DNS: The Bind Leading the Bind
Hiding beneath the surface of your web browser, email and instant messaging lies a phone book for computers on the Internet. We call it Domain Name System or DNS. It looks up the names of other computers and calls them to chat, shake hands or whatever PCs do with their own kind.
Aside from hiding beneath hundreds of millions of people's awareness, some people know that DNS seems to like Linux. In fact, they're sort of made for each other. You can get Linux for free and the software for DNS comes packaged with Linux distributions and it's also free.
Almost universally DNS servers run Berkeley Internet Name Domain or BIND. Any one wanting their own web site and/or domain needs two domain servers. That's just one of the rules of the game. Obviously, the requirement for two servers made Linux the choice of ISPs and system administrators because it saves people money.
If you want to work as a Linux sysadmin and travel that career path, then you'll need to learn DNS. That's where the other shoe drops. Keep reading.
The big directory runs in a distributed mode and it wants the owner of a domain to provide it's own directory listings. Basically, you have to write your part of the DNS system because the rest of the Internet depends on you doing that.
A slight catch exists. The Internet Engineering Task Force (IETF) established our current DNS protocols long before the enormous growth of the Internet. No one really knew if it would scale.
Funny as it may seem, DNS worked even under the tremendous stress placed on it as the Internet grew exponentially. The Domain Name System simply grew as the Internet grew. And while the current system remains a bit archaic, it works and it works well.
It just requires a set of skills popular well over two decades ago. The standards of DNS did not have a chance to adjust their technical underpinnings while the great Internet adoption took place. The protocols came into existence in 1985. Oh, did I mention that those protocols lack something we call intuitive.
Do I Have To?
Simple answer: yes. Linux system administrators have to learn DNS. Even if you off-load your DNS to a service provider, you'll likely wind up getting all or part of it back. The Internet continues to change and the demands requiring the resolution of friendly names like domain.org to an IP address has become mission critical.
Let's look at the reality in the market. Businesses, especially big ones, hate to change their systems. Forget the noise people make about migrating or upgrading this or that. Big orgs hate it.
But, Big orgs also have to keep current or they'll get bloodied by nimbler businesses using new standards and protocols. Just so those angry Big orgs can keep their legacy applications in use by let's say 100,000 employees on terminals or PCs, a new industry emerged. We call it the web-enablement segment.
Along comes application servers like JBoss and WebSphere and suddenly disparate silos of servers start speaking to each other. Then we have front-end applications speaking to their supply chain while customers and vendors come into the enterprise.
The rest of the world doesn't even know that another layer of applications surrounds those legacy apps and data repositories. It reminds me of the convergence of public libraries. One on side of the Ethernet lies the library's old database. On the other side lies a LAMP application talking to other servers as if they all had the same MySQL database engines full of book titles, authors and subjects.
How does all this work? Oh, it works because a twenty year old directory with a billion entries almost instantly looks up a name, translates it to a number and let's those babies chat, shake hands and do whatever PCs and their kind do.
It's Archaic and Unintuitive?
You can take that to the data center or is it the server bank? Yes, it's old and cranky and doesn't like GUI front-ends. It wants you to write everything by hand on the command line.
Every time you make a change, it wants you to restart it. It says it doesn't want any more of a certain kind of record and then the people at Apache make their server do something cool and you have to put those deprecated record types back into the configuration files.
Guess what else. It's installed base is so big, it won't start migrating and upgrading anytime soon. Like those Big orgs that hate to change - you can add the Internet DNS system to that angry bunch.
Should I Buy a Book?
You can buy a book or take Ambien CR. Either way, you get plenty of sleep. Reading the book might cause irritable neck syndrome.
So, poke around the Internet and look for readable tutorials and howtos. Or wait and catch the rest of this series as we head into the underground caverns of resolver libraries, zone files, hints and local zones to mention a few.
Until then, enjoy.
Thanks to Keith Daniels for these.
- The Open Source version of DNS
- OpenNIC: Democratic Name System DNS
- Tutorials, Tips and Tricks, HowTo and other Articles
- DNS Concepts
- DNS HOWTO
- DNS tricks and tips
- DNS for Rocket Scientists
- Internet Domain Name Structure
- Domain Name System
- Men & Mice - DNS Resources
- Setting Up Your New Domain Mini-HOWTO
- How to Use Domain-Based Blacklist Zones
- Bind and Dnsmasq
- freshmeat.net: Project details for Dnsmasq
- Configuring BIND with Webmin - RimuHosting
- BIND 9 Administrator Reference Manual
- Berkeley Internet Name Domain (BIND)
- Free DNS hosting- When you are learning, sometimes it is real handy to have a free backup for a while.:-)
- The Public DNS Service
- List of free DNS hosting sites
- Another list of free DNS hosting sites
- Setting up Dynamic DNS at Home is a good way to learn without breaking anything important. :-)
- How To Set Static and Dynamic DNS for Your ISP
- Free Dynamic and Static DNS
- Dynamic Network Services
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The Death of RoboVM
- BitTorrent Inc.'s Sync
- The Humble Hacker?
- The US Government and Open-Source Software
- Open-Source Project Secretly Funded by CIA
- ACI Worldwide's UP Retail Payments
- New Container Image Standard Promises More Portable Apps
- AdaCore's SPARK Pro
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide