UNIX System Administration Handbook - Evi Nemeth [289]
2. Versions of Solaris prior to Solaris 8 did not include the ndc command, so unless your site installed ndc from the BIND distribution, you will have to send named a HUP signal to initiate a reload.
3. ICANN is the Internet Corporation for Assigned Names and Numbers, the governing body of the Internet. See page 263 for more information about ICANN.
4. However, names like edu.com break many versions of BIND.
5. Not all names with repeated components were illegal. For example, xinet.xinet.com was always a valid name. The domain part is xinet.com and the domain contains a host called xinet.
6. Who says marketing and engineering can’t get along?
7. Many hosts have a “switch” file that specifies what sources of data should be used to implement name lookups. DNS will not be used on some systems (e.g., Solaris 7 and earlier) unless dns is added to the switch file; see the vendor-specific sections starting on page 481 for details.
8. You also need ingress filtering at your firewall; see page 675. Better yet, use TSIG for authentication.
9. While poking around at the level of bits, it’s easy to lose sight of the fact that IPv6 addresses have some internal structure of their own. See page 281 for a discussion of the boundaries and meanings of the regions into which an IPv6 address is conventionally divided.
10. The link-local address is used by Macs and PCs that have been told to use IP but cannot find a DHCP server. These machines just assign themselves an address on the 169.254.0.0/16 network. Addresses in this range should be aggressively filtered so that they never escape from the local wire. Cable and DSL modems are starting to use this address range as well.
11. Don’t make private addresses bogus if you use them and are configuring your internal DNS servers!
12. This command is called dnskeygen in BIND 8.
13. The math involved is called the discrete log problem and relies on the fact that for modular arithmetic taking powers is easy but taking logs to undo the powers is close to impossible.
14. The ordering is sort of alphabetical, but with names higher up the DNS tree coming first. For example, in the cs.colorado.edu zone, cs.colorado.edu comes before any host.cs.colorado.edu. Within a level of the hierarchy, the ordering is alphabetical.
15. The meaning of minimum changed in BIND 8.2 from the default TTL for all records to the default TTL for negative caching.
16. On a gTLD server, this message probably means that com is still loading. :-)
17. The identity of this host may soon change, since Network Solutions will not be running the primary root name server much longer.
16.17 RECOMMENDED READING
DNS and BIND are described by a variety of sources, including the documentation that comes with the distribution, chapters in several books on Internet topics, an entire book in the O’Reilly Nutshell series, and various on-line resources.
Mailing lists and newsgroups
The following mailing lists are associated with BIND:
• bind-users – mail bind-users-request@isc.org to join
• bind-announce – mail bind-announce-request@isc.org
• namedroppers – mail namedroppers-request@internic.net
• bind-workers – mail bind-workers-request@isc.org (for code warriors)
Send bug reports to bind-bugs@isc.org or bind9-bugs@isc.org.
Books and other documentation
THE NOMINUM BIND DEVELOPMENT TEAM. BINDv9 Administrator Reference Manual. Available in the BIND distribution (doc/arm) from www.isc.org.
This document outlines the administration and management of BIND 9. An earlier document, the Bind Operations Guide, or BOG as it is called, describes in detail the operation and configuration of BIND 4. The BOG is included in BIND distributions up through version 8.
ALBITZ, PAUL, AND CRICKET LIU. DNS and BIND, Third Edition. Sebastopol, CA: O’Reilly, 1998.
This popular and well-respected book about BIND includes coverage of BIND 8, and we hear that the fourth edition is coming