DOCSLIB.ORG

BIND 9 Administrator Reference Manual

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
BIND 9 Administrator Reference Manual BIND 9 Administrator Reference Manual BIND 9.15.1 (Development Release) Copyright (C) 2000-2019 Internet Systems Consortium, Inc. ("ISC") This Source Code Form is subject to the terms of the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/. Internet Systems Consortium 950 Charter Street Redwood City, California USA https://www.isc.org/ Contents 1 Introduction 1 1.1 Scope of Document . .1 1.2 Organization of This Document . .1 1.3 Conventions Used in This Document . .1 1.4 The Domain Name System (DNS) . .2 DNS Fundamentals . .2 Domains and Domain Names . .2 Zones . .3 Authoritative Name Servers . .3 The Primary Master . .3 Slave Servers . .4 Stealth Servers . .4 Caching Name Servers . .4 Forwarding . .5 Name Servers in Multiple Roles . .5 2 BIND Resource Requirements7 2.1 Hardware requirements . .7 2.2 CPU Requirements . .7 2.3 Memory Requirements . .7 2.4 Name Server Intensive Environment Issues . .7 2.5 Supported Operating Systems . .8 iii BIND 9.15.1 CONTENTS CONTENTS 3 Name Server Configuration9 3.1 Sample Configurations . .9 A Caching-only Name Server . .9 An Authoritative-only Name Server . .9 3.2 Load Balancing . 10 3.3 Name Server Operations . 11 Tools for Use With the Name Server Daemon . 11 Diagnostic Tools . 11 Administrative Tools . 12 Signals . 13 3.4 Plugins . 14 Configuring Plugins . 14 Developing Plugins . 14 4 Advanced DNS Features 17 4.1 Notify . 17 4.2 Dynamic Update . 17 The journal file . 18 4.3 Incremental Zone Transfers (IXFR) . 18 4.4 Split DNS . 19 Example split DNS setup . 19 4.5 TSIG . 22 Generating a Shared Key . 23 Loading A New Key . 23 Instructing the Server to Use a Key . 24 TSIG-Based Access Control . 24 Errors . 24 4.6 TKEY . 25 4.7 SIG(0) . 25 4.8 DNSSEC . 26 Generating Keys . 26 Signing the Zone . 27 Configuring Servers for DNSSEC . 27 4.9 DNSSEC, Dynamic Zones, and Automatic Signing . 29 BIND 9.15.1 iv CONTENTS CONTENTS Converting from insecure to secure . 29 Dynamic DNS update method . 30 Fully automatic zone signing . 31 Private-type records . 31 DNSKEY rollovers . 32 Dynamic DNS update method . 32 Automatic key rollovers . 32 NSEC3PARAM rollovers via UPDATE . 33 Converting from NSEC to NSEC3 . 33 Converting from NSEC3 to NSEC . 33 Converting from secure to insecure . 33 Periodic re-signing . 33 NSEC3 and OPTOUT . 33 4.10 Dynamic Trust Anchor Management . 34 Validating Resolver . 34 Authoritative Server . 34 4.11 PKCS#11 (Cryptoki) support . 35 Prerequisites . 35 Native PKCS#11 . 35 Building SoftHSMv2 . 36 OpenSSL-based PKCS#11 . 36 Patching OpenSSL . 37 Building OpenSSL for the AEP Keyper on Linux . 38 Building OpenSSL for the SCA 6000 on Solaris . 38 Building OpenSSL for SoftHSM . 38 Configuring BIND 9 for Linux with the AEP Keyper . 39 Configuring BIND 9 for Solaris with the SCA 6000 . 39 Configuring BIND 9 for SoftHSM . 40 PKCS#11 Tools . 40 Using the HSM . 40 Specifying the engine on the command line . 42 Running named with automatic zone re-signing . 42 4.12 DLZ (Dynamically Loadable Zones) . 43 v BIND 9.15.1 CONTENTS CONTENTS Configuring DLZ . 43 Sample DLZ Driver . 44 4.13 DynDB (Dynamic Database) . 44 Configuring DynDB . 45 Sample DynDB Module . 45 4.14 Catalog Zones . 45 Principle of Operation . 46 Configuring Catalog Zones . 47 Catalog Zone format . 47 4.15 IPv6 Support in BIND 9 . 49 Address Lookups Using AAAA Records . 49 Address to Name Lookups Using Nibble Format . 50 5 BIND 9 Configuration Reference 51 5.1 Configuration File Elements . 51 Address Match Lists . ..
Load more

Recommended publications
  • Graduationl Speakers
    Graduationl speakers ~~~~~~~~*L-- --- I - I -· P 8-·1111~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ stress public service By Andrew L. Fish san P. Thomas, MIT's Lutheran MIT President Paul E. Gray chaplain, who delivered the inlvo- '54 told graduating students that cation. "Grant that we may use their education is "more than a the privilege of this MIT educa- meal ticket" and should be used tion and degree wisely - not as to serve "the public interest and an entitlement to power or re- the common good." His remarks gard, but as a means to serve," were made at MIT's 122nd com- Thomas said. "May the technol- mencement on May 27. A total ogy that we use and develop be of 1733 students received 1899 humane, and the world we create degrees at the ceremony, which with it one in which people can was held in Killian Court under live more fully human lives rather sunny skies, than less, a world where clean air The importance of public ser- and water, adequate food and vice was also emphasized by Su- shelter, and freedom from fear and want are commonplace rath- Prof. IVMurman er than exceptional." named to Proj. Text of CGray's commencement address. Page 2. Athena post In his commencement address, By Irene Kuo baseball's National League Presi- Professor Earll Murman of the dent A. Bartlett Giamatti urged Department of Aeronautics and graduates to "have the courage to Astronautics was recently named connect" with people of all ideo- the new director of Project Athe- logies. Equality will come only ~~~~~~~~~~~~~~~~~,,4. na by Gerald L.
    [Show full text]
  • Section 1: MIT Facts and History
    1 MIT Facts and History Economic Information 9 Technology Licensing Office 9 People 9 Students 10 Undergraduate Students 11 Graduate Students 12 Degrees 13 Alumni 13 Postdoctoral Appointments 14 Faculty and Staff 15 Awards and Honors of Current Faculty and Staff 16 Awards Highlights 17 Fields of Study 18 Research Laboratories, Centers, and Programs 19 Academic and Research Affiliations 20 Education Highlights 23 Research Highlights 26 7 MIT Facts and History The Massachusetts Institute of Technology is one nologies for artificial limbs, and the magnetic core of the world’s preeminent research universities, memory that enabled the development of digital dedicated to advancing knowledge and educating computers. Exciting areas of research and education students in science, technology, and other areas of today include neuroscience and the study of the scholarship that will best serve the nation and the brain and mind, bioengineering, energy, the envi- world. It is known for rigorous academic programs, ronment and sustainable development, informa- cutting-edge research, a diverse campus commu- tion sciences and technology, new media, financial nity, and its long-standing commitment to working technology, and entrepreneurship. with the public and private sectors to bring new knowledge to bear on the world’s great challenges. University research is one of the mainsprings of growth in an economy that is increasingly defined William Barton Rogers, the Institute’s founding pres- by technology. A study released in February 2009 ident, believed that education should be both broad by the Kauffman Foundation estimates that MIT and useful, enabling students to participate in “the graduates had founded 25,800 active companies.
    [Show full text]
  • Getting Started Computing at the Al Lab by Christopher C. Stacy Abstract
    MASSACHUSETTS INSTITUTE OF TECHNOLOGY ARTIFICIAL INTELLI..IGENCE LABORATORY WORKING PAPER 235 7 September 1982 Getting Started Computing at the Al Lab by Christopher C. Stacy Abstract This document describes the computing facilities at the M.I.T. Artificial Intelligence Laboratory, and explains how to get started using them. It is intended as an orientation document for newcomers to the lab, and will be updated by the author from time to time. A.I. Laboratory Working Papers are produced for internal circulation. and may contain information that is, for example, too preliminary or too detailed for formal publication. It is not intended that they should be considered papers to which reference can be made in the literature. a MASACHUSETS INSTITUTE OF TECHNOLOGY 1982 Getting Started Table of Contents Page i Table of Contents 1. Introduction 1 1.1. Lisp Machines 2 1.2. Timesharing 3 1.3. Other Computers 3 1.3.1. Field Engineering 3 1.3.2. Vision and Robotics 3 1.3.3. Music 4 1,3.4. Altos 4 1.4. Output Peripherals 4 1.5. Other Machines 5 1.6. Terminals 5 2. Networks 7 2.1. The ARPAnet 7 2.2. The Chaosnet 7 2.3. Services 8 2.3.1. TELNET/SUPDUP 8 2.3.2. FTP 8 2.4. Mail 9 2.4.1. Processing Mail 9 2.4.2. Ettiquette 9 2.5. Mailing Lists 10 2.5.1. BBoards 11 2.6. Finger/Inquire 11 2.7. TIPs and TACs 12 2.7.1. ARPAnet TAC 12 2.7.2. Chaosnet TIP 13 3.
    [Show full text]
  • Design of an Ethernet Monitor and Protocol Analyzer Gwenna S
    Iowa State University Capstones, Theses and Retrospective Theses and Dissertations Dissertations 1990 Design of an Ethernet monitor and protocol analyzer Gwenna S. Jacobson Iowa State University Follow this and additional works at: https://lib.dr.iastate.edu/rtd Part of the Hardware Systems Commons Recommended Citation Jacobson, Gwenna S., "Design of an Ethernet monitor and protocol analyzer" (1990). Retrospective Theses and Dissertations. 16878. https://lib.dr.iastate.edu/rtd/16878 This Thesis is brought to you for free and open access by the Iowa State University Capstones, Theses and Dissertations at Iowa State University Digital Repository. It has been accepted for inclusion in Retrospective Theses and Dissertations by an authorized administrator of Iowa State University Digital Repository. For more information, please contact [email protected]. Design of an Ethernet monitor and protocol analyzer by Gwenna S. Jacobson A Thesis Submitted to the Graduate Faculty in Partial Fulfillment of the Requirements for the Degree of MASTER OF SCIENCE Department: Electrical Engineering and Computer Engineering Major: Computer Engineering Signatures have been redacted for privacy Iowa State University Ames, Iowa 1990 11 TABLE OF CONTENTS ACKNOWLEDGEMENTS VIll 1. INTRODUCTION ... 1 2. MONITORING TECHNIQUES 3 2.1 C en t ralized ~Ioni tor 3 2.1.1 Probe Monitor 3 2.1.2 Spy Monitor. 3 2.2 Distributed Monitor 4 2.3 Hybrid l\Ionitor ... 4 3. NETWORK PROTOCOLS .5 3.1 OSlo 5 3.1.1 Physical Layer. 6 3.1.2 Data Link Layer 6 3.1.3 Network Layer 8 3.1.4 Transport Layer. 11 3.1.5 Session Layer .
    [Show full text]
  • A Static Analysis Framework for Security Properties in Mobile and Cryptographic Systems
    A Static Analysis Framework for Security Properties in Mobile and Cryptographic Systems Benyamin Y. Y. Aziz, M.Sc. School of Computing, Dublin City University A thesis presented in fulfillment of the requirements for the degree of Doctor of Philosophy Supervisor: Dr Geoff Hamilton September 2003 “Start by doing what’s necessary; then do what’s possible; and suddenly you are doing the impossible” St. Francis of Assisi To Yowell, Olivia and Clotilde Declaration I hereby certify that this material, which I now submit for assessment on the programme of study leading to the award of the degree of Doctor of Philosophy (Ph.D.) is entirely my own work and has not been taken from the work of others save and to the extent that such work has been cited and acknowledged within the text of my work. Signed: I.D. No.: Date: Acknowledgements I would like to thank all those people who were true sources of inspiration, knowledge, guidance and help to myself throughout the period of my doctoral research. In particular, I would like to thank my supervisor, Dr. Geoff Hamilton, without whom this work would not have seen the light. I would also like to thank Dr. David Gray, with whom I had many informative conversations, and my colleagues, Thomas Hack and Fr´ed´ericOehl, for their advice and guidance. Finally, I would like to mention that the work of this thesis was partially funded by project IMPROVE (Enterprise Ireland Strategic Grant ST/2000/94). Benyamin Aziz Abstract We introduce a static analysis framework for detecting instances of security breaches in infinite mobile and cryptographic systems specified using the languages of the π-calculus and its cryptographic extension, the spi calculus.
    [Show full text]
  • Edition with Romkey, April 16, 1986 (PDF)
    PC/IP User's Guide MASSACHUSETTS INSTITUTE OF TECHNOLOGY Laboratory For Computer Science Network programs based on the DoD Internet Protocol for the mM Personal Computer PC/~ release or March, 1986; document updated Aprill4, 1986 by: Jerome H. Saltzer John L. Romkey .• Copyright 1984, 1985, 1986 by the Massachusetts Institute or Technology Permission to use, copy, modlt'y, and distribute these programs and their documentation ror any purpose and without ree ls hereby granted, provided that this copyright and permission notice appear on all copies and supporting documentation, the name or M.I.T. not be used in advertising or publlclty pertalnlng to dlstrlbutlon or the programs without written prior permission, and notice be glven in supporting documentation that copying and distribution ls by permlsslon or M.I.T. M.I.T. makes no representations about the suitablllty or this software for any purpose. It is provided "as ls" without express or Implied warranty. - ii - CREDITS The PC/IP packages are bullt on the work of many people in the TCP/IP community, both at M.I.T. and elsewhere. Following are some of the people who directly helped in the creation of the packages. Network environment-John L. Romkey Terminal emulator and customizer-David A. Bridgham Inltlal TFTP-Kari D. Wright Inltlal telnet-Louls J. Konopelskl Teinet model-David D. Clark Tasking package-Larry W. Allen Development system-Christopher J. Terman Development environment-Wayne C. Gramlich Administrative Assistant-Muriel Webber October 3, 1985. This document is in cover .mss - iii- - iv Table of Contents 1. Overview of PC/IP network programs 1 1.1.
    [Show full text]
  • Caad Futures Digital Proceedings 1987 179
    CAAD FUTURES DIGITAL PROCEEDINGS 1987 179 The role of media technology in the design studio P.Purcell Massachusetts Institute of Technology (U.S.A.) ABSTRACT: This paper refers to a program of work, which aims to integrate a range of computer-based multi-media technologies which has the overall goal of enhancing the processes of education in the design studio. The individual projects describe the development of visual information systems and intelligent design systems. The framework of support for much of the work is Project Athena, a campus wide initiative to apply new technology towards enhancing the educational process project. 1. INTRODUCTION The origins of the work, described in this paper lie in the awareness amongst university circles that the increasing pervasiveness of computers on the campus was not being matched by a concomitant thrust to use this facility in support of the processes of university education on the computer intensive campus. The emergence in the early eighties of a number of similar initiatives to investigate the potential of computers and associated media technologies as a support facility to enhance the processes of university education was a direct response to a general awareness that the potential was simply not being exploited. In the case of Massachusetts Institute of Technology, this initiative emerged as Project Athena. Athena provides the umbrella support for most of the developments described in this paper. Its focus is the potential of computers and media technology in the design studio and in design education generally, (especially referring to architectural design & graphic design). Design process and the visual image are key aspects of these disciplines and the work described here revolves around both of these elements.
    [Show full text]
  • Questions and Answers About Project Athena
    DRAFT October 31, 1986 QUESTIONS AND ANSWERS ABOUT PROJECT ATHENA by Steven R. Lerman Director Preface Project Athena is the largest university-wide educational program MIT has ever undertaken. Over time, Athena will influence the academic and social environment at the Institute in diverse ways. As with most ambitious programs, Athena raises a broad range of questions. This document tries to answer the most commonly-asked questions. It is in- tended primarily for students who are unfamiliar with Athena, its goals, its progress and its future directions. It also provides pointers on how to obtain more detailed information about various subjects. If you can't find answers to questions you have, follow the usual approach at MIT—ask someone else. Find someone on the Athena staff, and he or she will try to help. Athena will probably change your educational experience at MIT. Oc- casionally, you may experience some of the frustration that always is as- sociated with being on the leading edge of a new technology. At times, the changes seem to occur far too slowly; at other times, they happen too quickly. Just remember that part of the reason you came to MIT was to be part of the excitement associated with the forefront of technology and science! , What is Project Athena? In May 1983, MIT announced the establishment of a five-year program to ex- plore new, innovative uses of computing in the MIT curriculum. The MIT faculty was concerned that too little was being done to integrate the new com- putational technology into the undergraduate educational experience.
    [Show full text]
  • Using History to Teach Computer Science and Related Disciplines
    Computing Research Association Using History T o T eachComputer Science and Related Disciplines Using History To Teach Computer Science and Related Disciplines Edited by Atsushi Akera 1100 17th Street, NW, Suite 507 Rensselaer Polytechnic Institute Washington, DC 20036-4632 E-mail: [email protected] William Aspray Tel: 202-234-2111 Indiana University—Bloomington Fax: 202-667-1066 URL: http://www.cra.org The workshops and this report were made possible by the generous support of the Computer and Information Science and Engineering Directorate of the National Science Foundation (Award DUE- 0111938, Principal Investigator William Aspray). Requests for copies can be made by e-mailing [email protected]. Copyright 2004 by the Computing Research Association. Permission is granted to reproduce the con- tents, provided that such reproduction is not for profit and credit is given to the source. Table of Contents I. Introduction ………………………………………………………………………………. 1 1. Using History to Teach Computer Science and Related Disciplines ............................ 1 William Aspray and Atsushi Akera 2. The History of Computing: An Introduction for the Computer Scientist ……………….. 5 Thomas Haigh II. Curricular Issues and Strategies …………………………………………………… 27 3. The Challenge of Introducing History into a Computer Science Curriculum ………... 27 Paul E. Ceruzzi 4. History in the Computer Science Curriculum …………………………………………… 33 J.A.N. Lee 5. Using History in a Social Informatics Curriculum ....................................................... 39 William Aspray 6. Introducing Humanistic Content to Information Technology Students ……………….. 61 Atsushi Akera and Kim Fortun 7. The Synergy between Mathematical History and Education …………………………. 85 Thomas Drucker 8. Computing for the Humanities and Social Sciences …………………………………... 89 Nathan L. Ensmenger III. Specific Courses and Syllabi ………………………………………....................... 95 Course Descriptions & Syllabi 9.
    [Show full text]
  • An Inessential Guide to Athena ∗ (Revision : 1.32)
    An Inessential Guide to Athena ∗ (Revision : 1:32) The Student Information Processing Board January 11, 2011 ∗Copyright c 1987{2011 Student Information Processing Board, Massachusetts Institute of Technology Contents Purpose and Conventions . 2 SIPB and /mit/sipb: who? what? when? where? why? how? . 3 Reading Mail and Bulletin Boards On Athena . 4 Evolution and Pine . 4 Other Mail Readers . 4 The Discuss Bulletin Board System . 5 Usenet . 5 Instant Messaging at MIT: Zephyr et al . 6 What is Zephyr? . 6 How can I tell if someone's logged in? . 6 AFS: The Andrew Filesystem . 8 AFS Volume? Why do I care how loud my files are? . 8 How do I use AFS?..................................... 9 Authenticating to AFS ................................... 9 File protections under AFS ................................ 9 Where to go for more . 11 Lost Contact With File Server . 12 What This Means To You . 12 What Did All That Mean? . 12 So What Did I Lose? . 12 So What Should I Worry About? . 13 But I Can't Save My Files! . 14 1 Useful Lockers . 15 Kerberos: Athena's Watchdog . 17 Graphics on Athena . 19 Quick Work . 19 The GIMP . 19 Moira: Athena glue-all, or Your Fate . 20 Things Not To Do . 20 How to manage lists . 20 Getting information through moira . 21 What are you waiting for? . 22 But wait! There's more . 22 Accessing Athena Remotely . 23 Why would I want to login to Athena remotely? . 23 What is SSH? . 23 Forwarding mail . 23 Web interfaces . 24 Debathena installer . 24 Acknowledgments and other randomness . 25 2 Purpose and Conventions The Student Information Processing Board (SIPB) compiled this document to provide a catalog of the less-publicized commands and capabilities of the Athena system for people who have learned the basics of Unix.
    [Show full text]
  • Latest Result of DNSSEC Validation
    BIND 9 Administrator Reference Manual Internet Systems Consortium Sep 23, 2021 CONTENTS 1 Introduction 1 1.1 Scope of Document ............................................ 1 1.2 Organization of This Document ..................................... 1 1.3 Conventions Used in This Document ................................... 1 1.4 The Domain Name System (DNS) .................................... 2 2 BIND Resource Requirements 7 2.1 Hardware Requirements ......................................... 7 2.2 CPU Requirements ............................................ 7 2.3 Memory Requirements .......................................... 7 2.4 Name Server-Intensive Environment Issues ............................... 7 2.5 Supported Operating Systems ...................................... 8 3 Name Server Configuration 9 3.1 Sample Configurations .......................................... 9 3.2 Load Balancing .............................................. 10 3.3 Name Server Operations ......................................... 11 3.4 Plugins .................................................. 13 4 BIND 9 Configuration Reference 15 4.1 Configuration File Elements ....................................... 15 4.2 Configuration File Grammar ....................................... 18 4.3 Zone File ................................................. 105 4.4 BIND 9 Statistics ............................................. 110 5 Advanced DNS Features 117 5.1 Notify ................................................... 117 5.2 Dynamic Update ............................................
    [Show full text]
  • Final Report of Community Feedback and Recommendations January 2016 Final Report of Community Feedback and Recommendations | 2
    Final Report of Community Feedback and Recommendations January 2016 Final Report of Community Feedback and Recommendations | 2 Contents INTRODUCTION..........................................................................................................................................3 A LEGACY OF TRANSFORMATION.....................................................................................................8 A Founding Vision Rooted in Innovation...................................................................................8 The War Effort...................................................................................................................................9 Engaging for Impact in the Late 20th Century.....................................................................10 Confronting Another Pivotal Period.........................................................................................11 MIT INNOVATION INITIATIVE STRATEGY.....................................................................................12 INNOVATION EDUCATION & PRACTICE......................................................................................13 INNOVATION RESEARCH & POLICY................................................................................................16 Developing the Science of Innovation......................................................................................16 Key Themes for the Science of Innovation.............................................................................17 INNOVATION COMMUNITIES.............................................................................................................20
    [Show full text]