A note on the digital index A link in an index entry is displayed as the section title in which that entry appears. Because some sections have multiple index markers, it is not unusual for an entry to have several links to the same section. Clicking on any link will take you directly to the place in the text in which the marker appears.
A A (address) records multiple, using to set up round-robin, Round-Robin Load Distribution query statistics on BIND 8 nameserver, BIND 8 statistics AAAA (address) records example, AAAA and ip6.arpa absolute pathnames, The Domain Name System, in a Nutshell access lists, support in BIND 8 and 9, Getting BIND ACE, Internationalized Domain Names converting to and from Unicode, DNS and WINS encoding utilities, Internationalized Domain Names acl statement, Address Match Lists and ACLs , acl using with view statement, Views ACLs (access control lists), Address Match Lists and ACLs applying to particular zone, Restricting queries in a particular zone applying to zone transfers, Restricting queries in a particular zone global, puttin on zone data, Protecting zone data on the bastion host actions, The Windows XP Resolver Active Directory, DNS, Windows, and Active Directory handling servers, Handling Windows servers address match lists, Address Match Lists and ACLs named, Address Match Lists and ACLs address sorting, Address and Alias Records by nameserver, Nameserver Address Sorting address type, The Internet Domain Namespace address-to-name lookup, Setting Up Zone Data advertising nameservers, “Advertising” nameserver configuration aero domains, New top-level domains AFSDB records, Additional Resource Records algorithm field DNSKEY records, The DNSKEY Record RRSIG records, The RRSIG Record aliases, The Domain Name System, in a Nutshell , Address and Alias Records configuring mailers to identify, DNS and Email Authentication not checked by mailers, The MX Algorithm Alice’s Adventures in Wonderland, Quotations allow-notify substatement (zone), accepting messages from
nameservers other than zone master nameservers, Incremental Zone Transfer (IXFR) allow-query substatement placing global access list on zone data, Protecting zone data on the bastion host restricting queries in a zone, Restricting queries in a particular zone restricting queries to internal network, “Resolving” nameserver configuration allow-recursion substatement, Avoiding a Bogus Nameserver allow-transfer substatement, Restricting queries in a particular zone allow-update substatement, Securing Your Nameserver also-notify substatement (zone), DNS NOTIFY (Zone Change Notification) suppressing NOTIFY messages to all nameservers except
list, Incremental Zone Transfer (IXFR) any (address match list), Address Match Lists and ACLs ANY records, queries on BIND 8 nameserver, BIND 8 statistics architecture, Architecture DNS operations, Operations external, authoritative DNS infrastructure, External, Authoritative DNS Infrastructure forwarder infrastructure, Forwarder Infrastructure internal DNS infrastructure, Internal DNS Infrastructure arpa domain, Country-code top-level domains ARPAnet, Background asymmetric cryptographic algorithms, Public-Key Cryptography and Digital Signatures attacks spoofing attacks involving recursion, “Resolving” nameserver configuration au top-level domain, New top-level domains auth-nxdomain substatement, The ABCs of IPv6 Addressing authentication dynamic updates to signed zones, DNSSEC and Dynamic Update email authentication and DNS, DNS and Email Authentication SPF, The Sender Policy Framework authoritative servers for a zone, nonrecursive nameserver
as, Avoiding a Bogus Nameserver AXFR records IXFR versus, Incremental Zone Transfer (IXFR) queries on BIND 8 nameserver, BIND 8 statistics B backbones, A (Very) Brief History of the Internet base-64 encoding of a password, rndc and controls (BIND 9) bastion host, Internet Forwarders configuring for split namespace, Configuring the bastion host forwarding mail to the Internet through, How internal nameservers use internal roots split namespace, protecting zone data on, Protecting zone data on the bastion host using views on, Using views on the bastion host BIND (Berkeley Internet Name Domain) compatibility matrix, BIND Compatibility Matrix compiling and installing on Linux, Instructions for BIND 8 controlling the nameserver, Controlling the Nameserver debugging, Reading BIND Debugging Output forward zones, Forward Zones forwarding, Forwarding getting the software, Getting BIND GSS-TSIG and, BIND and GSS-TSIG history of, The History of BIND logging, Logging categories, Category Details channels, The logging Statement channels and categories, Logging nameserver and resolver configuration, BIND Nameserver Boot File Directives and Configuration File
Statements nameserver statistics, Understanding the BIND Statistics BIND 8, BIND 8 statistics BIND 9, BIND 9 statistics using, Using the BIND statistics negative caching by nameservers, Caching new update-policy mechanism (version 9), Versions packet-filtering firewalls and BIND 8 or 9, Proxies recent versions, advantages of, Getting BIND resolver (version 8.4.6), The Resolver resolver configuration default search list, The Search List security recent versions, Securing Your Nameserver setting up, Setting Up BIND configuration file, Setting Up a BIND Configuration File zone datafiles, Setting Up Zone Data , Setting the Zone’s Default TTL source code for most recent versions, Getting BIND support of DNS dynamic update (versions 8 and
9), DNS Dynamic Update versions, Versions views (BIND 9), Views bitstring labels (IPv6 reverse mapping), DNAME records and reverse mapping biz domains, New top-level domains , The generic top-level domains blackhole substatement, System Tuning bogus nameserver, avoiding, Avoiding a Bogus Nameserver Boolean options (nslookup), Option Settings BSD Unix operating system, A (Very) Brief History of the Internet bstat tool, BIND 8 statistics C C programming with resolver library routines, C Programming with the Resolver Library Routines ca (Canada) domain, Nameservers and Zones caching, Caching cleaning stale cache entries, Limiting SOA queries preventing a nameserver from building a cache, A Nonrecursive Nameserver root nameservers, Resolution TTL, Time to Live values on cached records, TTLs Windows XP resolver, Caching negative caching, Caching caching-only nameservers, Caching-Only Servers not registering, Changing TTLs Canada (ca) domain, Nameservers and Zones canonical names mailers looking for, The MX Algorithm canonical, domain names, The Domain Name System, in a Nutshell carriage return and a newline (Windows), The ABCs of IPv6 Addressing Carroll, Lewis, Quotations categories (logging), Logging , stderr channel BIND 8, stderr channel BIND 9, BIND 9 categories config, Data formatting for all channels default, Logging logging to channels, Logging specifying in channel logging statement, Logging viewing all category messages, Viewing all category messages chain of trust, The DS Record and the Chain of Trust channels (logging), Logging configuring, Logging data formatting, stderr channel discarding default category messages, Logging file, File channels logging categories to, Logging null, null channel severity levels of messages, Logging stderr, stderr channel syslog, File channels CHAOS class, Classes Class A, Class B, and Class C networks subnetted Class A and B networks on nonoctet
boundaries, /8 (Class A-sized) and /16 (Class B-sized) networks subnetted Class C networks on nonoctet
boundaries, /8 (Class A-sized) and /16 (Class B-sized) networks classes for internets, Resource Records record types defined by, The Internet Domain Namespace cleaning-interval substatement, Limiting SOA queries client/server architecture of DNS, The Domain Name System, in a Nutshell clients, limiting number served by nameserver
concurrently, Changing the open files limit CNAME (canonical name) records, Using CNAME Records attached to interior nodes, Using CNAME Records mailers and, The MX Algorithm network or subnet hosts moved to new
subdomain, Managing the Transition to Subdomains query statistics on BIND 8 nameserver, BIND 8 statistics using address records instead of, Address and Alias Records com domain, The Internet Domain Namespace , The generic top-level domains command line, changing nslookup options from, Option Settings compatibility, nameservers, Compatibility complete Internet access, Our Zone compressing a domain name, ns_msg_id conditions, nsswitch.conf config category (logging), stderr channel configuration files format of, Setting Up Zone Data connection-specific DNS suffixes, The Windows XP Resolver continue action, The Windows XP Resolver control statements, acl zone datafiles, Using Several Directories $INCLUDE, Including Other Zone Datafiles $ORIGIN, Changing the Origin in a Zone Datafile coop domains, New top-level domains core size limit, Changing the core size limit country top-level domains second-level domains, Where in the World Do I Fit? country-code top-level domains, Top-Level Domains critical severity, Logging cryptographic checksum, One-Way Hash Functions cryptographic keys KSKs, Zone-Signing Keys and Key-Signing Keys public-key cryptography, The DNS Security Extensions sending to be signed, Sending your keys to be signed TSIG, TSIG ZSKs, Zone-Signing Keys and Key-Signing Keys cryptography, public-key, The DNS Security Extensions CSNET class, Classes D daemon facility, Logging , File channels data segment size, changing default limit on, Changing the stack size limit database dumps changing location of nameserver dump file, Logging datafiles, Zone Datafiles date command, BIND 9 statistics db.cache file getting current version, Setting Up a BIND Configuration File temporary root nameserver, Really Long Outages (Weeks) db.movie.edu.signed file (example), Signing your zone db.root file, The db.root file forwarding internal hosts’ mail to the
Internet, How internal nameservers use internal roots DC (Domain Controller), Handling Windows servers debug message (example), stderr channel debug severity, Logging debugging BIND debugging levels, Debugging Levels turning on, Turning On Debugging Perl script converting IP addreses to names, Tools default category (logging), Logging BIND 8, stderr channel BIND 9, BIND 9 categories default-key substatement, rndc.conf file, Using rndc to control multiple servers default-server substatement, rndc.conf options
statement, Using rndc to control multiple servers default_stderr channel (logging), stderr channel delegation, Delegation checking using host, Good Parenting forward mapping, by internal roots, Forward-mapping delegation in-addr.arpa zones, by internal roots, Forward-mapping delegation managing with stubs, Managing delegation with stubs managing transition to subdomains, Managing the Transition to Subdomains subdomains, Nameservers and Zones , Creating and Delegating a Subdomain administrative overhead, When to Become a Parent deciding on, How to Become a Parent: Creating Subdomains to unsigned zones, Delegating to unsigned zones zones, Nameservers and Zones DHCP, DNS Dynamic Update dial-up connections, Dial-up Connections dig tool, Using dig options, dig Options specifying query aspects on command line, Using dig zone transfers, Zone Transfers with dig , How to Use named-xfer disasters, network coping with, Coping with Disaster long outages (days), Coping with Disaster planning for, Planning for Disasters dist file, Adding More Nameservers dname parameter (res_search), res_send DNAME records, IPv6 Forward and Reverse Mapping reverse mapping and, DNAME records and reverse mapping DNS (Domain Name System), The Domain Name System, in a Nutshell architecture, Architecture external, authoritative infrastructure, External, Authoritative DNS Infrastructure forwarder infrastructure, Forwarder Infrastructure internal infrastructure, Internal DNS Infrastructure operations, Operations dial-up Internet connections, A Limitation of MX Records domain namespace, The Domain Namespace electronic mail and, What’s Next? email authentication, DNS and Email Authentication SPF, The Sender Policy Framework Internet firewalls and, DNS and Internet Firewalls internal roots, Internal Roots split namespace, A Split Namespace master file format, Master File Format message format, C Programming with the Resolver Library Routines messages, DNS Messages network failures, Planning for Disasters parsing responses, ns_parserr situations for using or not using DNS, The History of BIND Windows 2000 DNS white paper, The Windows XP Resolver Windows and Active Directory, DNS, Windows, and Active Directory handling Windows cients, BIND and GSS-TSIG handling Windows servers, Handling Windows servers WINS and, DNS and WINS DNS database, structure of, The Domain Name System, in a Nutshell DNS resource records, The Zone Datafiles DNSEXT, Handy Mailing Lists and Usenet Newsgroups DNSKEY records, Islands of security , Zone-Signing Keys and Key-Signing Keys adding to zone datafile, Signing your zone algorithm field, The DNSKEY Record flags field, The DNSKEY Record in keyset file, Sending your keys to be signed protocol field, The DNSKEY Record public key, The DNSKEY Record signed by dnssec-signzone, Signing your zone DNSSEC (DNS Security Extensions), Versions , The DNS Security Extensions algorithm number, Configuring TSIG signing a zone parent zone, Signing a parent zone sending keys to be signed, Sending your keys to be signed dnssec-keygen program -a, -b, and -n options, Signing your zone -f KSK option, Signing your zone dnssec-signzone program, Signing your zone creation of DS record, Sending your keys to be signed keyset file, Sending your keys to be signed options, Signing your zone re-signing records, Sending your keys to be signed re-signing zone, Sending your keys to be signed DO flag, DO, AD, and CD Domain Controller (DC), Handling Windows servers domain name aliases, The Domain Name System, in a Nutshell domain names, The Domain Name System, in a Nutshell choosing, Choosing a Domain Name compression, Domain Name Compression local domain name for resolver, Resolver Configuration mapped to OSI Network Service Access Point
addresses, BIND 8 statistics mappings between aliases and, Providing Aliases translating E.164 numbers to, ENUM domain namespace, The Domain Namespace Internet domain namespace, The Internet Domain Namespace RRs, Resource Records domains, The Domain Name System, in a Nutshell deciding number of nameservers, How Many Nameservers? delegating, Delegation lifecycle of parent domain, The Life of a Parent structure, mirroring organization structure, What to Name Your Children subdomains, Domains top-level, Top-Level Domains zones versus, Nameservers and Zones DS (delegation signer) records creation by dnssec-signzone, Sending your keys to be signed Dunlap, Kevin, The History of BIND dynamic severity, Logging dynamic updates (DNS), Versions , DNS Dynamic Update access lists, Getting BIND causing notification, DNS NOTIFY (Zone Change Notification) restricting with TSIG, Securing Your Nameserver use by Windows, DNS, Windows, and Active Directory E E.164 numbers, ENUM mapping to URIs, ENUM edu (educational) domain, The Domain Name System, in a Nutshell , The Internet Domain Namespace edu zone, Nameservers and Zones electronic mail, DNS and Electronic Mail authentication, DNS and, DNS and Email Authentication SPF, The Sender Policy Framework forwarding for certain Internet domain names using
internal roots, Mail to specific Internet domain names mail exchangers, Movie.edu’s Mail Server mail from internal hosts, sending through internal
root, How internal nameservers use internal roots mail server for example domain, Movie.edu’s Mail Server MX algorithm, The MX Algorithm MX records, MX Records elliptic curve-based public-key algorithm, The DNSKEY Record end-of-line sequences, Windows and Unix, The ABCs of IPv6 Addressing ENUM (Telephone Number Mapping), Organization , ENUM E.164 numbers, translating to domain names, ENUM NAPTR records, The NAPTR Record error severity, Logging example programs in this book, Obtaining the Example Programs expanded space (us domain), The generic top-level domains expanding domain name, ns_name_skip explicit argument (notify substatement), DNS NOTIFY (Zone Change Notification) explicit views, zone statements within, Round-Robin Load Distribution external DNS infrastructure, External, Authoritative DNS Infrastructure external view, Views recursion turned off, DNS and Internet Firewalls extranets, On the Internet and Internets F facilities, syslog channels, File channels fetch-glue substatement, A Nonrecursive Nameserver file descriptors, Common Syslog Messages requirements by named, Changing the open files limit files open, limiting number for named, Changing the open files limit filesystem, DNS database, The Domain Name System, in a Nutshell firewalls Internet, DNS and, DNS and Internet Firewalls internal roots, Internal Roots proxies, Proxies split namespace, A Split Namespace forward mapping, Setting Up Zone Data delegation by internal root nameservers, Forward-mapping delegation IPv6, IPv6 Forward and Reverse Mapping experimental, A6, DNAMEs, Bitstring Labels, and ip6.arpa forward zones, Versions , Forward Zones , Configuring the bastion host using, Using forward zones forward-first mode, Forwarding forward-only mode, A More Restricted Nameserver forwarders, Forwarding , Forwarder Infrastructure Internet, A Bad Example problems with, The trouble with forwarding nonrecursive nameservers, not listing as, Avoiding a Bogus Nameserver selection by nameservers, Views forwarders substatement, Forwarding empty list of forwarders, Forward Zones forwarding, Forwarding forward zones, Forward Zones problems with, The trouble with forwarding forwarding mail, MX Records FQDN (fully qualified domain name) indicated with trailing dot (.), The BIND 4.9 and later search list freeze zone command (rndc program), New rndc commands G global routing prefix (IPv6), The ABCs of IPv6 Addressing , A6 records and forward mapping glue fetching, turning off, “Resolving” nameserver configuration glue records, On the movie.edu Primary Nameserver gov domain, The Internet Domain Namespace GSS-TSIG, Secure Dynamic Update BIND and, BIND and GSS-TSIG gTLDs (generic top-level domains), Country-code top-level domains choosing a domain name under, The generic top-level domains new, New top-level domains H h2n script deleting aliases for subdomain hosts created on
parent, The Life of a Parent other options, Generating Zone Datafiles from the Host Table Harvest tool, BIND 8 statistics Hesiod class, Classes hidden primary, External, Authoritative DNS Infrastructure HINFO (host information) records query statistics on BIND 8 nameserver, BIND 8 statistics HMAC-MD5 cryptographic algorithm, TSIG host program, Good Parenting download sites, Good Parenting using to check delegation, Good Parenting host tables DNS advantages over, What’s Next? example domain, Setting Up Zone Data translating into DNS zone data, Setting Up Zone Data host-statistics substatement, BIND 8 statistics hostname determining local domain from, Resolver Configuration hosts configuring, Configuring Hosts electronic mail programs, Electronic Mail nsswitch.conf file, Additional Configuration Files resolver, Configuring Hosts Windows XP resolver, The Windows XP Resolver DNS information about, The Domain Namespace domain name aliases, The Domain Name System, in a Nutshell domain names, The Domain Name System, in a Nutshell per-host statistics, BIND 8, BIND 8 statistics represented by domain names, Domains hosts database, Additional Configuration Files listing with ypcat, Troubleshooting Tools and Techniques human resources management industry (jobs)
domain, New top-level domains HUP signal, Using Signals I ICANN (Internet Corporation for Assigned Names and
Numbers), New top-level domains ICMP (Internet Control Message Protocol) port unreachable message, Outages port unreachable, host unreachable, or network
unreachable, One nameserver configured idle time, limiting for zone transfers, Limiting the frequency of zone transfers IDN (Internationalized Domain Names), Organization in-addr.arpa domains subdomains of, Subdomains of in-addr.arpa Domains in-addr.arpa zones delegating, Delegating an in-addr.arpa Zone delegation by internal roots, Forward-mapping delegation registering nameservers, Registering Nameservers include statement, acl incremental zone transfer (IXFR), Versions , Incremental Zone Transfer (IXFR) info domain, New top-level domains , The generic top-level domains info severity, Logging int (international organizations) domain, Country-code top-level domains interface ID (IPv6 addresses), The ABCs of IPv6 Addressing interface interval, Interface interval internal view, Views recursion turned on, DNS and Internet Firewalls international organizations (int) domain, Country-code top-level domains Internet history of, A (Very) Brief History of the Internet necessity of DNS, Must I Use DNS? versus internets, On the Internet and Internets Internet access, types of, Our Zone Internet connections dial-up, Dial-up Connections Internet Corporation for Assigned Names and Numbers
(ICANN), New top-level domains Internet domain namespace, The Internet Domain Namespace top-level domains, Top-Level Domains Internet firewalls DNS and, proxies, Proxies Internet root nameservers, Root Nameservers Internet Systems Consortium, The History of BIND internets TCP/IP-based, deciding on use of DNS, Must I Use DNS? versus the Internet, On the Internet and Internets InterNIC Network Modification form, Registering Nameservers site, Choosing a registrar intranets, On the Internet and Internets IP addresses assignment by DHCP, DNS Dynamic Update converting to names in debugging output, Tools nameserver address sorting, Nameserver Address Sorting IP prefixes, Address Match Lists and ACLs ip6.arpa, IPv6 Forward and Reverse Mapping IPv4 transport, configuring, Addresses and Ports IPv6 addresses, Compatibility :: notation, The ABCs of IPv6 Addressing allocation of addresses to sites, Addresses and Ports global routing prefix, The ABCs of IPv6 Addressing interface ID, The ABCs of IPv6 Addressing prefixes, The ABCs of IPv6 Addressing subnet ID, The ABCs of IPv6 Addressing suffixes, The ABCs of IPv6 Addressing forward and reverse mapping, A6, DNAMEs, Bitstring Labels, and ip6.arpa A6 records and forward mapping, A6 records and forward mapping DNAME records and reverse mapping, DNAME records and reverse mapping using AAAA records and ip6.arpa, Versions ISC (Internet Software Consortium) BIND web page, Handy Mailing Lists and Usenet Newsgroups web site for BIND source code, Getting BIND ISC DHCP server, Handling Windows clients ISO 3166 top-level domains country-code abbreviations, Country-code top-level domains uk model, New top-level domains United States model, New top-level domains ISPs (Internet service providers) assignment of IP addresses by DHCP, DNS Dynamic Update iterative queries, Recursion IXFR records, Incremental Zone Transfer (IXFR) L lame delegation, Registering Nameservers lame TTL, TTLs LANs (local area networks), On the Internet and Internets deciding whether to use DNS, Must I Use DNS? volume of DNS traffic, Capacity Planning least privilege, Running BIND with Least Privilege limited Internet access, Our Zone Linux, compiling and insalling BIND on, Instructions for BIND 8 listen-on substatement, Addresses and Ports load balancing, Round-Robin Load Distribution load distribution, Round-Robin Load Distribution shuffle address records, Round-Robin Load Distribution LOC records, LOC Local Area Connection Properties (Windows XP), The Windows XP Resolver local domain name, The Local Domain Name inability to look up, Problem Symptoms local0 facility, syslog channel using, File channels LOCALDOMAIN environment variable, The Local Domain Name localhost (address match list), Address Match Lists and ACLs locality space (us domain), The generic top-level domains localnets (address match list), Address Match Lists and ACLs log.msgs file, Logging logfiles, Dynamic Update and Zone Datafiles dynamic updates, Dynamic Update and Zone Datafiles logging BIND, Changing System File Locations categories, Category Details channels, The logging Statement channels and categories, Logging NOTIFY message information, DNS NOTIFY (Zone Change Notification) queries, Logging Queries logging statement, Logging , logging category specification, Logging syntax, The logging Statement viewing all category log messages (BIND 8), Keeping Everything Running Smoothly loopback address IPv6, The ABCs of IPv6 Addressing not using with multiple nameserver
directives, One nameserver configured lwres statement, logging M mail exchangers, MX Records , Movie.edu’s Mail Server good mail exchangers, qualities of, What’s a Mail Exchanger, Again? inability to use IP address instead of domain name to
identify, Movie.edu’s Mail Server preference value or priority, MX Records mail servers, example domain, Movie.edu’s Mail Server mail-routing loops, preventing MX algorithm, The MX Algorithm preventing, MX Records mailing lists, BIND users updated db.cache file, Setting Up a BIND Configuration File maintenance intervals, nameservers, Limiting SOA queries cleaning interval, Cleaning interval interface interval, Interface interval statistics interval, Statistics interval many-answers transfer format, Limiting the frequency of zone transfers master file format, Setting Up Zone Data , Master File Format master server, Types of Nameservers masters substatement, DNS NOTIFY (Zone Change Notification) , The ABCs of IPv6 Addressing , masters specifying alternate port, Addresses and Ports match-clients substatement, Views match-destinations substatement, Views match-recursive-only substatement, Views max-journal-size substatement, Forwarding max-ncache-ttl substatement, Interface interval max-refresh-time and min-refresh-time
substatements, Limiting the frequency of zone transfers max-retry-time substatement, Limiting the frequency of zone transfers max-transfer-idle-in substatement, Limiting the frequency of zone transfers max-transfer-idle-out substatement, Limiting the frequency of zone transfers max-transfer-time-in substatement, Limiting the total number of zone transfers served max-transfer-time-out substatement, Limiting the total number of zone transfers served MD5 cryptographic algorithm, TSIG memory limits on use by named process stack, Changing the stack size limit message digest, One-Way Hash Functions Microsoft DHCP Server, Problems with Active Directory and BIND Microsoft DNS Server, DNS and WINS Active Directory-integrated zones, Compatibility interoperability problems, Interoperability and Version Problems support of DNS NOTIFY, DNS NOTIFY (Zone Change Notification) Microsoft Knowledge Base article Q246804, Problems with Active Directory and BIND mil domain, Country-code top-level domains min-refresh-time substatement, Limiting the frequency of zone transfers min-retry-time substatement, Limiting the frequency of zone transfers MNAME field (zone SOA record), listing primary
nameserver, DNS Dynamic Update mobi domain (mobile devices), New top-level domains Mockapetris, Paul, The Domain Name System, in a Nutshell , The History of BIND multi-master zone substatement, The ABCs of IPv6 Addressing museum domains, New top-level domains MX records, MX Records backup mail server, identifying, Movie.edu’s Mail Server destinations with A record and no MX record, MX Records explanation of, What’s a Mail Exchanger, Again? limitation of, A Limitation of MX Records MX algorithm, The MX Algorithm preference value, MX Records query statistics on BIND 8 nameserver, BIND 8 statistics wildcard, Mail from internal hosts to the Internet , Wildcards N name collisions, The Domain Name System, in a Nutshell name domains, New top-level domains name-to-address lookup, Setting Up Zone Data name-to-address mappings, Address and Alias Records named finding process ID and sending signal, Updating Zone Datafiles stack size limit, Changing the stack size limit named address match list, Address Match Lists and ACLs named-conf file, trusted-keys statement, Islands of security named-xfer file, Troubleshooting Tools and Techniques named.conf file address match list defined with acl statement, Address Match Lists and ACLs bastion host for split namespace, Configuring the bastion host bastion host nameserver in split namespace, The final configuration caching-only nameserver, Caching-Only Servers complete example, Views controls substatement, Using rndc to control multiple servers db.root file for root nameservers, Configuring other internal nameservers limiting total number of zone transfers, Limiting the total number of zone transfers requested parent zone authoritative nameservers configured as stub
for child zone, Managing the Transition to Subdomains primary nameserver configured as slave, Subdomains of in-addr.arpa Domains reconfiguring slave nameserver as primary, Coping with Disaster rndc-confgen, using with, Using rndc to control multiple servers named.run file, Logging , Turning On Debugging named.stats file, Logging , BIND 8 statistics , BIND 9 statistics named_dump.db file, Logging nameserver directive (resolvers) multiple nameservers configured, One nameserver configured one nameserver configured, One nameserver configured using multiple, The nameserver Directive nameservers, Preface , The History of the Domain Name System , Nameservers and Zones adding, Adding More Nameservers caching-only, Caching-Only Servers partial-slave, Partial-Slave Servers primary master and slave, Adding More Nameservers address sorting, Nameserver Address Sorting authority for a zone, Nameservers and Zones blackhole list, Avoiding a Bogus Nameserver bogus, avoiding, Avoiding a Bogus Nameserver caching, Caching TTL, Time to Live compatibility with resolvers and other
nameservers, Compatibility configuring to use internal root nameserver, Configuring other internal nameservers controlling, Maintaining BIND deciding on number, How Many Nameservers? guidelines, How Many Nameservers? designating as forwarder, Forwarding emulation by nslookup, Is nslookup a Good Tool? external, authoritative, Architecture forward-first mode, Forwarding forwarder selection, Views IPv4 configuration, Addresses and Ports iterative resolution, Iteration logging, Logging categories, Category Details channels, The logging Statement channels and categories, Logging nonrecursive, A Nonrecursive Nameserver organizing your files, Organizing Your Files preferring on certain networks, Preferring Nameservers on Certain Networks preventative maintenance, Keeping Everything Running Smoothly recursive resolution, Recursion registering, Registering Nameservers caching-only, Registering Nameservers some of your nameservers, Registering Nameservers resolution, Resolution securing, Using TSIG BIND versions, Securing Your Nameserver unauthorized zone transfers, Restricting queries in a particular zone serving as internal root and authoritative
nameserver, Configuring other internal nameservers setting up, Setting Up BIND zone data, Setting Up Zone Data zones, Setting Up BIND specified for Windows XP resolver, The Windows XP Resolver stub zones (BIND 8 and 9), Managing delegation with stubs tuning, System Tuning maintenance intervals, Limiting SOA queries zone transfers, Limiting transfers requested per nameserver types of, Types of Nameservers updating zone datafiles, Updating Zone Datafiles root hints, Keeping the Root Hints Current TXT records, General text information zone datafiles, Zone Datafiles namespace, domain, The Domain Namespace namespaces shadow, A Split Namespace split, A Split Namespace naming services, hosts database, Additional Configuration Files naming, views, Views NAPTR records, The NAPTR Record ndc program getting statistics from BIND 8 nameserver, BIND 8 statistics help, ndc and controls (BIND 8) support for commands by rndc program, New rndc commands toggling query logging, Updating Zone Datafiles negative caching, Caching BIND 8, The Resolver Search Algorithm and Negative Caching (BIND
8) BIND 9, The Resolver Search Algorithm and Negative Caching (BIND
9) max-ncache-ttl options substatement, Interface interval TTL, Changing TTLs Windows XP resolver, Caching negative responses format of, Compatibility net domain, Country-code top-level domains Net::DNS module, Perl Programming with Net::DNS Net::DNS Perl module, Using TSIG NetBIOS names, DNS and WINS network infrastructure, organizatins providing, Country-code top-level domains network interfaces, scanning for nameserver
host, Interface interval Network Modification form, Registering Nameservers network resources, mirrored, Round-Robin Load Distribution Network Solutions, Inc., Choosing a registrar networks deciding number of nameservers, How Many Nameservers? failures, coping with, Coping with Disaster long outages (days), Coping with Disaster failures, planning for, Planning for Disasters names and numbers, Network Names and Numbers newlines, The ABCs of IPv6 Addressing NIS (Network Information Service), Must I Use DNS? deciding if problem is caused by, Is NIS Really Your Problem? nodes, DNS database, The Domain Name System, in a Nutshell noncommercial organizations, Top-Level Domains none (address match list), Address Match Lists and ACLs nonrecursive queries sent between nameservers, Forwarding :: notation, IPv6
addresses, The ABCs of IPv6 Addressing NOTFOUND condition, Additional Configuration Files notice severity, Logging NOTIFY, What’s New in the Fifth Edition? , Primary Master and Slave Servers , DNS NOTIFY (Zone Change Notification) adding nameservers besides those in zone NS records to
list, DNS NOTIFY (Zone Change Notification) announcement identification, DNS NOTIFY (Zone Change Notification) announcements sent by slave after zone
transfer, DNS NOTIFY (Zone Change Notification) BIND slave nameservers not supporting (NOTIMP
error), DNS NOTIFY (Zone Change Notification) response by slave to NOTIFY announcement, DNS NOTIFY (Zone Change Notification) turning off, DNS NOTIFY (Zone Change Notification) zone transfer scheme, complex, DNS NOTIFY (Zone Change Notification) notify substatement (zone), explicit argument, DNS NOTIFY (Zone Change Notification) NS (nameserver) records delegated subdomain checking on parent zone nameserver, Good Parenting explicit TTL specified on, Registering Nameservers query statistics on BIND 8 nameserver, BIND 8 statistics NSAP records, queries on BIND 8 nameserver, BIND 8 statistics NSEC records, Delegating to unsigned zones signed for parent zone, Signing a parent zone NSFNET, A (Very) Brief History of the Internet traffic report, Capacity Planning nslookup common tasks, Avoiding the Search List looking up record types, Avoiding the Search List emulation of resolver or nameserver, Is nslookup a Good Tool? less common tasks, Less Common Tasks options, Option Settings abbreviating, Option Settings BIND 9.3.2, Option Settings Boolean and value, Option Settings changing, Option Settings listed, Option Settings search list, The Search List avoiding, Avoiding the Search List timeouts, Timeouts troubleshooting, Troubleshooting nslookup Problems looking up right data, Troubleshooting nslookup Problems no response from server, No Response from Server unspecified error, Unspecified Error using NIS, Troubleshooting Tools and Techniques versions, Versions zone transfers, Zone Transfers , How to Use named-xfer nsswitch.conf file, Additional Configuration Files , Troubleshooting Tools and Techniques nsupdate program, DNS Dynamic Update -k option, key files generated by
dnssec-keygen, Securing Your Nameserver -y option, Securing Your Nameserver commands, DNS Dynamic Update TSIG-signed dynamic updates, Using TSIG ns_get32 routine, ns_get16 and ns_put16 ns_init_parse routine, ns_get16 and ns_put16 ns_msg_count routine, ns_msg_base, ns_msg_end, and ns_msg_size ns_msg_get_flag routine, ns_msg_base, ns_msg_end, and ns_msg_size ns_msg_id routine, ns_msg_id ns_name_compress routine, ns_msg_id ns_name_skip routine, ns_name_skip ns_name_uncompress routine, ns_name_skip ns_parserr routine, ns_parserr ns_put32 routine, ns_get16 and ns_put16 ns_update( ) resolver routine, DNS Dynamic Update null channel (logging), Logging , stderr channel null label (” “), The Domain Name System, in a Nutshell O one-way hash functions, TSIG open files limit, Changing the open files limit operating systems compiling BIND source code, Getting BIND operations, DNS, Operations options statement allow-query substatement global ACL on zone data, Protecting zone data on the bastion host allow-recursion substatement, Avoiding a Bogus Nameserver allow-transfer substatement, Restricting queries in a particular zone auth-nxdomain substatement, The ABCs of IPv6 Addressing BIND 8, options , masters BIND 9, BIND 9 Options Statement blackhole substatement, System Tuning cleaning-interval substatement, Limiting SOA queries fetch-glue substatement, A Nonrecursive Nameserver forwarders substatement, Forwarding host-statistics substatement, BIND 8 statistics lame-ttl substatement, Compatibility listen-on substatement, Addresses and Ports max-journal-size substatement, Forwarding max-ncache-ttl substatement, Interface interval max-refresh-time substatement, Limiting the frequency of zone transfers max-transfer-idle-in substatement, Limiting the frequency of zone transfers max-transfer-idle-out substatement, Limiting the frequency of zone transfers max-transfer-time-in substatement, Limiting the total number of zone transfers served max-transfer-time-out substatement, Limiting the total number of zone transfers served min-refresh-time substatement, Limiting the frequency of zone transfers query-source substatement, Proxies recursive-clients substatement, Changing the open files limit rfc2308-type1 substatement, Compatibility serial-queries substatement, Limiting SOA queries setting host-statistics, BIND 8 statistics sortlist substatement, Nameserver Address Sorting statistics-interval substatement, Interface interval transfers-out substatement, Limiting the total number of zone transfers served transfers-per-ns, Limiting transfers requested per nameserver use-id-pool substatement, “Resolving” nameserver configuration view statement and, Views options statement (rndc.conf) default-server substatement, Using rndc to control multiple servers options substatements (zone) allow-notify, DNS NOTIFY (Zone Change Notification) speficying also-notify as, DNS NOTIFY (Zone Change Notification) within view statement, Views org domain, Country-code top-level domains , The generic top-level domains $ORIGIN statement, Organizing Your Files OSI Network Service Access Point addresses, domain names
mapped to, BIND 8 statistics P packet-filtering firewalls, Packet filters popular commercial firewalls, Proxies problems with BIND 8 or 9, Proxies parent zones registering nameservers, Registering Nameservers signing, Signing a parent zone partial-slave nameservers registering, Registering Nameservers Perl module, Net::DNS, Securing Your Nameserver Perl scripts, converting IP addresses to names in debugging
output, Tools Perl, programming with Net::DNS, Perl Programming with Net::DNS PID files, Updating Zone Datafiles polling mechanism to determine need for zone
transfer, DNS NOTIFY (Zone Change Notification) port unreachable message, Outages ports configuring for IPv4, Addresses and Ports specifying for nameserver listening, IPv4, Addresses and Ports post (postal community) domain, New top-level domains preference values (MX records), MX Records , The MX Algorithm mailer at highest preference, The MX Algorithm prefixes, IPv6 addresses, The ABCs of IPv6 Addressing primary DNS suffix, The Windows XP Resolver Primary DNS suffix of this computer, Handling Windows clients primary master nameservers datafiles, Zone Datafiles primary nameservers adding, Adding More Nameservers configured to use forwarder, Forwarding delegated subdomain, configuring as slave, Subdomains of in-addr.arpa Domains hidden, External, Authoritative DNS Infrastructure listing in MNAME field of zone SOA record, DNS Dynamic Update registering, Registering Nameservers TTL, Changing TTLs private key, Public-Key Cryptography and Digital Signatures KSKs, Zone-Signing Keys and Key-Signing Keys specifying for dnssec-signzone, Signing your zone pro (professionals) domains, New top-level domains processing mail, MX Records professionals (pro) domains, New top-level domains program examples in this book, Obtaining the Example Programs proxies, Proxies ps command, finding process ID of nameserver, Updating Zone Datafiles pstree program, Updating Zone Datafiles PTR (pointer) records, PTR Records mapping network number to a name, Network Names and Numbers query statistics on BIND 8 nameserver, BIND 8 statistics public key, Public-Key Cryptography and Digital Signatures public-key cryptography, The DNS Security Extensions R rdist tool, Adding More Nameservers reconfig command, rndc program, New rndc commands recursion, Recursion nonrecursive nameserver, A Nonrecursive Nameserver turning off, “Resolving” nameserver configuration recursive queries, Recursion forwarders, nonrecursive nameservers and, Avoiding a Bogus Nameserver resolving nameserver for, “Resolving” nameserver configuration sent by nameservers to forwarder, Forwarding recursive-clients substatement, Changing the open files limit refresh intervals, DNS NOTIFY (Zone Change Notification) limiting zone transfer frequency, Limiting the frequency of zone transfers refresh zone command (rndc program), New rndc commands registering nameservers, Registering Nameservers caching-only, Registering Nameservers partial-slave, Registering Nameservers some of your nameservers, Registering Nameservers registrars, On Registrars and Registries , whois choosing, Choosing a registrar registration policies and procedures, Registering Your Zones registration, On Registrars and Registries anon-nameserver, Registration of a non-nameserver zones, Checking That Your Network Is Registered registries, On Registrars and Registries RIRs, Checking That Your Network Is Registered relative pathnames, The Domain Name System, in a Nutshell reload command rndc program, New rndc commands resolution, Resolution caching, Caching iterative, Recursion recursive, Recursion root nameservers, Resolution resolv.conf file, Resolver Configuration comments in, Comments nonrecursive servers, not listed in, A Nonrecursive Nameserver sample configurations, local nameserver, Minimizing Pain and Suffering resolver routine, ns_update( ), DNS Dynamic Update resolvers, The Domain Name System, in a Nutshell , Configuring Hosts address sorting, Nameserver Address Sorting configuring, Resolver Configuration comments, Comments local domain name, Resolver Configuration search directive, The BIND 4.8.3 search list search list, The Search List timeouts in BIND 4.9 to 8.2, More than one nameserver configured emulation by nslookup, Is nslookup a Good Tool? library routines, Domain Name Compression nameserver serving, “Resolving” nameserver configuration nonrecursive nameservers and, A Nonrecursive Nameserver query messages, Querying Like a BIND Nameserver sample configurations local nameserver, Local Nameserver search algorithm, The Resolver Search Algorithm and Negative Caching (BIND
8) Windows XP, The Windows XP Resolver advanced configuration, The Windows XP Resolver automatic registration, The Windows XP Resolver DNS suffixes, The Windows XP Resolver negative answers, The Windows XP Resolver retransmission algorithm, The Windows XP Resolver resolving nameserver, “Resolving” nameserver configuration resource limits for nameservers core files size limit, Changing the stack size limit data segment size limit, Changing the data segment size limit limiting number of clients, Changing the open files limit limiting SOA queries, Limiting SOA queries open files limit, Changing the open files limit stack size limit, Changing the stack size limit responses from unexpected source, 13. Response from Unexpected Source parsing, ns_parserr res_init routine, herror and h_errno res_mkquery routine, herror and h_errno res_query routine, res_query res_search routine, res_query res_send routine, res_send retransfer zone command (rndc program), New rndc commands return action, The Windows XP Resolver reverse mapping, Setting Up Zone Data IPv6, IPv6 Forward and Reverse Mapping bitstring labels, DNAME records and reverse mapping DNAME records, DNAME records and reverse mapping experimental, A6, DNAMEs, Bitstring Labels, and ip6.arpa queries for domain names sent to forwarders, Using forward zones rfc2308-type1 substatement, Compatibility RIPE Network Coordination Centre, Checking That Your Network Is Registered rndc program -p option, New rndc commands -s option, New rndc commands controlling multiple servers, Using rndc to control multiple servers getting BIND 9 nameserver statistics, BIND 9 statistics new commands (BIND 9.3.2), New rndc commands rndc-confgen command, Using rndc to control multiple servers trace command, Logging root hints caching-only nameserver, Caching-Only Servers root nameservers internal, Using forward zones configuring all internal nameservers to use
them, Configuring other internal nameservers db.root file, The db.root file forward-mapping delegation, Forward-mapping delegation in-addr.arpa delegation, in-addr.arpa delegation mail from internal hosts to the Internet, How internal nameservers use internal roots mail to specific Internet domains, Mail to specific Internet domain names problems with, The trouble with internal roots use by other internal nameservers, How internal nameservers use internal roots recursion and, A Nonrecursive Nameserver resolution, Resolution root node, DNS database, The Domain Name System, in a Nutshell round robin, Address and Alias Records round-robin load distribution, Round-Robin Load Distribution routing loops, preventing for mail, MX Records MX algorithm, The MX Algorithm RR (resource records) (DNS), Additional Resource Records adding/deleting in zone with DNS dynamic
update, DNS Dynamic Update CLASS fields, Classes classes, Resource Records CNAME, Address and Alias Records data, Data Transmission Order DNSKEY record, The DNSKEY Record DNSSEC records, How the Records Are Used DS, The DS Record and the Chain of Trust looking up different types with nslookup, Avoiding the Search List MX, MX Records nonexistent for a domain, Troubleshooting nslookup Problems ns_parserr routine and, ns_parserr re-signing DNSSEC records with
dnssec-signzone, Sending your keys to be signed rotation by nameserver for a domain, Round-Robin Load Distribution TTL changing, Changing TTLs tuning values, Interface interval rrset-order substatement order for records returned by nameserver, Nameserver Address Sorting RRsets adding or deleting with dynamic update, DNS Dynamic Update RRSIG records, Delegating to unsigned zones , How the Records Are Used algorithm field, The RRSIG Record for DS record, Signing a parent zone labels field, The RRSIG Record signature expiration and inception fields, The RRSIG Record signature field, The RRSIG Record signer’s name field, The RRSIG Record rsync tool, Adding More Nameservers RTT (round-trip time) choosing between nameservers based on, Preferring Nameservers on Certain Networks S search algorithm, resolver, The Resolver Search Algorithm and Negative Caching (BIND
8) search directive (BIND resolvers), The BIND 4.8.3 search list search list, The Search List application by dig tool, Using dig avoiding with nslookup, Avoiding the Search List BIND 4.8.3 resolvers, The BIND 4.8.3 search list BIND 4.9 and later, The BIND 4.9 and later search list BIND versions 4.8.3 to 4.9, The BIND 4.9 and later search list nslookup, Is nslookup a Good Tool? second-level domain, Domains security, Security BIND, latest versions, Getting BIND DNS and Internet firewalls, DNS and Internet Firewalls internal roots, Internal Roots split namespace, A Split Namespace DNSSEC, The DNS Security Extensions ENUM, The NAPTR Record nameservers, Securing Your Nameserver BIND versions, Securing Your Nameserver unauthorized zone transfers, Restricting queries in a particular zone TSIG, TSIG sendmail adding alias to sendfmail.cf file, DNS and Email Authentication ANY record queries, BIND 8 statistics CNAME queries to canonicalize mail address, BIND 8 statistics destinations with A record and no MX record, MX Records getting mail to Internet without configuration
changes, How internal nameservers use internal roots mail-routing loop, error message, The MX Algorithm sequence space arithmetic, Starting Over with a New Serial Number serial numbers Active Directory-integrated zones, Microsoft DNS
Server, The ABCs of IPv6 Addressing forgetting to increment, Potential Problem List serial-queries substatement, Limiting SOA queries serial-query-rate options substatement, Limiting SOA queries server statement, server , server associating nameserver with key, New rndc commands transfers substatement, Limiting the total number of zone transfers requested within view statement, Views set command, changing nslookup options, Option Settings set type=any command (nslookup), Troubleshooting nslookup Problems severities debug level 1, stderr channel logging messages, Logging specifying for file channel, File channels shadow namespace, A Split Namespace zone datafile, A Split Namespace shell scripts, programming with nslookup or dig, Shell Script Programming with nslookup shuffle address records, Round-Robin Load Distribution signing, Public-Key Cryptography and Digital Signatures zones parent zone, Signing a parent zone sending keys to be signed, Sending your keys to be signed Simple Mail Transfer Protocol (SMTP), MX Records size substatement (file channel), File channels slave nameservers, Types of Nameservers AXFR queries to initiate zone transfers, BIND 8 statistics configured to use forwarder, Forwarding datafiles, Zone Datafiles network traffic between hidden primary and, External, Authoritative DNS Infrastructure NOTIFY announcements, sending after zone
transfer, DNS NOTIFY (Zone Change Notification) NOTIFY announcment response to master, DNS NOTIFY (Zone Change Notification) polling mechanism to determine need for zone
transfer, DNS NOTIFY (Zone Change Notification) reconfiguring as primary during outages, Coping with Disaster registering, Registering Nameservers TTL, Changing TTLs SMTP (Simple Mail Transfer Protocol), MX Records SOA (start of authority) records changing values refresh value, Changing Other SOA Values limiting number of queries on nameserver, Limiting SOA queries MNAME field, listing primary nameserver for a
zone, DNS Dynamic Update query statistics on BIND 8 nameserver, BIND 8 statistics sortlist substatement, Nameserver Address Sorting SPF (Sender Policy Framework), Versions split namespaces, The trouble with internal roots configuring the bastion host, Configuring the bastion host protecting zone data on bastion host, Protecting zone data on the bastion host security precautions on bastion host
nameserver, Protecting zone data on the bastion host views, using on bastion host, Using views on the bastion host sponsored TLDs (sTLDs), New top-level domains spoofing attacks involving recursion, “Resolving” nameserver configuration NAPTR records, The NAPTR Record response from unexpected source, 13. Response from Unexpected Source SRV records fields, SRV stack size limit, changing for named, Changing the stack size limit statistics BIND, understanding BIND 8, BIND 8 statistics BIND 9, BIND 9 statistics using BIND statistics, Using the BIND statistics statistics-interval substatement, Interface interval stats command rndc program, New rndc commands , BIND 9 statistics stderr channel (logging), stderr channel stealth slave, Internal DNS Infrastructure sTLDs (sponsored TLDs), New top-level domains stub resolver, Resolvers stub zones, Managing delegation with stubs subdomains, The Domain Name System, in a Nutshell , Domains , Parenting creating, How to Become a Parent: Creating Subdomains deciding on delegation, How to Become a Parent: Creating Subdomains deciding how many to implement, When to Become a Parent delegated, Delegation signed and unsigned, Islands of security delegating, Delegating Subdomains delegation checking using host, Good Parenting domain name, Domains lifecycle of parent domain, The Life of a Parent managing transition to, Managing the Transition to Subdomains naming, What to Name Your Children establishing conventions, What to Name Your Children of generic top-level domains, The generic top-level domains of in-addr.arpa domains, Subdomains of in-addr.arpa Domains reasons for implementing, When to Become a Parent responsibility for, The Domain Name System, in a Nutshell rules for dividing domain into, What to Name Your Children subnet ID (IPv6), The ABCs of IPv6 Addressing subnets looking up name for IP address, Network Names and Numbers SUCCESS condition, Additional Configuration Files suffixes DNS, using with Windows XP resolver, The Windows XP Resolver IPv6 addresses, The ABCs of IPv6 Addressing symmetric encryption algorithms, Public-Key Cryptography and Digital Signatures syslog common messages bad owner name, Common Syslog Messages lame server, Common Syslog Messages Malformed response, Common Syslog Messages reloading nameserver, Common Syslog Messages Response from unexpected source, Common Syslog Messages configuring channel to go to, Logging logging channels directed to, File channels NOTIFY message information, DNS NOTIFY (Zone Change Notification) severity levels, Logging T TCP/IP (Transmission Control Protocol/Internet
Protocol), A (Very) Brief History of the Internet thaw zone command (rndc program), New rndc commands Through the Looking-Glass, Quotations timeouts BIND versions 4.9 to 8.2, More than one nameserver configured versions 8.2 and later, More than one nameserver configured top-level domains country code, Country-code top-level domains existing or reserved names, not using to name
subdomains, How to Become a Parent: Creating Subdomains Internet domain namespace, The Internet Domain Namespace new, New top-level domains generic top-level domains, New top-level domains traditions and extent to which they are
followed, New top-level domains topology feature (BIND 8), Preferring Nameservers on Certain Networks trace command rndc program, Logging traceroute, 8. Loss of Network Connectivity transfers substatement, Limiting the total number of zone transfers requested transports IPv4, Addresses and Ports travel domain, New top-level domains tree structure, DNS database, The Domain Name System, in a Nutshell troubleshooting, Troubleshooting DNS and BIND forgot to increment serial number, Potential Problem List local name can’t be looked up, Problem Symptoms NIS, Is NIS Really Your Problem? response from unexpected source, 13. Response from Unexpected Source using named-xfer, Troubleshooting Tools and Techniques trust anchor, Islands of security trusted-keys statement, Islands of security , Signing a parent zone , server , server TRYAGAIN condition, Additional Configuration Files TSIG (transaction signatures), Versions , TSIG configuring keys, Configuring TSIG time synchronization, Configuring TSIG errors, TSIG Errors GSS-TSIG, Secure Dynamic Update limitations of, The DNS Security Extensions one-way hash functions, TSIG records, TSIG TTL (time to live), Interface interval changing, Changing TTLs explicit, specified on NS records, Registering Nameservers raising default for zones not changing
frequently, Planning for Disasters records in root hints file, Setting Up a BIND Configuration File TXT records queries on BIND 8 nameserver, BIND 8 statistics SPF, The Sender Policy Framework common mechanisms used in, The Sender Policy Framework U UDP datagrams, EDNS0 uk domain, organizationally oriented subdomains, New top-level domains UNAVAIL condition, Additional Configuration Files uncompressing domain names, ns_name_skip Unicode, Internationalized Domain Names converting ACE to and from, DNS and WINS Unix BIND software included with, Getting BIND domain sockets, rndc and controls (BIND 9) end-of-line sequence, Compatibility networking commands, search list applied to domain name
argument, The BIND 4.9 and later search list Unix epoch, converting to date, BIND 9 statistics Unix filesystem, DNS database versus, The Domain Name System, in a Nutshell unsigned zones, delegating to, Islands of security unsponsored gTLDs, New top-level domains update forwarding, DNS Dynamic Update TSIG-signed, TSIG-Signed Updates update-policy substatement, Securing Your Nameserver URIs, mapping E.165 numbers to, ENUM use-id-pool substatement, “Resolving” nameserver configuration V value options (nslookup), Option Settings verifying, Public-Key Cryptography and Digital Signatures versions substatement (file channel), File channels view statement, Views , view match-clients substatement, Views match-destinations substatement, Views match-recursive-only substatement, Views types of substatements, Views views, Views full named.conf file (example), Views support by BIND 9, Getting BIND using on bastion host, Using views on the bastion host W warning severity, Logging whois, whois finding right whois server, whois wildcard MX records, How internal nameservers use internal roots wildcards, Wildcards WINCH signal, Using Signals Windows 2000 DNS white paper, The Windows XP Resolver Windows operating systems, DNS, Windows, and Active Directory end-of-line sequence, Compatibility using dynamic update, DNS, Windows, and Active Directory Windows Server 2003, Handling Windows servers Windows XP resolver, The Windows XP Resolver advanced configuration, The Windows XP Resolver automatic registration, The Windows XP Resolver DNS suffixes, The Windows XP Resolver negative answers, handling of, The Windows XP Resolver retransmission algorithm, The Windows XP Resolver WINS (Windows Internet Name Service), Must I Use DNS? , DNS and WINS Z zone ca (Canada), Nameservers and Zones zone datafiles, Zone Datafiles , Setting Up Zone Data comments and blank lines, Comments db.movie.edu.signed (example), Signing your zone DNS resource records, The Zone Datafiles internal and external views, Views organizing, Organizing Your Files root zone (db.root), The db.root file setting up NS records, NS Records PTR records, PTR Records shadow namespace, A Split Namespace TTL, changing on resource records, Changing TTLs updating, Updating Zone Datafiles root hints, Keeping the Root Hints Current TXT records, General text information zone statement, server allow-query substatement, Restricting queries in a particular zone also-notify substatement, DNS NOTIFY (Zone Change Notification) BIND 8, zone dialup substatement, Network Names and Numbers ixfr-base, BIND 8 IXFR Configuration masters substatement, DNS NOTIFY (Zone Change Notification) , The ABCs of IPv6 Addressing port specification, Addresses and Ports max-refresh-time substatement, Limiting the frequency of zone transfers max-transfer-idle-in substatement, Limiting the frequency of zone transfers max-transfer-idle-out substatement, Limiting the frequency of zone transfers max-transfer-time-in substatement, Limiting the total number of zone transfers served max-transfer-time-out substatement, Limiting the total number of zone transfers served min-refresh-time substatement, Limiting the frequency of zone transfers multi-master substatement, The ABCs of IPv6 Addressing turning off NOTIFY, DNS NOTIFY (Zone Change Notification) within view statement, Views zone transfers, Limiting transfers requested per nameserver access lists, Getting BIND complex, example of, DNS NOTIFY (Zone Change Notification) following NOTIFY announcement, DNS NOTIFY (Zone Change Notification) incremental, Versions , Getting BIND , Incremental Zone Transfer (IXFR) initiation by AXFR queries, BIND 8 statistics limiting duration of inbound, Limiting the total number of zone transfers served limiting frequency of, Limiting the frequency of zone transfers limiting idle time, Limiting the frequency of zone transfers limiting requests per nameserver, System Tuning limiting total number requested, Limiting the total number of zone transfers requested limiting total number served simultaneously, Limiting the total number of zone transfers served more efficient, with many-answers format, Limiting the frequency of zone transfers nslookup, Zone Transfers polling scheme by slave nameservers to determine need
for, DNS NOTIFY (Zone Change Notification) preventing unauthorized transfers, Restricting queries in a particular zone using named-xfer, Troubleshooting Tools and Techniques zones, Preface , The Domain Name System, in a Nutshell , Nameservers and Zones change notification (DNS NOTIFY), DNS NOTIFY (Zone Change Notification) delegating hosting of, Must I Use DNS? domains versus, Nameservers and Zones example (Movie University), Our Zone forward zones, Forward Zones , Using forward zones nameserver authority for, Nameservers and Zones reason for existing, What to Name Your Children registering, Checking That Your Network Is Registered setting up zone data, Setting Up Zone Data zone datafiles, Setting Up Zone Data , Setting the Zone’s Default TTL signing, Zone-Signing Keys and Key-Signing Keys parent zone, Signing a parent zone sending keys to be signed, Sending your keys to be signed stub zones, Managing delegation with stubs top-level, authoritative nameservers for, Resolution unsigned, deletating to, Islands of security ZSKs (zone-signing keys), Signing your zone
..................Content has been hidden....................
You can't read the all page of ebook, please click
here login for view all page.