Linux DNS Server Administration
Author: Craig Hunt
Publisher: SYBEX, Inc.
Price: $39.00 US
Reviewer: Ralph Krause
The Domain Name Service (DNS) is an integral part of networking and the Internet. Linux distributions typically include BIND, the Berkeley Internet Name Domain software, which handles DNS. However, books about Linux usually don't provide much information on using or configuring DNS.
While configuring BIND can be complicated, it is not impossible. Linux DNS Server Administration by Craig Hunt explains how DNS works and details the steps necessary to configure it. Mr. Hunt is a noted TCP/IP and Linux expert, and he has done a very good job of illuminating the inner workings of DNS and explaining how BIND works with Linux.
The book contains twelve chapters and is divided into four parts that explain how BIND and DNS work, basic DNS configuration, advanced DNS configuration and how to maintain DNS once it is running. Appendices and an index make up the rest of the book.
The book is well laid out, and information is easy to find. At the beginning of each section is an overview of the material in the following chapters. Each chapter begins with a brief introduction of the material that it will cover and ends with a summary. A listing of all the code and example files is on the inside of the front and back covers.
The first part of the book covers the DNS architecture, protocols and the BIND software. The /etc/hosts file is explained along with its uses and limitations. The DNS Hierarchy is introduced along with an explanation of domains, searching for domains and how queries are resolved. Datagrams are provided for DNS messages and an explanation on how DNS databases are synchronized is given. Next is a look at BIND installation and control. The section ends with instructions for determining your own DNS architecture requirements.
The second part covers DNS configuration and contains three chapters. The first chapter explains what the resolv.conf, host.conf and nsswitch.conf files are for and how they work. The next chapter details the configuration of caching and slave servers and provides suggestions on when to create them. The final chapter explains how to create a master server, the one that is the authority for a given domain and the most complicated. Each chapter contains sample configuration files along with an explanation of their contents.
Part three deals with advanced BIND configurations. Topics covered include how to create nondelegated subdomains within a zone, when to create delegated child zones and how to advertise network services. This section also includes information on tuning a DNS configuration for better performance. The section also introduces the dynamic DNS (DDNS) protocol that promises to eliminate the drudge work of DNS configuration by having the computer create records from the information available on the network.
The final part of the book is concerned with keeping a running DNS system healthy and secure. The first chapter in this section covers security and includes information on securing Linux, securing the DNS configuration, coexisting with a firewall and the DNS Security (DNSSEC) protocols. The next chapter explains how to test and troubleshoot DNS, using commands such as host, dig and nslookup. The final chapter covers the BIND log files and explains how to configure logging to meet specialized needs.
The book also contains four appendices. Appendix A introduces the new features coming up in BIND 9 and contains brief installation instructions for using the Beta 2 release. Appendix B is a command reference for the named.conf file. Appendix C contains descriptions of all the 41 types of resource records that BIND supports. The final appendix explains how to configure a Network Information Service (NIS) server.
I found this book relatively easy to follow and understand and was able to set up a DNS server for my small network using it. The book provides illustrations, definitions and sample configuration files that clarify the text. Mr. Hunt does a very good job of explaining how DNS works and how to configure and maintain a DNS server with a good balance between general and technical information.
Ralph Krause lives in southeastern Michigan and has been using Linux for over two years. In addition to writing about Linux and FreeBSD, he also does computer consulting and creates web sites. He can be reached at email@example.com.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- BitTorrent Inc.'s Sync
- The Death of RoboVM
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The Humble Hacker?
- The US Government and Open-Source Software
- New Container Image Standard Promises More Portable Apps
- Open-Source Project Secretly Funded by CIA
- AdaCore's SPARK Pro
- ACI Worldwide's UP Retail Payments
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide