Home
Contents

Book Fire Online by http://bookfire.net
Prev Page Next Page
 
Main Page
Table of content
Copyright
Preface
Versions
What's New in the Fourth Edition?
Organization
Audience
Obtaining the Example Programs
Contacting O'Reilly
Conventions Used in This Book
Quotations
Acknowledgments
Chapter 1. Background
1.1 A (Very) Brief History of the Internet
1.2 On the Internet and internets
1.3 The Domain Name System in a Nutshell
1.4 The History of BIND
1.5 Must I Use DNS?
Chapter 2. How Does DNS Work?
2.1 The Domain Name Space
2.2 The Internet Domain Name Space
2.3 Delegation
2.4 Name Servers and Zones
2.5 Resolvers
2.6 Resolution
2.7 Caching
Chapter 3. Where Do I Start?
3.1 Getting BIND
3.2 Choosing a Domain Name
Chapter 4. Setting Up BIND
4.1 Our Zone
4.2 Setting Up Zone Data
4.3 Setting Up a BIND Configuration File
4.4 Abbreviations
4.5 Host Name Checking (BIND 4.9.4 and Later Versions)
4.6 Tools
4.7 Running a Primary Master Name Server
4.8 Running a Slave Name Server
4.9 Adding More Zones
4.10 What Next?
Chapter 5. DNS and Electronic Mail
5.1 MX Records
5.2 What's a Mail Exchanger, Again?
5.3 The MX Algorithm
Chapter 6. Configuring Hosts
6.1 The Resolver
6.2 Sample Resolver Configurations
6.3 Minimizing Pain and Suffering
6.4 Vendor -Specific Options
Chapter 7. Maintaining BIND
7.1 Controlling the Name Server
7.2 Updating Zone Data Files
7.3 Organizing Your Files
7.4 Changing System File Locations in BIND 8 and 9
7.5 Logging in BIND 8 and 9
7.6 Keeping Everything Running Smoothly
Chapter 8. Growing Your Domain
8.1 How Many Name Servers?
8.2 Adding More Name Servers
8.3 Registering Name Servers
8.4 Changing TTLs
8.5 Planning for Disasters
8.6 Coping with Disaster
Chapter 9. Parenting
9.1 When to Become a Parent
9.2 How Many Children?
9.3 What to Name Your Children
9.4 How to Become a Parent: Creating Subdomains
9.5 Subdomains of in-addr.arpa Domains
9.6 Good Parenting
9.7 Managing the Transition to Subdomains
9.8 The Life of a Parent
Chapter 10. Advanced Features
10.1 Address Match Lists and ACLs
10.2 DNS Dynamic Update
10.3 DNS NOTIFY (Zone Change Notification)
10.4 Incremental Zone Transfer (IXFR)
10.5 Forwarding
10.6 Views
10.7 Round Robin Load Distribution
10.8 Name Server Address Sorting
10.9 Preferring Name Servers on Certain Networks
10.10 A Nonrecursive Name Server
10.11 Avoiding a Bogus Name Server
10.12 System Tuning
10.13 Compatibility
10.14 The ABCs of IPv6 Addressing
10.15 Addresses and Ports
10.16 IPv6 Forward and Reverse Mapping
Chapter 11. Security
11.1 TSIG
11.2 Securing Your Name Server
11.3 DNS and Internet Firewalls
11.4 The DNS Security Extensions
Chapter 12. nslookup and dig
12.1 Is nslookup a Good Tool?
12.2 Interactive Versus Noninteractive
12.3 Option Settings
12.4 Avoiding the Search List
12.5 Common Tasks
12.6 Less Common Tasks
12.7 Troubleshooting nslookup Problems
12.8 Best of the Net
12.9 Using dig
Chapter 13. Reading BIND Debugging Output
13.1 Debugging Levels
13.2 Turning On Debugging
13.3 Reading Debugging Output
13.4 The Resolver Search Algorithm and Negative Caching (BIND 8)
13.5 The Resolver Search Algorithm and Negative Caching (BIND 9)
13.6 Tools
Chapter 14. Troubleshooting DNS and BIND
14.1 Is NIS Really Your Problem?
14.2 Troubleshooting Tools and Techniques
14.3 Potential Problem List
14.4 Transition Problems
14.5 Interoperability and Version Problems
14.6 TSIG Errors
14.7 Problem Symptoms
Chapter 15. Programming with the Resolver and Name Server Library Routines
15.1 Shell Script Programming with nslookup
15.2 C Programming with the Resolver Library Routines
15.3 Perl Programming with Net::DNS
Chapter 16. Miscellaneous
16.1 Using CNAME Records
16.2 Wildcards
16.3 A Limitation of MX Records
16.4 Dialup Connections
16.5 Network Names and Numbers
16.6 Additional Resource Records
16.7 DNS and WINS
16.8 DNS and Windows 2000
Appendix A. DNS Message Format and Resource Records
A.1 Master File Format
A.2 DNS Messages
A.3 Resource Record Data
Appendix B. BIND Compatibility Matrix
Appendix C. Compiling and Installing BIND on Linux
C.1 Instructions for BIND 8.2.3
C.2 Instructions for BIND 9.1.0
Appendix D. Top-Level Domains
Appendix E. BIND Name Server and Resolver Configuration
E.1 BIND Name Server Boot File Directives and Configuration File Statements
E.2 BIND 4 Boot File Directives
E.3 BIND 8 Configuration File Statements
E.4 BIND 9 Configuration File Statements
E.5 BIND Resolver Statements
Colophon
Index
Index SYMBOL
Index A
Index B
Index C
Index D
Index E
Index F
Index G
Index H
Index I
Index J
Index K
Index L
Index M
Index N
Index O
Index P
Index Q
Index R
Index S
Index T
Index U
Index V
Index W
Index X
Index Y
Index Z
I l@ve RuBoard Previous Section Next Section

4.4 Abbreviations

At this point, we have created all the files necessary for a primary master name server. Let's go back and revisit the zone data files; there are shortcuts we didn't use. Unless you see and understand the long form first, though, the short form can look very cryptic. Now that you know the long form and have seen the BIND configuration file, we'll show you the shortcuts.

4.4.1 Appending Domain Names

The second field of a primary directive (BIND 4) or zone statement (BIND 8 and 9) specifies a domain name. This domain name is the key to the most useful shortcut. This domain name is the origin of all the data in the zone data file. The origin is appended to all names in the zone data file that don't end in a dot, and will be different for each zone data file since each file describes a different zone.

Since the origin is appended to names, instead of entering robocop.movie.edu's address in db.movie.edu like this:

robocop.movie.edu.    IN A     192.249.249.2

we could have entered it like this:

robocop    IN A     192.249.249.2

In the db.192.24.249 file we entered this:

2.249.249.192.in-addr.arpa.  IN PTR robocop.movie.edu.

Since 249.249.192.in-addr.arpa is the origin, we could have entered:

2  IN PTR robocop.movie.edu.

Remember our earlier warning not to omit the trailing dot when using the fully qualified domain names? Suppose you forget the trailing dot. An entry like:

robocop.movie.edu    IN A     192.249.249.2

turns into an entry for robocop.movie.edu.movie.edu, not what you intended at all.

4.4.2 The @ Notation

If a domain name is the same as the origin, the name can be specified as "@". This is most often seen in the SOA record in the zone data files. The SOA records could have been entered this way:

@ IN SOA terminator.movie.edu. al.robocop.movie.edu. (
                          1        ; Serial
                          3h       ; Refresh after 3 hours
                          1h       ; Retry after 1 hour
                          1w       ; Expire after 1 week
                          1h )     ; Negative caching TTL of 1 hour

4.4.3 Repeat Last Name

If a resource record name (that starts in the first column) is a space or tab, then the name from the last resource record is used. You use this if there are multiple resource records for a name. Here's an example in which there are two address records for one name:

wormhole   IN A     192.249.249.1
           IN A     192.253.253.1

In the second address record, the name wormhole is implied. You can use this shortcut even if the resource records are of different types.

4.4.4 The Shortened Zone Data Files

Now that we have shown you the abbreviations, we'll repeat the zone data files, making use of these shortcuts.

Here are the contents of the file db.movie.edu:

$TTL 3h
;
; Origin added to names not ending
; in a dot: movie.edu
;

@ IN SOA terminator.movie.edu. al.robocop.movie.edu. (
                          1        ; Serial
                          3h       ; Refresh after 3 hours
                          1h       ; Retry after 1 hour
                          1w       ; Expire after 1 week
                          1h )     ; Negative caching TTL of 1 hour

;
; Name servers (The name '@' is implied)
;
           IN NS  terminator.movie.edu.
           IN NS  wormhole.movie.edu.

;
; Addresses for the canonical names
;
localhost  IN A     127.0.0.1
robocop    IN A     192.249.249.2
terminator IN A     192.249.249.3
diehard    IN A     192.249.249.4
misery     IN A     192.253.253.2
shining    IN A     192.253.253.3
carrie     IN A     192.253.253.4

wormhole   IN A     192.249.249.1
           IN A     192.253.253.1

;
; Aliases
;
bigt       IN CNAME terminator
dh         IN CNAME diehard
wh         IN CNAME wormhole

;
; Interface specific names
;
wh249      IN A     192.249.249.1
wh253      IN A     192.253.253.1

Here are the contents of the file db.192.249.249 :

$TTL 3h
;
; Origin added to names not ending
; in a dot: 249.249.192.in-addr.arpa
;

@ IN SOA terminator.movie.edu. al.robocop.movie.edu. (
                          1        ; Serial
                          3h       ; Refresh after 3 hours
                          1h       ; Retry after 1 hour
                          1w       ; Expire after 1 week
                          1h )     ; Negative caching TTL of 1 hour

;
; Name servers (The name '@' is implied)
;
   IN NS  terminator.movie.edu.
   IN NS  wormhole.movie.edu.

;
; Addresses point to canonical names
;
1  IN PTR wormhole.movie.edu.
2  IN PTR robocop.movie.edu.
3  IN PTR terminator.movie.edu.
4  IN PTR diehard.movie.edu.

Here are the contents of the file db.192.253.253:

$TTL 3h
;
; Origin added to names not ending
; in a dot: 253.253.192.in-addr.arpa
;

@ IN SOA terminator.movie.edu. al.robocop.movie.edu. (
                          1        ; Serial
                          3h       ; Refresh after 3 hours
                          1h       ; Retry after 1 hour
                          1w       ; Expire after 1 week
                          1h )     ; Negative caching TTL of 1 hour

;
; Name servers (The name '@' is implied)
;
   IN NS  terminator.movie.edu.
   IN NS  wormhole.movie.edu.

;
; Addresses point to canonical names
;
1  IN PTR wormhole.movie.edu.
2  IN PTR misery.movie.edu.
3  IN PTR shining.movie.edu.
4  IN PTR carrie.movie.edu.

Here are the contents of the file db.127.0.0 :

$TTL 3h
@ IN SOA terminator.movie.edu. al.robocop.movie.edu. (
                          1        ; Serial
                          3h       ; Refresh after 3 hours
                          1h       ; Retry after 1 hour
                          1w       ; Expire after 1 week
                          1h )     ; Negative caching TTL of 1 hour

   IN NS  terminator.movie.edu.
   IN NS  wormhole.movie.edu.

1  IN PTR localhost.

While looking at the new db.movie.edu file, you may notice that we could have removed movie.edu from the host names of the SOA and NS records like this:

@ IN SOA terminator al.robocop (
                          1        ; Serial
                          3h       ; Refresh after 3 hours
                          1h       ; Retry after 1 hour
                          1w       ; Expire after 1 week
                          1h )     ; Negative caching TTL of 1 day

  IN NS  terminator
  IN NS  wormhole

You can't do this in the other zone data files because their origins are different. In db.movie.edu, we leave these names as fully qualified domain names so that the NS and SOA records are exactly the same for all the zone data files.


    I l@ve RuBoard Previous Section Next Section
    Linking to Www Google.Com. Host by Book Fire