Every time you get e-mail, every time you access a web page, you use the Domain Name
System (DNS). In fact, over 2 billion such requests hit the DNS root-servers alone every day.
Every one of those 2 billion requests originate from a DNS that supports a group of local users,
and every one of them is finally answered by a DNS server that may support a high-volume
commercial web site or a modest, but much loved, family web site. This book is about understanding,
configuring, diagnosing, and securing the DNS servers that do the vital work.
Many years ago when I set up my first pair of DNS servers, I wasted my time looking for
some practical advice and some sensible description of the theory involved. I found neither.
I completed the DNS rite-of-passage—this book was born from that experience.
DNS is a complex subject, but it is also unnecessarily cloaked in mystery and mythology.
This book, I hope, is a sensible blend of practical advice and theory. You can treat it as a simple
paint-by-numbers guide to everything from a simple caching DNS to the most complex secure
DNS (DNSSEC) implementations. But the background information is there for those times
when you not only need to know what to do, but you also need to know why you are doing it,
and how you can modify the process to meet your unique needs.
This book is about running DNS systems based on BIND 9.3.0—the first stable release that
includes support for the latest DNSSEC (DNSSEC.bis) standards and a major functional
upgrade from previous BIND 9 releases. If you run or administer a DNS system, are thinking
about running a DNS system, need to upgrade to support IPv6 DNS, need to secure a DNS for
zone transfer, dynamic update, or other reasons, need to implement DNSSEC, or simply want
to understand the DNS system, then this book is designed to provide you with a single point
of reference. The book progressively builds up from simple concepts to full security-aware
DNSSEC configurations. The various features, parameters, and Resource Records that you
will need are all described and in the majority of cases illustrated with one or more examples.
The book contains a complete reference on zone files, Resource Records, and BIND’s named.conf
configuration file parameters. Programmers and the insatiably curious will find BIND’s Simple
Database API, resolver library interfaces, and the gory details of DNS wire-format messages