Red Hat [Electronic resources] : The Complete Reference Enterprise Linux Fedora Edition؛ The Complete Reference نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

Red Hat [Electronic resources] : The Complete Reference Enterprise Linux Fedora Edition؛ The Complete Reference - نسخه متنی

Richard L. Petersen

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
ارسال به دوستان
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات
توضیحات
افزودن یادداشت جدید








BIND


The DNS server software currently in use on Linux systems is Berkeley Internet Name Domain (BIND). BIND was originally developed at the University of California, Berkeley, and is currently maintained and supported by the Internet Software Consortium (ISC). You can obtain BIND information and current software releases from its Web site at www.isc.org. Web page documentation and manuals are included with the software package. RPM packages are available at distribution FTP sites. The BIND directory in /usr/share/doc contains extensive documentation, including Web page manuals and examples. The Linux HOW-TO for the Domain Name Service, DNS-HOWTO, provides detailed examples. Documentation, news, and DNS tools can be obtained from the DNS Resource Directory (DNSRD) at www.dns.net/dnsrd. The site includes extensive links and online documentation, including the BIND Operations Guide (BOG). See Table 34-2 for a list of DNS resources.


Alternative DNS Servers


Several alternative DNS servers are now available. These include djbdns, noted for its security features, CustomDNS, a dynamic server implemented in Java (customdns.sourceforge.net), and Yaku-NS, an embedded server. The djbdns server (cr.yp.to/djbdnsl), written by D.J. Bernstein, is designed specifically with security in mind, providing a set of small server daemons, each performing specialized tasks. In particular, djbdns separates the name server, caching server, and zone transfer tasks into separate programs: tinydns (tinydns.org) implements the authoritative name server for a network, whereas dnscache implements a caching server that will resolve requests from DNS clients such as Web browsers. In effect, dnscache operates as the name server that your applications will use to resolve addresses. dnscache will then query tinydns to resolve addresses on your local network. Zone transfers are handled separately by axfrdns and asfget.





















Table 34-2: BIND Resources


Web Site


Resource


www.isc.org


Internet Software Consortium


www.dns.net/dnsrd


DNS Resource Directory


www.nominum.com


Nominum, BIND support and consulting



DNS Documentation


Currently, ISC has contracted with two companies, Nominum and Mind, to provide BIND support. Nominum is an ISC support partner and has taken an active role in BIND development. At its Web site at www.nominum.com, you can find BIND documentation, including the BIND 9 Administrator's Reference. Nominum, like many commercial companies that support open source software, provides professional consultant and support services, while freely contributing to Open Source development. Mind provides consulting services for the European market.


BIND Servers and Tools


The BIND DNS server software consists of a name server daemon, several sample configuration files, and resolver libraries. As of 1998, a new version of BIND, beginning with the series number 8.x, implemented a new configuration file using a new syntax. Version 9.0 adds new security features and support for IPv6. Older versions, which begin with the number 4.x, use a different configuration file with an older syntax. Most distributions currently install the newer 9.x version of BIND.

The name of the BIND name server daemon is named. To operate your machine as a name server, simply run the named daemon with the appropriate configuration. The named daemon listens for resolution requests and provides the correct IP address for the requested hostname. You can use the Remote Name Daemon Controller utility,

rndc , provided with BIND to start, stop, restart, and check the status of the server as you test its configuration.

rndc with the

stop command stops named and, with the

start command, starts it again, reading your named.conf file.

rndc with the

help command provides a list of all

rndc commands. See the Red Hat Reference Guide for detailed information on configuring

rndc access to your DNS server. Once your name server is running, you can test it using the

dig or

nslookup utility, which queries a name server, providing information about hosts and domains. If you start

dig with no arguments, it enters an interactive mode where you can issue different

dig commands to refine your queries. Numerous other DNS tools are also available, such as nslint and host. Check the DNS Resource Directory at www.dns.net/dnsrd for a listing. Table 34-3 lists several DNS administrative tools.






























Table 34-3: BIND Diagnostic and Administrative Tools


Tool


Description


dig

domain


Domain Information Groper, tool to obtain information on a DNS server. Preferred over nslookup.


host

hostname


Simple lookup of hosts.


nslookup

domain


Tool to query DNS servers for information about domains and hosts.


rndc

command


Remote Name Daemon Controller, an administrative tool for managing a DNS server (version 9.x).


ndc


Name Daemon Controller (version 8.x).


redhat-config-bind


Red Hat Bind DNS server configuration tool.



Starting and Stopping the BIND Server


On Red Hat, the named daemon is started using a startup script in the /etc/rc.d/init.d directory called named. You can use this script to start, stop, and restart the daemon using the

stop ,

start , and

restart arguments. You can invoke the script with the

service command as shown here:

service named restart

On most distributions, named runs as a standalone daemon, starting up when the system boots and constantly runs. If you don't want named to start up automatically, you can use the redhat-config-services or chkconfig to change its status.


/ 328