Supplemental files and examples for this book can be found at http://examples.oreilly.com/9780596100575/. Please use a standard desktop web browser to access these files, as they may not be accessible from all ereader devices.
All code files or examples referenced in the book will be available online. For physical books that ship with an accompanying disc, whenever possible, weve posted all CD/DVD content. Note that while we provide as much of the media content as we are able via free download, we are sometimes limited by licensing restrictions. Please direct any questions or concerns to .
Preface
You may not know much about the Domain Name Systemyetbut whenever you use the Internet, you use DNS. Every time you send electronic mail or surf the World Wide Web, you rely on the Domain Name System.
You see, while you, as a human being, prefer to remember the names of computers, computers like to address each other by number. On an internet, that number is 32 bits long, or between 0 and 4 billion or so.[] That's easy for a computer to remember because computers have lots of memory ideal for storing numbers, but it isn't nearly as easy for us humans. Pick 10 phone numbers out of the phone book at random and then try to remember them. Not easy? Now flip to the front of the phone book and attach random area codes to the phone numbers. That's about how difficult it would be to remember 10 arbitrary internet addresses.
This is part of the reason we need the Domain Name System. DNS handles mapping between hostnames, which we humans find convenient, and internet addresses, which computers deal with. In fact, DNS is the standard mechanism on the Internet for advertising and accessing all kinds of information about hosts, not just addresses. And DNS is used by virtually all internetworking software, including electronic mail, remote terminal programs such as ssh , file transfer programs such as ftp , and web browsers such as Microsoft's Internet Explorer.
Another important feature of DNS is that it makes host information available all over the Internet. Keeping information about hosts in a formatted file on a single computer only helps users on that computer. DNS provides a means of retrieving information remotely from anywhere on the network.
More than that, DNS lets you distribute the management of host information among many sites and organizations. You don't need to submit your data to some central site or periodically retrieve copies of the "master" database. You simply make sure your section, called a zone , is up to date on your nameservers . Your nameservers make your zone's data available to all the other nameservers on the network.
Because the database is distributed, the system also needs to be able to locate the data you're looking for by searching a number of possible locations. The Domain Name System gives nameservers the intelligence to navigate through the database and find data in any zone.
Of course, DNS does have a few problems. For example, the system allows more than one nameserver to store data about a zone, for redundancy's sake, but inconsistencies can crop up between copies of the zone data.
But the worst problem with DNS is that despite its widespread use on the Internet, there's really very little documentation about managing and maintaining it. Most administrators on the Internet make do with the documentation their vendors see fit to provide and with whatever they can glean from following the Internet mailing lists and Usenet newsgroups on the subject.
This lack of documentation means that the understanding of an enormously important internet serviceone of the linchpins of today's Internetis either handed down from administrator to administrator like a closely guarded family recipe, or relearned repeatedly by isolated programmers and engineers. New zone administrators suffer through the same mistakes made by countless others.
Our aim with this book is to help remedy this situation. We realize that not all of you have the time or the desire to become DNS experts. Most of you, after all, have plenty to do besides managing your zones and nameservers: system administration, network engineering, or software development. It takes an awfully big institution to devote a whole person to DNS. We'll try to give you enough information to allow you to do what you need to do, whether that's running a small zone or managing a multinational monstrosity, tending a single nameserver or shepherding a hundred of them. Read as much as you need to know now, and come back later if you need to learn more.
DNS is a big topicbig enough to require two authors, anywaybut we've tried to present it as sensibly and understandably as possible. The first two chapters give you a good theoretical overview and enough practical information to get by, and later chapters fill in the nitty-gritty details. We provide a roadmap up front to suggest a path through the book appropriate for your job or interest.
When we talk about actual DNS software, we'll concentrate almost exclusively on BIND, the Berkeley Internet Name Domain software, which is the most popular implementation of the DNS specs (and the one we know best). We've tried to distill our experience in managing and maintaining zones with BIND into this book. (One of our zones, incidentally, was once one of the largest on the Internet, but that was a long time ago.) Where possible, we've included the real programs we use in administration, many of them rewritten into Perl for speed and efficiency.
We hope that this book will help you get acquainted with DNS and BIND if you're just starting out, refine your understanding if you're already familiar with them, and provide valuable insight and experience even if you know 'em like the back of your hand.
Versions
The fifth edition of this book deals with the new 9.3.2 and 8.4.7 versions of BIND as well as older versions of BIND 8 and 9. While 9.3.2 and 8.4.7 are the most recent versions as of this writing, they haven't made their way into many vendors' versions of Unix yet, partly because both versions have only recently been released and many vendors are wary of using such new software. We also occasionally mention other versions of BIND because many vendors continue to ship code based on this older software as part of their Unix products. Whenever a feature is available only in the 8.4.7, or 9.3.2 version, or when there is a difference in the behavior of the versions, we try to point out which version does what.
We use nslookup , a nameserver utility program, very frequently in our examples. The version we use is the one shipped with the 9.3.2 BIND code. Older versions of nslookup provide much, but not quite all, of the functionality in the 9.3.2 nslookup . We've used commands common to most nslookup s in most of our examples; when this was not possible, we tried to note it.
[] And, with IP version 6, it's a whopping 128 bits long, or between 0 and a 39-digit decimal number.
What's New in the Fifth Edition?
Besides updating the book to cover the most recent versions of BIND, we've added a fair amount of new material to the fifth edition: