Configure and maintenance of the DNS BIND server

1. OBJECTIVE OF THE WORK

Configuring Domain Name Service based on server BIND v.9.x. Getting practical skills aboute configuring and supporting DNS.

2. KEY POINTS

By default FreeBSD uses one version of the program BIND (Berkeley Internet Name Domain) which is the most common implementation of the DNS protocol for UNIX-based systems. FreeBSD currently comes with BIND9 DNS server software. This installation provides enhanced security features, a new file system layout and automated chroot configuration. BIND software and documentation also can be downloaded from www.isc.org. News and tools available on the DNS Resource Directory at page www.dns.net/dnsrd.

BIND server consists of name server daemon, a few files with examples of configuration and name resolution library. The BIND name server daemon is called named. Starting this daemon in the required configuration allow your computer to work as name server. Daemon will wait for requests for name resolution and give the required IP-address for the requested host name. Rndc tool provides the possibility to start, stop, restart and check the state of name server for configuration. The stop command of rndc tool stops the named daemon, and start command restarts it, but the configuration file named.conf will be read again. Runnig rndc tool with option help lists all available commands.

Name servers generally come in two forms: authoritative name servers, and caching name servers.

An authoritative name server is needed when:

- One wants to serve DNS information to the world, replying authoritatively to queries.

- A domain, such as example.org, is registered and IP addresses need to be assigned to hostnames under it.

- An IP address block requires reverse DNS entries (IP to hostname).

- A backup or second name server, called a slave, will reply to queries.

- A caching name server is needed when:

- A local DNS server may cache and respond more quickly than querying an outside name server.

For example, when someone makes a query for www.FreeBSD.org, the resolver usually queries the uplink ISP's name server, and retrieves the reply. With a local, caching DNS server, the query only has to be made once to the outside world by the caching DNS server. Additional queries will not have to go outside the local network, since the information is cached locally.