for hours of academic tutelage; to my sister (“You shut up!”) for her good humor; and of course to my wife, Paige, and son, Walt, and my dogs, Dakota and Annie, for their love and for lost hours.
[1] For a fascinating account of the process of becoming a competitive Scrabble player, see Stefan Fatsis’s excellent book, Word Freak.
[2] For a variation on this joke, see http://www.awpi.com/Combs/Shaggy/929.html.
Get DNS & BIND Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
