free ebook: pro dns and bind chapter.

Pro DNS and BIND guides you through the challenging array of features surrounding DNS, with a special focus on BIND, the world's most popular DNS implementation. This book unravels the mysteries of DNS, offering insight into origins, evolution, and key concepts like domain names and zone files. This book focuses on running DNS systems based on BIND 9.3.0-the first stable release that includes support for the latest DNSSEC (DNSSEC.bis) standards and a major functional upgrade from previous BIND 9 releases.

If you administer a DNS system or are thinking about running one, or if you need to upgrade to support IPv6 DNS, need to secure a DNS for zone transfer, dynamic update, or other reasons, or if you need to implement DNSSEC, or simply want to understand the DNS system, then this book provides you with a single point of reference. Pro DNS and BIND starts with simple concepts, then moves on to full security-aware DNSSEC configurations. Various features, parameters, and resource records are described and, in the majority of cases, illustrated with one or more examples.

The book contains a complete reference to zone files, Resource Records, and BIND's configuration file parameters. You can treat the book as as a simple paint-by-numbers guide to everything from a simple caching DNS, to the most complex secure DNS (DNSSEC) implementation. Background information is still included for when you need to know what to do and why you have to do it, and so that you can modify processes to meet your unique needs.

Common DNS Tasks

This chapter describes a number of common configurations when working with zone files and in some cases with BIND. These solutions are presented to assist you to quickly implement some commonly used features, to recover from errors, and to illustrate some of the more subtle uses of the DNS. The following topics are covered:

How to delegate a subdomain: This configuration allows the domain name owner to pass the responsibility to a subdomain owner, which may be another party or another part of the organization, who will be entirely responsible for the zone files describing the subdomain.
How to delegate a virtual subdomain: This configuration uses a single zone file to provide subdomain addressing, for instance, www.us.example.com or www.uk.example.com.
How to configure fail-over mail servers: The configuration allows backup mail servers to be provided to support a domain.
How to reverse-map subnets: This configuration allows the delegation of reverse mapping to subnets of typically less than 256 IPv4 addresses.
How to load balance with DNS: The configurations describe various ways in which load balancing may be implemented using DNS features. The BIND statements that control the order in which addresses are returned are also covered.
How to define an SPF record: The Sender Policy Framework (SPF) is an antispam measure that allows an e-mail server to verify that the SMTP source is valid for the sending e-mail address. SPF records are currently implemented by Microsoft, Google, and AOL to name but three of the many hundreds of thousands of users.
How to support http://example.com: The configuration allows both the URL www.example.com and example.com to directly address a web or other service. The required changes to the Apache server are also covered.
How to fix an out-of-sequence SOA serial number: The process used to fix various SOA serial number errors is covered.
How to use DNS wildcards: The DNS RRs support the use of a wildcard (*). The section on wildcards illustrates the use of this error-prone feature.

The examples shown use a number of BIND's named.conf statements, which are described in Chapter 12, and standard Resource Records, which are defined in Chapter 13. If you are running name server software other than BIND, the zone files will remain the same, but the configuration statements may differ.

In the next section, the process of delegation of a subdomain, us.example.com, is described to illustrate the general principle of delegation within an owner's domain name space. The domain owner can delegate everything to the right of the domain name in any way that makes sense-or for that matter that doesn't make sense!

Delegate a Subdomain (Subzone)

This solution configures a zone to fully delegate the responsibility for a subdomain to another name server. This is not the only possible method of defining subdomains-another solution involves configuring what this book calls a virtual or pseudo subdomain, which uses a single zone file to provide subdomain addressing structures. Assume the following addressing structure is required for the subdomain:

Zone (domain) name: example.com
Domain host name: bill.example.com
Subdomain name: us.example.com
Subdomain host or service name: ftp.us.example.com

To ease the zone administration load, this solution assumes the responsibility for the subdomain will be fully delegated to the us.example.com administrator who will be responsible for the subdomain zone files and their supporting name servers. The zone administrators of the corporate domain for example.com want nothing further to do with us.example.com other than it has generously agreed to act as the slave DNS for the subdomain name servers. When dealing with subdomains, it is important to remember that as far as the Internet registration authorities and the TLD servers are concerned, subdomains do not exist. All queries for anything that ends with example.com will be referred to the name servers for the example.com zone or domain. In turn, these name servers are responsible for referring the query to the subdomain name servers.

For the want of any better terminology, the name servers for example.com are called the domain name servers and are visible to the gTLD .com servers; the name servers for us.example.com are called the subdomain name servers and are visible only to the domain name servers (they are invisible to the gTLD servers).

MAIN Home PRIVACY Contact Us FREE NETWORK TOOLS Bandwidth Tools IP Tools Network Information Tools Network Monitoring Tools Network Testing Tools Network Tools Suites Network/IP Scanner Tools Protocol Analyzers/Sniffers Telnet/SSH Clients Traceroute/Whois Tools FREE EBOOKS Free Network Ebooks FREE MAGAZINE Free Computer Magazine Free Internet Magazine Free Information Technology Magazine Free Multimedia Magazine Free Network Magazine Free Telecommunication & Wireless Magazine	Free Network Tools
	Free Ebook "Pro DNS and BIND" Sample Chapter Pro DNS and BIND Free Download Chapter 8: Common DNS Tasks Download chapter Pro DNS and BIND guides you through the challenging array of features surrounding DNS, with a special focus on BIND, the world's most popular DNS implementation. This book unravels the mysteries of DNS, offering insight into origins, evolution, and key concepts like domain names and zone files. This book focuses on running DNS systems based on BIND 9.3.0-the first stable release that includes support for the latest DNSSEC (DNSSEC.bis) standards and a major functional upgrade from previous BIND 9 releases. If you administer a DNS system or are thinking about running one, or if you need to upgrade to support IPv6 DNS, need to secure a DNS for zone transfer, dynamic update, or other reasons, or if you need to implement DNSSEC, or simply want to understand the DNS system, then this book provides you with a single point of reference. Pro DNS and BIND starts with simple concepts, then moves on to full security-aware DNSSEC configurations. Various features, parameters, and resource records are described and, in the majority of cases, illustrated with one or more examples. The book contains a complete reference to zone files, Resource Records, and BIND's configuration file parameters. You can treat the book as as a simple paint-by-numbers guide to everything from a simple caching DNS, to the most complex secure DNS (DNSSEC) implementation. Background information is still included for when you need to know what to do and why you have to do it, and so that you can modify processes to meet your unique needs. Topics Include: Introduction to the DNS Basic DNS types with complete configuarion examples DNS and IPv6 Installing BIND on Linux, FreeBSD and Windows Subdomain delegation DNS and load balancing Reverse map delegation DNSSEC (DNSSEC.bis) and the DLV experimental service Key rollover and DNSSEC maintenance DNS tools and diagnostics < < prev next > > Common DNS Tasks This chapter describes a number of common configurations when working with zone files and in some cases with BIND. These solutions are presented to assist you to quickly implement some commonly used features, to recover from errors, and to illustrate some of the more subtle uses of the DNS. The following topics are covered: How to delegate a subdomain: This configuration allows the domain name owner to pass the responsibility to a subdomain owner, which may be another party or another part of the organization, who will be entirely responsible for the zone files describing the subdomain. How to delegate a virtual subdomain: This configuration uses a single zone file to provide subdomain addressing, for instance, www.us.example.com or www.uk.example.com. How to configure fail-over mail servers: The configuration allows backup mail servers to be provided to support a domain. How to reverse-map subnets: This configuration allows the delegation of reverse mapping to subnets of typically less than 256 IPv4 addresses. How to load balance with DNS: The configurations describe various ways in which load balancing may be implemented using DNS features. The BIND statements that control the order in which addresses are returned are also covered. How to define an SPF record: The Sender Policy Framework (SPF) is an antispam measure that allows an e-mail server to verify that the SMTP source is valid for the sending e-mail address. SPF records are currently implemented by Microsoft, Google, and AOL to name but three of the many hundreds of thousands of users. How to support http://example.com: The configuration allows both the URL www.example.com and example.com to directly address a web or other service. The required changes to the Apache server are also covered. How to fix an out-of-sequence SOA serial number: The process used to fix various SOA serial number errors is covered. How to use DNS wildcards: The DNS RRs support the use of a wildcard (*). The section on wildcards illustrates the use of this error-prone feature. The examples shown use a number of BIND's named.conf statements, which are described in Chapter 12, and standard Resource Records, which are defined in Chapter 13. If you are running name server software other than BIND, the zone files will remain the same, but the configuration statements may differ. In the next section, the process of delegation of a subdomain, us.example.com, is described to illustrate the general principle of delegation within an owner's domain name space. The domain owner can delegate everything to the right of the domain name in any way that makes sense-or for that matter that doesn't make sense! Delegate a Subdomain (Subzone) This solution configures a zone to fully delegate the responsibility for a subdomain to another name server. This is not the only possible method of defining subdomains-another solution involves configuring what this book calls a virtual or pseudo subdomain, which uses a single zone file to provide subdomain addressing structures. Assume the following addressing structure is required for the subdomain: Zone (domain) name: example.com Domain host name: bill.example.com Subdomain name: us.example.com Subdomain host or service name: ftp.us.example.com To ease the zone administration load, this solution assumes the responsibility for the subdomain will be fully delegated to the us.example.com administrator who will be responsible for the subdomain zone files and their supporting name servers. The zone administrators of the corporate domain for example.com want nothing further to do with us.example.com other than it has generously agreed to act as the slave DNS for the subdomain name servers. When dealing with subdomains, it is important to remember that as far as the Internet registration authorities and the TLD servers are concerned, subdomains do not exist. All queries for anything that ends with example.com will be referred to the name servers for the example.com zone or domain. In turn, these name servers are responsible for referring the query to the subdomain name servers. For the want of any better terminology, the name servers for example.com are called the domain name servers and are visible to the gTLD .com servers; the name servers for us.example.com are called the subdomain name servers and are visible only to the domain name servers (they are invisible to the gTLD servers).

Free Ebook "Pro DNS and BIND" Sample Chapter

Common DNS Tasks

Delegate a Subdomain (Subzone)