Pro DNS and BIND

Pro DNS and BIND

by Ron Aitchison
Released August 2005
Publisher(s): Apress
ISBN: 9781590594940

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Pro DNS and BIND guides you through the challenging array of features surrounding DNS, with a special focus on BIND, the world's most popular DNS implementation. This book unravels the mysteries of DNS, offering insight into origins, evolution, and key concepts like domain names and zone files. This book focuses on running DNS systems based on BIND 9.3.0 the first stable release that includes support for the latest DNSSEC (DNSSEC.bis) standards and a major functional upgrade from previous BIND 9 releases.

If you administer a DNS system or are thinking about running one, or if you need to upgrade to support IPv6 DNS, need to secure a DNS for zone transfer, dynamic update, or other reasons, or if you need to implement DNSSEC, or simply want to understand the DNS system, then this book provides you with a single point of reference. Pro DNS and BIND starts with simple concepts, then moves on to full security-aware DNSSEC configurations. Various features, parameters, and resource records are described and, in the majority of cases, illustrated with one or more examples.

The book contains a complete reference to zone files, Resource Records, and BINDs configuration file parameters. You can treat the book as as a simple paint-by-numbers guide to everything from a simple caching DNS, to the most complex secure DNS (DNSSEC) implementation. Background information is still included for when you need to know what to do and why you have to do it, and so that you can modify processes to meet your unique needs.

Table of contents

  1. Copyright
  2. About the Author
  3. About the Technical Reviewer
  4. Acknowledgments
  5. Introduction
    1. Who This Book Is For
    2. How This Book Is Structured
      1. Chapter 1, "An Introduction to DNS"
      2. Chapter 2, "Zone Files and Resource Records"
      3. Chapter 3, "DNS Operations"
      4. Chapter 4, "DNS Types"
      5. Chapter 5, "DNS and IPv6"
      6. Chapter 6, "Installing BIND"
      7. Chapter 7, "BIND Type Samples"
      8. Chapter 8, "Common DNS Tasks"
      9. Chapter 9, "DNS Diagnostics and Tools"
      10. Chapter 10, "DNS Secure Configurations"
      11. Chapter 11, "DNSSEC"
      12. Chapter 12, "BIND Configuration Reference"
      13. Chapter 13, "Zone File Reference"
      14. Chapter 14, "BIND APIs and Resolver Libraries"
      15. Chapter 15, "DNS Messages and Records"
      16. Appendix A, "Domain Name Registration"
      17. Appendix B, "DNS RFCs"
      18. Additional Material
    3. Conventions
    4. Contacting the Author
  6. 1. Principles and Overview
    1. 1. An Introduction to DNS
      1. 1.1. A Brief History of Name Servers
      2. 1.2. Name Server Basics
      3. 1.3. The Internet Domain Name System
        1. 1.3.1. Domains and Delegation
        2. 1.3.2. Domain Authority
          1. 1.3.2.1. So What Is www.example.com?
      4. 1.4. DNS Implementation and Structure
      5. 1.5. Root DNS Operations
        1. 1.5.1. Top-Level Domains
          1. 1.5.1.1. Generic Top-Level Domains
          2. 1.5.1.2. Country Code Top-Level Domains
      6. 1.6. DNS System Components
        1. 1.6.1. Zones and Zone Files
        2. 1.6.2. Master and Slave DNS Servers
      7. 1.7. DNS Software
      8. 1.8. Summary
    2. 2. Zone Files and Resource Records
      1. 2.1. Zone File Format
      2. 2.2. Zone File Contents
      3. 2.3. An Example Zone File
      4. 2.4. The $TTL Directive
      5. 2.5. The $ORIGIN Directive
      6. 2.6. The SOA Resource Record
      7. 2.7. The NS Resource Record
      8. 2.8. The MX Resource Record
      9. 2.9. The A Resource Record
      10. 2.10. CNAME Resource Record
        1. 2.10.1. When CNAME Records Must Be Used
      11. 2.11. Additional Resource Records
        1. 2.11.1. PTR Resource Records
        2. 2.11.2. TXT Resource Records
        3. 2.11.3. AAAA Resource Records
        4. 2.11.4. NSEC, RRSIG, DS, DNSKEY, and KEY Resource Records
        5. 2.11.5. SRV Resource Records
      12. 2.12. Standard Configuration File Scenarios
      13. 2.13. Summary
    3. 3. DNS Operations
      1. 3.1. The DNS Protocol
      2. 3.2. DNS Queries
        1. 3.2.1. Recursive Queries
          1. 3.2.1.1. Which Name Server Is Used
        2. 3.2.2. Iterative (Nonrecursive) Queries
        3. 3.2.3. Inverse Queries
      3. 3.3. DNS Reverse Mapping
        1. 3.3.1. IN-ADDR.ARPA Reverse-Mapping Domain
          1. 3.3.1.1. The PTR Resource Record
          2. 3.3.1.2. Reverse-Map Queries
      4. 3.4. Zone Maintenance
        1. 3.4.1. Full Zone Transfer (AXFR)
        2. 3.4.2. Incremental Zone Transfer (IXFR)
        3. 3.4.3. Notify (NOTIFY)
        4. 3.4.4. Dynamic Update
        5. 3.4.5. Alternative Dynamic DNS Approaches
        6. 3.4.6. Security Overview
          1. 3.4.6.1. Security Threats
          2. 3.4.6.2. Security Classification
      5. 3.5. Summary
    4. 4. DNS Types
      1. 4.1. Master (Primary) Name Servers
      2. 4.2. Slave (Secondary) Name Servers
        1. 4.2.1. Slave (Secondary) DNS Behavior
          1. 4.2.1.1. Slave vs. Cache
          2. 4.2.1.2. Change Propagation Using NOTIFY
      3. 4.3. Caching Name Servers
        1. 4.3.1. Caching Implications
      4. 4.4. Forwarding (Proxy) Name Servers
      5. 4.5. Stealth (DMZ or Split) Name Server
        1. 4.5.1. Stealth Servers and the View Clause
        2. 4.5.2. Stealth Server Configuration
      6. 4.6. Authoritative-only Name Server
      7. 4.7. Summary
    5. 5. DNS and IPv6
      1. 5.1. IPv6
        1. 5.1.1. IPv6 Address Notation
        2. 5.1.2. IPv6 Address Types
        3. 5.1.3. Prefix or Slash Notation
        4. 5.1.4. Global Unicast IPv6 Address Allocation
        5. 5.1.5. IPv6 Global Unicast Address Format
          1. 5.1.5.1. End-User IPv6 Address Format
      2. 5.2. Status of IPv6 DNS Support
        1. 5.2.1. The AAAA vs. A6 Resource Record
        2. 5.2.2. Mixed IPv6 and IPv4 Network Support
      3. 5.3. IPv6 Resource Records
      4. 5.4. The AAAA Resource Record
      5. 5.5. Reverse IPv6 Mapping
      6. 5.6. The IPv6 PTR Resource Record
      7. 5.7. Summary
  7. 2. Get Something Running
    1. 6. Installing BIND
      1. 6.1. Fedora Core 2 Installation
        1. 6.1.1. Upgrading BIND 9
          1. 6.1.1.1. Post FC2 Installation
          2. 6.1.1.2. Version Upgrade
        2. 6.1.2. Configuring BIND 9
          1. 6.1.2.1. Fedora DNS GUI
          2. 6.1.2.2. Configuring BIND Files
      2. 6.2. FreeBSD Installation
        1. 6.2.1. BIND 9 Nonbase Install
        2. 6.2.2. BIND 9 Base Install
        3. 6.2.3. FreeBSD 5.3 Issues
      3. 6.3. Building BIND from Source
      4. 6.4. Windows Server 2000 Installation
      5. 6.5. Summary
    2. 7. BIND Type Samples
      1. 7.1. Before We Start
        1. 7.1.1. Configuration Layout
        2. 7.1.2. Configuration Conventions
        3. 7.1.3. Zone File Naming Convention
        4. 7.1.4. Required Zone Files
          1. 7.1.4.1. root.servers
          2. 7.1.4.2. master.localhost
            1. 7.1.4.2.1. IPv6 Localhost
          3. 7.1.4.3. Reverse-Map Zone Files
          4. 7.1.4.4. 0.0.127.IN-ADDR.ARPA
          5. 7.1.4.5. IPv6 Localhost Reverse Map
        5. 7.1.5. BIND named.conf File Format and Style
        6. 7.1.6. Standard Zone Files
        7. 7.1.7. Common Configuration Elements
      2. 7.2. Master DNS Server
        1. 7.2.1. Master Name Server Configuration
      3. 7.3. Slave DNS Server
        1. 7.3.1. Slave Name Server Configuration
      4. 7.4. Caching-only DNS Server
        1. 7.4.1. Caching-only Name Server Configuration
      5. 7.5. Forwarding (a.k.a. Proxy, Client, Remote) DNS Server
        1. 7.5.1. Forwarding Name Server Configuration
      6. 7.6. Stealth (a.k.a. Split or DMZ) DNS Server
        1. 7.6.1. Stealth Configuration
          1. 7.6.1.1. Stealth (Private) Configuration Files
          2. 7.6.1.2. Public Configuration Files
      7. 7.7. Authoritative-only DNS Server
        1. 7.7.1. Authoritative-only Name Server Configuration
      8. 7.8. View-based Authoritative-only DNS Server
        1. 7.8.1. View-based Authoritative-only Name Server Configuration
        2. 7.8.2. Security and the view Section
      9. 7.9. Summary
    3. 8. Common DNS Tasks
      1. 8.1. Delegate a Subdomain (Subzone)
        1. 8.1.1. Domain Name Server Configuration
        2. 8.1.2. Subdomain Name Server Configuration
      2. 8.2. Virtual Subdomains
        1. 8.2.1. Domain Name Server Configuration
      3. 8.3. Configure Mail Servers Fail-Over
      4. 8.4. Delegate Reverse Subnet Maps
        1. 8.4.1. Assignee Zone File
        2. 8.4.2. Assignor (End-user) Zone File
      5. 8.5. DNS Load Balancing
        1. 8.5.1. Balancing Mail
        2. 8.5.2. Balancing Other Services
        3. 8.5.3. Balancing Services
        4. 8.5.4. Controlling the RRset Order
        5. 8.5.5. Effectiveness of DNS Load Balancing
      6. 8.6. Define an SPF Record
        1. 8.6.1. TXT RR Format
          1. 8.6.1.1. v=spf1 Field
          2. 8.6.1.2. pre Field
          3. 8.6.1.3. type Field
          4. 8.6.1.4. mod Field
          5. 8.6.1.5. redirect=domain Field
          6. 8.6.1.6. exp=text-rr Field
        2. 8.6.2. SPF type Values
          1. 8.6.2.1. Basic Mechanisms
          2. 8.6.2.2. Sender Mechanisms
            1. 8.6.2.2.1. Type ip4 Format
            2. 8.6.2.2.2. Type ip6 Format
            3. 8.6.2.2.3. Type a Format
            4. 8.6.2.2.4. Type mx Format
            5. 8.6.2.2.5. Type ptr Format
            6. 8.6.2.2.6. Type exists Format
          3. 8.6.2.3. Macro Expansion
        3. 8.6.3. SPF Record Examples
          1. 8.6.3.1. Single Domain Mail Server
          2. 8.6.3.2. SMTP Server Offsite
          3. 8.6.3.3. Virtual Mail Host
          4. 8.6.3.4. No Mail Domain
          5. 8.6.3.5. Using Macro Expansion
      7. 8.7. Supporting http://example.com
        1. 8.7.1. Apache Configuration
      8. 8.8. Out-of-Sequence Serial Numbers
      9. 8.9. Use of Wildcards in Zone Files
      10. 8.10. Summary
    4. 9. DNS Diagnostics and Tools
      1. 9.1. DNS Utilities
      2. 9.2. The nslookup Utility
        1. 9.2.1. nslookup Command Format
        2. 9.2.2. Quick Examples
          1. 9.2.2.1. Interactive Format
        3. 9.2.3. Options
        4. 9.2.4. Examples: Command Line
        5. 9.2.5. Example: Interactive Mode
      3. 9.3. BIND dig Utility
        1. 9.3.1. Quick Examples
        2. 9.3.2. dig Syntax
        3. 9.3.3. dig Options
        4. 9.3.4. dig Examples
          1. 9.3.4.1. dig Host Query
          2. 9.3.4.2. dig Domain Query
          3. 9.3.4.3. dig Multiple Queries
        5. 9.3.5. dig Output
        6. 9.3.6. dig Response Values
          1. 9.3.6.1. DNS Flags
          2. 9.3.6.2. DNS Status
      4. 9.4. BIND named-checkconf Utility
        1. 9.4.1. named-checkconf Syntax
        2. 9.4.2. named-checkconf Options
      5. 9.5. BIND named-checkzone Utility
        1. 9.5.1. named-checkzone Syntax
        2. 9.5.2. named-checkconf Options
      6. 9.6. rndc
        1. 9.6.1. rndc Syntax
        2. 9.6.2. rndc Options
        3. 9.6.3. rndc.conf Clauses and Statements
          1. 9.6.3.1. The options Clause
          2. 9.6.3.2. The server Clause
          3. 9.6.3.3. The key Clause
        4. 9.6.4. rndc Configuration Examples
        5. 9.6.5. rndc Commands
      7. 9.7. rndc-confgen Utility
        1. 9.7.1. rndc-confgen Syntax
        2. 9.7.2. rndc-confgen Options
      8. 9.8. BIND nsupdate Utility
        1. 9.8.1. nsupdate Syntax
        2. 9.8.2. nsupdate Options
        3. 9.8.3. nsupdate Command Format
        4. 9.8.4. nsupdate Example
      9. 9.9. dnssec-keygen Utility
        1. 9.9.1. dnssec-keygen Syntax
        2. 9.9.2. dnssec-keygen Options
        3. 9.9.3. dnssec-keygen Examples
      10. 9.10. dnssec-signzone Utility
        1. 9.10.1. dnssec-signzone Syntax
        2. 9.10.2. dnssec-signzone Options
        3. 9.10.3. dnssec-signzone Examples
      11. 9.11. Diagnosing DNS Problems
        1. 9.11.1. Before the Problem Happens
          1. 9.11.1.1. Log All Changes
          2. 9.11.1.2. Back Up Files
          3. 9.11.1.3. Logging
          4. 9.11.1.4. Tools
          5. 9.11.1.5. External Sources
        2. 9.11.2. When the Problem Occurs
          1. 9.11.2.1. Make No Assumptions
          2. 9.11.2.2. Describe the Problem
          3. 9.11.2.3. Scope the Problem
          4. 9.11.2.4. Check Your Logs
          5. 9.11.2.5. Start Digging
          6. 9.11.2.6. Diagnosing the Problem
      12. 9.12. Summary
  8. 3. DNS Security
    1. 10. DNS Secure Configurations
      1. 10.1. Security Overview and Audit
        1. 10.1.1. DNS Normal Data Flow
        2. 10.1.2. Security Classification
      2. 10.2. Administrative Security
        1. 10.2.1. Up-to-Date Software
        2. 10.2.2. Limit Functionality
          1. 10.2.2.1. Defensive Configuration
          2. 10.2.2.2. Deny All, Allow Selectively
          3. 10.2.2.3. Remote Access
        3. 10.2.3. Limit Permissions
        4. 10.2.4. Running BIND As Nonroot
          1. 10.2.4.1. Setting the Run Time UID of BIND
          2. 10.2.4.2. Setting Permissions for the UID
        5. 10.2.5. BIND in a Chroot Jail
          1. 10.2.5.1. Fedora Core 2 bind-chroot Package
          2. 10.2.5.2. FreeBSD 5.x
          3. 10.2.5.3. Manual Configuration of Chroot Jail
            1. 10.2.5.3.1. Linux (Fedora Core 2) Chroot
            2. 10.2.5.3.2. FreeBSD Chroot
          4. 10.2.5.4. Dedicated Server
        6. 10.2.6. Stream the Log
        7. 10.2.7. Software Diversity
      3. 10.3. A Cryptographic Overview
        1. 10.3.1. Symmetric Cryptography
        2. 10.3.2. Asymmetric Cryptography
        3. 10.3.3. Message Digests
        4. 10.3.4. Message Authentication Codes
        5. 10.3.5. Digital Signatures
        6. 10.3.6. DNS Cryptographic Use
      4. 10.4. Securing Zone Transfers
        1. 10.4.1. Authentication and Integrity of Zone Transfers
        2. 10.4.2. TSIG Configuration
      5. 10.5. Securing Dynamic Updates
        1. 10.5.1. TSIG DDNS Configuration
        2. 10.5.2. SIG(0) Configuration
      6. 10.6. Summary
    2. 11. DNSSEC
      1. 11.1. The DNSSEC Environment
        1. 11.1.1. Islands of Security
        2. 11.1.2. Chains of Trust
        3. 11.1.3. Securing or Signing the Zone
        4. 11.1.4. Secure Zone Maintenance
          1. 11.1.4.1. The Prepublish Method
          2. 11.1.4.2. The Double-Signing Method
          3. 11.1.4.3. Key Rollover Summary
        5. 11.1.5. Secure Delegation
        6. 11.1.6. Dynamic DNS and DNSSEC
      2. 11.2. DNSSEC Implementation
        1. 11.2.1. Securing the example.com Zone
          1. 11.2.1.1. Verifying the Signed Zone
        2. 11.2.2. Establishing a Trusted Anchor
          1. 11.2.2.1. Using a Trusted Anchor
          2. 11.2.2.2. DNSSEC Logging
        3. 11.2.3. Signing the sub.example.com Zone
        4. 11.2.4. Creating the Chain of Trust
        5. 11.2.5. Key Rollover
          1. 11.2.5.1. Prepublish ZSK Rollover
          2. 11.2.5.2. Double-signing KSK Rollover
      3. 11.3. DNSSEC Lookaside Validation
        1. 11.3.1. DLV Configuration
        2. 11.3.2. DLV Service
      4. 11.4. Summary
  9. 4. Reference
    1. 12. BIND Configuration Reference
      1. 12.1. BIND Command Line
        1. 12.1.1. BIND Debug Levels
        2. 12.1.2. BIND Signals
      2. 12.2. BIND Configuration Overview
        1. 12.2.1. Layout Styles
        2. 12.2.2. named-checkconf Is Your Friend
      3. 12.3. BIND Clauses
        1. 12.3.1. BIND address_match_list Definition
        2. 12.3.2. BIND acl Clause
          1. 12.3.2.1. acl Clause Syntax
        3. 12.3.3. BIND controls Clause
        4. 12.3.4. BIND include Statement
        5. 12.3.5. BIND key Clause
          1. 12.3.5.1. key Clause Syntax
        6. 12.3.6. BIND logging Clause
          1. 12.3.6.1. logging Clause Syntax
        7. 12.3.7. BIND lwres Clause
          1. 12.3.7.1. lwres Clause Syntax
        8. 12.3.8. BIND masters Clause
          1. 12.3.8.1. masters Clause Syntax
        9. 12.3.9. BIND options Clause
          1. 12.3.9.1. options Clause Syntax
        10. 12.3.10. BIND server Clause
          1. 12.3.10.1. server Clause Syntax
        11. 12.3.11. BIND trusted-keys Clause
        12. 12.3.12. BIND view Clause
          1. 12.3.12.1. view Clause Syntax
        13. 12.3.13. BIND zone Clause
          1. 12.3.13.1. zone Clause Syntax
      4. 12.4. BIND Statements
      5. 12.5. BIND controls Statements
        1. 12.5.1. inet Statement
          1. 12.5.1.1. inet Statement Syntax
      6. 12.6. BIND logging Statements
        1. 12.6.1. channel Statement
          1. 12.6.1.1. channel Statement Syntax
        2. 12.6.2. category Statement
          1. 12.6.2.1. category Statement Syntax
      7. 12.7. BIND Resolver Statements
        1. 12.7.1. view
        2. 12.7.2. search
        3. 12.7.3. ndots
      8. 12.8. BIND Transfer Statements
        1. 12.8.1. allow-notify
        2. 12.8.2. allow-transfer
        3. 12.8.3. allow-update
        4. 12.8.4. allow-update-forwarding
        5. 12.8.5. also-notify
        6. 12.8.6. alt-transfer-source, alt-transfer-source-v6
        7. 12.8.7. ixfr-from-differences
        8. 12.8.8. max-journal-size
        9. 12.8.9. max-refresh-time, min-refresh-time
        10. 12.8.10. max-retry-time, min-retry-time
        11. 12.8.11. max-transfer-idle-in
        12. 12.8.12. max-transfer-idle-out
        13. 12.8.13. max-transfer-time-in
        14. 12.8.14. max-transfer-time-out
        15. 12.8.15. multi-master
        16. 12.8.16. notify
        17. 12.8.17. notify-source, notify-source-v6
        18. 12.8.18. provide-ixfr
        19. 12.8.19. request-ixfr
        20. 12.8.20. serial-query-rate
        21. 12.8.21. transfer-format
        22. 12.8.22. transfer-source, transfer-source-v6
        23. 12.8.23. transfers-in
        24. 12.8.24. transfers-per-ns
        25. 12.8.25. transfers-out
        26. 12.8.26. update-policy
        27. 12.8.27. use-alt-transfer-source
      9. 12.9. DNS BIND Operations
        1. 12.9.1. avoid-v4-udp-ports, avoid-v6-udp-ports
        2. 12.9.2. check-names
        3. 12.9.3. cleaning-interval
        4. 12.9.4. coresize
        5. 12.9.5. database
        6. 12.9.6. datasize
        7. 12.9.7. dialup
        8. 12.9.8. directory
        9. 12.9.9. dual-stack-server
        10. 12.9.10. dump-file
        11. 12.9.11. edns-udp-size
        12. 12.9.12. files
        13. 12.9.13. heartbeat-interval
        14. 12.9.14. hostname
        15. 12.9.15. interface-interval
        16. 12.9.16. lame-ttl
        17. 12.9.17. listen-on
        18. 12.9.18. listen-on-v6
        19. 12.9.19. match-mapped-addresses
        20. 12.9.20. max-cache-size
        21. 12.9.21. max-cache-ttl
        22. 12.9.22. max-ncache-ttl
        23. 12.9.23. memstatistics-file
        24. 12.9.24. pid-file
        25. 12.9.25. port
        26. 12.9.26. preferred-glue
        27. 12.9.27. querylog
        28. 12.9.28. recursing-file
        29. 12.9.29. server-id
        30. 12.9.30. stacksize
        31. 12.9.31. statistics-file
        32. 12.9.32. tcp-clients
        33. 12.9.33. tcp-listen-queue
        34. 12.9.34. version
        35. 12.9.35. zone-statistics
      10. 12.10. DNS BIND Query Statements
        1. 12.10.1. additional-from-auth, additional-from-cache
        2. 12.10.2. allow-query
        3. 12.10.3. allow-recursion
        4. 12.10.4. auth-nxdomain
        5. 12.10.5. blackhole
        6. 12.10.6. delegation-only
        7. 12.10.7. forward
        8. 12.10.8. forwarders
        9. 12.10.9. minimal-responses
        10. 12.10.10. query-source, query-source-v6
        11. 12.10.11. recursion
        12. 12.10.12. recursive-clients
        13. 12.10.13. root-delegation-only
        14. 12.10.14. rrset-order
        15. 12.10.15. sortlist
          1. 12.10.15.1. sortlist Statement Syntax
      11. 12.11. DNS BIND Security Statements
        1. 12.11.1. algorithm
        2. 12.11.2. disable-algorithms
        3. 12.11.3. dnssec-enable
        4. 12.11.4. dnssec-lookaside
        5. 12.11.5. dnssec-must-be-secure
        6. 12.11.6. key-directory
        7. 12.11.7. random-device
        8. 12.11.8. secret
        9. 12.11.9. sig-validity-interval
        10. 12.11.10. tkey-dhkey
        11. 12.11.11. tkey-domain
        12. 12.11.12. tkey-gssapi-credential
      12. 12.12. DNS BIND server Statements
        1. 12.12.1. bogus
        2. 12.12.2. edns
        3. 12.12.3. keys
        4. 12.12.4. transfers
      13. 12.13. DNS BIND view Statements
        1. 12.13.1. match-clients
        2. 12.13.2. match-destinations
        3. 12.13.3. match-recursive-only
      14. 12.14. DNS BIND zone Statements
        1. 12.14.1. check-names
        2. 12.14.2. file
        3. 12.14.3. masters
        4. 12.14.4. type
      15. 12.15. Summary
    2. 13. Zone File Reference
      1. 13.1. DNS Zone File Structure
      2. 13.2. DNS Directives
        1. 13.2.1. The $ORIGIN Directive
          1. 13.2.1.1. The $ORIGIN Substitution Rule
          2. 13.2.1.2. $ORIGIN Syntax
        2. 13.2.2. The $INCLUDE Directive
          1. 13.2.2.1. $INCLUDE Syntax
        3. 13.2.3. The $TTL Directive
          1. 13.2.3.1. $TTL Syntax
        4. 13.2.4. The $GENERATE Directive
          1. 13.2.4.1. $GENERATE Syntax
      3. 13.3. DNS Resource Records
        1. 13.3.1. Resource Record Common Format
          1. 13.3.1.1. The name Field
          2. 13.3.1.2. The ttl Field
          3. 13.3.1.3. The class Field
          4. 13.3.1.4. The type Field
          5. 13.3.1.5. The type-specific-data Field
          6. 13.3.1.6. Bit Labels
            1. 13.3.1.6.1. Bit Label Syntax
        2. 13.3.2. RRsets
      4. 13.4. Resource Record Descriptions
        1. 13.4.1. IPv4 Address (A) Record
          1. 13.4.1.1. A RR Syntax
        2. 13.4.2. Experimental IPv6 Address (A6) Record
          1. 13.4.2.1. A6 RR Syntax
        3. 13.4.3. IPv6 Address (AAAA) Record
          1. 13.4.3.1. AAAA RR Syntax
        4. 13.4.4. AFS Database (AFSDB) Record
          1. 13.4.4.1. AFSDB RR Syntax
        5. 13.4.5. Address Prefix List (APL) Record
          1. 13.4.5.1. APL RR Syntax
        6. 13.4.6. ATM Address (ATMA) Record
        7. 13.4.7. Certificate (CERT) Record
          1. 13.4.7.1. CERT RR Syntax
        8. 13.4.8. Canonical Name (CNAME) Record
          1. 13.4.8.1. CNAME RR Syntax
        9. 13.4.9. Delegation of Reverse Names (DNAME) Record
          1. 13.4.9.1. DNAME RR Syntax
        10. 13.4.10. DNSKEY Record
          1. 13.4.10.1. DNSKEY RR Syntax
        11. 13.4.11. Delegation Signer (DS) Record
          1. 13.4.11.1. DS RR Syntax
        12. 13.4.12. System Information (HINFO) Record
          1. 13.4.12.1. HINFO RR Syntaxt
        13. 13.4.13. Integrated Services Digital Network (ISDN) Record
          1. 13.4.13.1. ISDN RR Syntax
        14. 13.4.14. IPSEC Key (IPSECKEY) Record
          1. 13.4.14.1. IPSECKEY RR Syntax
        15. 13.4.15. Public Key (KEY) Record
          1. 13.4.15.1. KEY RR Syntax
        16. 13.4.16. Key Exchanger (KX) Record
          1. 13.4.16.1. KX RR Syntax
        17. 13.4.17. Location (LOC) Record
          1. 13.4.17.1. LOC RR Syntax
        18. 13.4.18. Mailbox (MB) Record
          1. 13.4.18.1. MB RR Syntax
        19. 13.4.19. Mail Group (MG) Record
          1. 13.4.19.1. MG RR Syntax
        20. 13.4.20. Mailbox Renamed (MR) Record
          1. 13.4.20.1. MR RR Syntax
        21. 13.4.21. Mailbox Mail List Information (MINFO) Record
          1. 13.4.21.1. MINFO RR Syntax
        22. 13.4.22. Mail Exchange (MX) Record
          1. 13.4.22.1. MX RR Syntax
          2. 13.4.22.2. Subdomain MX Records
        23. 13.4.23. Naming Authority Pointer (NAPTR) Record
          1. 13.4.23.1. NAPTR RR Syntax
        24. 13.4.24. Name Server (NS) Record
          1. 13.4.24.1. NS RR Syntax
        25. 13.4.25. Network Service Access Point (NSAP) Record
          1. 13.4.25.1. NSAP RR Syntax
        26. 13.4.26. Next Secure (NSEC) Record
          1. 13.4.26.1. NSEC RR Syntax
        27. 13.4.27. Pointer (PTR) Record
          1. 13.4.27.1. PTR RR Syntax
        28. 13.4.28. X.400 to RFC 822 E-mail (PX) Record
          1. 13.4.28.1. PX RR Syntax
        29. 13.4.29. Responsible Person (RP) Record
          1. 13.4.29.1. RP RR Syntax
        30. 13.4.30. Resource Record Signature (RRSIG) Record
          1. 13.4.30.1. RRSIG RR Syntax
        31. 13.4.31. Route Through (RT) Record
          1. 13.4.31.1. RT RR Syntax
        32. 13.4.32. Signature (SIG) Record
          1. 13.4.32.1. SIG RR Syntax
        33. 13.4.33. Start of Authority (SOA) Record
          1. 13.4.33.1. SOA RR Syntax
        34. 13.4.34. Services (SRV) Record
          1. 13.4.34.1. SRV RR Syntax
        35. 13.4.35. SSH Key Fingerprint (SSHFP) Record
          1. 13.4.35.1. SSHFP RR Syntax
        36. 13.4.36. Text (TXT) Record
          1. 13.4.36.1. TXT RR Syntax
        37. 13.4.37. Well-Known Service (WKS) Record
          1. 13.4.37.1. WKS RR Syntax
        38. 13.4.38. X.25 Address (X25) Record
          1. 13.4.38.1. X25 RR Syntax
        39. 13.4.39. Alternative Cryptographic Algorithms
      5. 13.5. User-Defined RRs
      6. 13.6. Summary
  10. 5. Programming
    1. 14. BIND APIs and Resolver Libraries
      1. 14.1. BIND API Overview
        1. 14.1.1. Advanced Database API (adb)
        2. 14.1.2. Simple Database API (sdb)
      2. 14.2. The Simple Database API (sdb)
        1. 14.2.1. Callback Overview
          1. 14.2.1.1. create()
          2. 14.2.1.2. destroy()
          3. 14.2.1.3. lookup()
          4. 14.2.1.4. authority()
          5. 14.2.1.5. allnodes()
        2. 14.2.2. Registering the Callbacks
          1. 14.2.2.1. dns_sdb_register() Function
          2. 14.2.2.2. dns_sdc_unregister() Function
          3. 14.2.2.3. isc_result_t Return Codes
        3. 14.2.3. Adding the Driver to BIND
          1. 14.2.3.1. Header File Insertion
          2. 14.2.3.2. Initialization Function Insertion
          3. 14.2.3.3. Termination Function Insertion
          4. 14.2.3.4. Makefile.in Insertion
        4. 14.2.4. The Callback Functions
          1. 14.2.4.1. create() Callback Function
          2. 14.2.4.2. destroy() Callback Function
          3. 14.2.4.3. lookup() Callback Function
          4. 14.2.4.4. authority() Callback Function
          5. 14.2.4.5. allnodes() Callback Function
        5. 14.2.5. Returning RRs
          1. 14.2.5.1. dns_sdb_putrr() Function
          2. 14.2.5.2. dns_sdb_putrdata() Function
          3. 14.2.5.3. dns_sdb_putsoa() Function
          4. 14.2.5.4. dns_sdb_putnamedrr() Function
          5. 14.2.5.5. dsn_sdb_putnamedrdata() Function
        6. 14.2.6. Memory Management for Drivers
          1. 14.2.6.1. isc_mem_get() Function
          2. 14.2.6.2. isc_mem_free() Function
        7. 14.2.7. Logging for Drivers
          1. 14.2.7.1. isc_log_write() Function
        8. 14.2.8. Testing the Driver
          1. 14.2.8.1. lBuilding BIND
        9. 14.2.9. sdb Sample Driver
          1. 14.2.9.1. Source Module (example.c)
          2. 14.2.9.2. Header File (example.h)
      3. 14.3. Resolver Libraries
        1. 14.3.1. POSIX Library Status
      4. 14.4. The RES Library Set
        1. 14.4.1. Invoking the RES Library
        2. 14.4.2. The _res Structure
        3. 14.4.3. RES Library Functions
          1. 14.4.3.1. dn_comp Function
          2. 14.4.3.2. dn_expand Function
          3. 14.4.3.3. dn_skipname Function
          4. 14.4.3.4. ns_get16 Function
          5. 14.4.3.5. ns_get32 Function
          6. 14.4.3.6. ns_put16 Function
          7. 14.4.3.7. ns_put32 Function
          8. 14.4.3.8. res_init() Function
          9. 14.4.3.9. res_mkquery Function
          10. 14.4.3.10. res_query Function
          11. 14.4.3.11. res_search Function
          12. 14.4.3.12. res_send Function
      5. 14.5. Summary
    2. 15. DNS Messages and Records
      1. 15.1. DNS Message Formats
        1. 15.1.1. DNS Message Overview
        2. 15.1.2. DNS Message Format
        3. 15.1.3. DNS Message Header
        4. 15.1.4. DNS QUESTION SECTION
        5. 15.1.5. DNS ANSWER, AUTHORITY, and ADDITIONAL SECTIONS
          1. 15.1.5.1. NAME Field Format
          2. 15.1.5.2. Non-EDNS0 Record Format
        6. 15.1.6. EDNS0 Transactions
        7. 15.1.7. OPT Pseudo RR Format
      2. 15.2. DNS Binary RR Format
        1. 15.2.1. Security Algorithm Formats
          1. 15.2.1.1. Algorithm 5 (RSA-SHA-1)
        2. 15.2.2. NSEC Bitmap Format
      3. 15.3. Summary
  11. 6. Appendixes
    1. A. Domain Name Registration
      1. A.1. Answers
        1. A.1.1.
          1. A.1.1.1.
            1. A.1.1.1.1. What is a TLD (or gTLD or ccTLD or sTLD) domain name?
            2. A.1.1.1.2. Who is responsible for domain names?
            3. A.1.1.1.3. What TLDs are available?
            4. A.1.1.1.4. I thought www.example.com was my domain name.
            5. A.1.1.1.5. What is a URL (or URI or URN)?
            6. A.1.1.1.6. What is an SLD?
            7. A.1.1.1.7. How do I register a .com or .org or .net domain name?
            8. A.1.1.1.8. How do I register a domain in Malaysia (or any other country)?
            9. A.1.1.1.9. Can I register a domain name in any country?
            10. A.1.1.1.10. How do I register a US (.us) or state (for instance, ny.us) domain name?
            11. A.1.1.1.11. How do I register a Canadian (.ca) or provincial (for instance, bc.ca) domain name?
            12. A.1.1.1.12. If I register a .com, do I automatically register in every country?
            13. A.1.1.1.13. What happens when I register a domain name?
            14. A.1.1.1.14. What do the Primary and Secondary DNS server names do and why are they necessary?
            15. A.1.1.1.15. How do I change my domain name information?
            16. A.1.1.1.16. How do I register an .edu (or .mil or .gov or .int) name?
            17. A.1.1.1.17. How do I check my (or some else's) registration information?
            18. A.1.1.1.18. What is IANA and how does it relate to ICANN and the IETF?
            19. A.1.1.1.19. Who controls the .ARPA domain name?
    2. B. DNS RFCs

Product information

  • Title: Pro DNS and BIND
  • Author(s): Ron Aitchison
  • Release date: August 2005
  • Publisher(s): Apress
  • ISBN: 9781590594940