The BIND Software

Previous page
Table of content
Next page

BIND can be used to implement DNS on UNIX and Windows NT. The most interesting component is called the name daemon.

This chapter takes you through some experiments in DNS configuration. The first time you set up DNS, you should be sure you do so on a machine on which you can perform tests. In addition, you should make sure you have root access to this machine. I urge you to set up your test nameserver with the same configurations I use here and to perform the same tests I demonstrate. Also, if you change any existing files, be sure you back them up first.

ISC

The ISC (Internet Software Consortium) maintains BIND and provides it to you free of charge, with a minimal obligation from you. The following is the essence of the LICENSE file in the BIND distribution:

    Permission to use, copy, modify, and distribute this software for any    purpose with or without fee is hereby granted, provided that the above    copyright notice and this permission notice appear in all copies

Then follows a standard disclaimer of pretty much everything.

UNIX vendors provide BIND as part of their OS offering, usually in a network services package. As explained in the Introduction, different versions of BIND exist, and you should run the latest version of it to get the best security. Additionally, running BIND version 4 should be avoided if at all possible. One way to know whether you have BIND 4 is if your BIND wants to read a file called named.boot that contains lines with keywords such as secondary. You can check this in the named(1) man page on your system.

The merits of using a vendor-supported BIND versus those of using the latest BIND is a subject for debate, and you might have to yield to company policies. But the reasons for using the latest version are very good. First, the latest version of BIND will always be more secure than any version of BIND 4. Plus, through the BIND 8 series, many enhancements and improvements in security have been added. Quite simply, the latest version is likely to be the best choice at any given time. The community support for BIND is good, but the ISC also offers support contracts, so check its Web site. Your friendly neighborhood UNIX consultants also might be able to support BIND to your and your company's satisfaction. I highly recommend using the latest version of BIND with the support with which you and your superiors feel comfortable.

Where to Get BIND

ISC's FTP site address is ftp://ftp.isc.org/. BIND, however, resides in the /isc/bind/src subdirectory, where you always will find the latest release version of BIND. The latest available release also is announced on the Web page at http://www.isc.org/.. You will want all three packages in the directory of the current release: src, doc, and contrib.

A few OS vendors, including most Linux and BSD vendors, will supply you with an easy-to-install package with the latest version of BIND. On the other hand, your computer already might have a recent version of BIND installed. But, you might find an updated package on your OS vendor's FTP or Web site as a replacement package or a patch to install. I recommend checking for and getting and installing the latest version or patch that has been created, unless you decide to compile and install BIND yourself.

Compiling BIND

You might want to compile, configure, test, and play with BIND for the first time on a machine not in your production environment.

If you need to, or want to, compile BIND yourself, you'll be faced with the usual tasks of compiling well-maintained free software. BIND works on almost all platforms, but if your platform is not among those on which the ISC tests BIND, compiling it yourself could involve a lot of work. On the other hand, if you use a tested platform, compiling and installing BIND should be easy. The documentation files in the src package provide details about compilation.

In Chapter 15, "Compiling and Maintaining BIND," you will find more specific information about fetching, compiling, and maintaining BIND. Installing the latest and greatest version of BIND provides no guarantees. BIND must be maintained to be kept secure both to avoid break-ins on your DNS servers and to avoid the more subtle problems that a buggy DNS can cause. You also will find in Chapter 15 information on how to keep up with developments in BIND and DNS and how to find discussion forums for everything from how to solve various problems to how DNS will develop in the next few years.

Previous page
Table of content
Next page
The Concise Guide to DNS and BIND
The Concise Guide to DNS and BIND
ISBN: 0789722739
EAN: 2147483647
Year: 1999
Pages: 183
Authors: Nicolai Langfeldt
BUY ON AMAZON
PostgreSQL(c) The comprehensive guide to building, programming, and administering PostgreSQL databases
Cisco CallManager Fundamentals (2nd Edition)
Mastering Delphi 7
Logistics and Retail Management: Emerging Issues and New Challenges in the Retail Supply Chain
PMP Practice Questions Exam Cram 2
Python Programming for the Absolute Beginner, 3rd Edition
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy