As we discussed in Chapter 2, TCP/IP networking may rely on different schemes to convert names into addresses. The simplest way is to use a host table stored in /etc/hosts. This is useful only for a small LAN that is run by a single administrator and no IP traffic with the outside world. The format of the hosts file has already been described in Chapter 4.
While a hosts file approach may be appropriate on a small network, most administrators will need to investigate a DNS server. There are multiple services that you can use to resolve IP addresses. The most commonly used is the Berkeley Internet Name Domain service (BIND) Version 8.x. BIND v9.x has been available for some time now and seeks to add a variety of new features, as well as contend with security issues in BIND v8.x. The jump from BIND 8 to BIND 9 isn't quite as significant as was the leap from BIND 4 to 8; many of the configuration files and options are the same. Configuring BIND can be a real chore, but once you've done it, you can easily make changes in the network topology. On Linux, as on many other Unix-ish systems, BIND service is provided through a program called named. At startup, it loads a set of master files into its internal cache and waits for queries from remote or local user processes. There are different ways to set up BIND, and not all require you to run a nameserver on every host.
We will also discuss a simpler and more secure option, djbdns, written by David J. Bernstein. This resolver was written from scratch with security in mind and simplifies server setup in a number of ways, primarily by eliminating the need for multiple confusing zone files.
This chapter can do little more than give a rough sketch of how DNS works and how to operate a nameserver. It should be sufficient for readers with a small LAN and an Internet connection. For the most current information, you may want to check the documentation contained in the BIND or djbdns source packages, which supply manual pages, release notes, and in the BIND package, the BIND Operator's Guide (BOG). Don't let this name scare you off; it's actually a very useful document. For more comprehensive coverage of DNS and associated issues, you may find DNS and BIND by Paul Albitz and Cricket Liu (O'Reilly) a useful reference. DNS questions may be answered in a newsgroup called comp.protocols.tcp-ip.domains. For technical details, the Domain Name System is defined by RFC numbers 1033, 1034, and 1035 .