Book Image

DNS in Action

By : CP Books a.s.
Book Image

DNS in Action

By: CP Books a.s.

Overview of this book

The Domain Name System is one of the foundations of the internet. It is the system that allows the translation of human-readable domain names into machines-readable IP addresses and the reverse translation of IP addresses into domain names. This book describes the basic DNS protocol and its extensions; DNS delegation and registration, including for reverse domains; using DNS servers in networks that are not connected to the internet; and using DNS servers on firewall machines. Many detailed examples are used throughout the book to show perform various configuration and administration tasks.

Related Content you might be interested in

Current Title:

Small book image
DNS in Action
CP Books a.s.
Apr, 2006 | 0 hours 0 minutes
No titles found
Table of Contents (16 chapters)
DNS in Action
DNS in Action
Credits
Credits
About the Authors
About the Authors
Preface
Preface
Free Chapter
1
Domain Name System
Domain Name System
1.1 Domains and Subdomains
1.2 Name Syntax
1.3 Reverse Domains
1.4 Domain 0.0.127.in-addr.arpa
1.5 Zone
1.6 Reserved Domains and Pseudodomains
1.7 Queries (Translations)
1.8 Resolvers
1.9 Name Server
1.10 Forwarder Servers
2
DNS Protocol
DNS Protocol
2.1 Resource Records
2.2 DNS Protocol
2.3 DNS Query
3
DNS Extension
DNS Extension
3.1 DNS Update
3.2 DNS Notify
3.3 Incremental Zone Transfer
3.4 Negative Caching (DNS NCACHE)
3.5 DNS IP version 6 Extension
3.6 DNS Security Protocols
3.7 TSIG
3.8 Saving Certificates to DNS
4
Name Server Implementation
Name Server Implementation
4.1 DNS Database
4.2 RR Format
4.3 Name Server Implementation in BIND
4.4 Microsoft’s Native Implementation of DNS in Windows 2000/2003
5
Tools for DNS Debugging and Administration
Tools for DNS Debugging and Administration
5.1 Tools for DNS Debugging
5.2 The rndc Program
5.3 Errors in DNS Configuration
6
Domain Delegation and Registration
Domain Delegation and Registration
6.1 Example 1
6.2 Example 2
6.3 Domain Registration
7
Reverse Domain Delegation
Reverse Domain Delegation
Server ns.company.com
Server ns.provider.net
Server ns.ripe.net (authoritative server for a superior domain)
Server ns.company.com
Server ns.branch.company.com
8
Internet Registry
Internet Registry
8.1 International Organizations
8.2 Regional Internet Registry (RIR)
8.3 IP Addresses and AS Numbers
8.4 Internet Registry
8.5 Delegation of Second-Level Domains
9
DNS in Closed Intranets
DNS in Closed Intranets
9.1 Configuring a Root Name Server on the Same Server (BIND Version 4)
9.2 Configuring a Root Name Server on a Separate Server (BIND Version 4)
9.3 Root DNS Server in Windows 2000/2003
10
DNS and Firewall
DNS and Firewall
10.1 Shared DNS for Internet and Intranet
10.2 Name Server Installed on Firewall
10.3 Dual DNS
10.4 End Remarks
Country Codes and RIRs
Country Codes and RIRs
Index
Index

5.2 The rndc Program

The rndc (remote name server control) program is a program that allows you to control a name server both remotely and safely. A name server administrator can use this program to carry out the actions stated in the later table. The program can find out the name server’s PID and send the server the appropriate signal.

The rndc program has gradually developed over the years. Version 4 defined signals (see Section 5.2.1) for this purpose. A DNS administrator would send these signals to a name server using operating system commands. Version 8 introduced the rndc utility that offered a similar group of functions, but did not ensure security. BIND 9 added the authentication of the connection used.

BIND 9 and its client use a prepared symmetric key to mutually identify each other. The server has the key stored in the key clause in the named.conf file. The client has the same key and it is stored in the rndc.key file or in the rndc.conf configuration file. The rndc-confgen -a...

Previous Section
End of Section 3
Next Section