Alternative DNS Servers Alternative DNS Servers Choice and deployment, and optional SQL/LDAP back-ends Jan-Piet Mens UIT CAMBRIDGE LTD. CAMBRIDGE,ENGLAND FirstpublishedinEnglandin2009. UITCambridgeLtd. POBox145 Cambridge CB41GQ England Tel:+441223302041 Web:www.uit.co.uk Copyright©2009UITCambridgeLtd. Allrightsreserved. ISBN978-0-9544529-9-5 TherightofJan-PietMenstobeidentifiedastheauthorofthiswork hasbeenassertedbyhiminaccordancewiththeCopyright,Designs andPatentsAct1988. Theprogramsandinstructionsinthisbookhavebeenincludedfor theirinstructionalvalue.Neitherthepublishernortheauthoroffers anywarrantiesorrepresentationsinrespectoftheirfitnessfora particularpurpose,nordotheyacceptacceptanyliabilityforany lossordamagearisingfromtheiruse. Thepublicationisdesignedtoprovideaccurateandauthoritative informationinregardtothesubjectmattercovered.Neitherthe publishernortheauthormakesanyrepresentation,expressor implied,withregardtotheaccuracyofinformationcontainedin thisbook,nordotheyacceptanylegalresponsibilityorliabilityfor anyerrorsoromissionsthatmaybemade.Thisworkissupplied withtheunderstandingthatUITCambridgeLtdanditsauthorsare supplyinginformation,butarenotattemptingtorenderengineering orotherprofessionalservices.Ifsuchservicesarerequired,the assistanceofanappropriateprofessionalshouldbesought. Manyofthedesignationsusedbymanufacturersandsellersto distinguishtheirproductsareclaimedastrade-marks.UIT CambridgeLtdacknowledgestrademarksasthepropertyoftheir respectiveowners. 10987654321 To Alexandra Foryourinterest,support,andenthusiasm(aswellasrelentless page-count-checking)duringthisproject,andforbeingmygreatest fan. Related Titles PracticalTCP/IP–Designing,using,andtroubleshootingTCP/IP networksonLinuxandWindows,(Secondedition)NiallMansfield TheEximSMTPMailServer–OfficialGuideforRelease4,(Second edition)PhilipHazel The Joy of X – The architecture of the X window system, Niall Mansfield Contents at a glance PartI Preparation 1 1 IntroductiontotheDNS 3 2 Howtorepresentzonedataandwheretostoreit 29 3 Preparingforyourimplementation 59 PartII TheDNSservers 73 4 MaraDNS 75 5 MyDNS 95 6 PowerDNSAuthoritativeServer 113 7 AnoverviewofBIND 167 8 BIND’sSimplifiedDatabaseInterface 187 9 BindDLZ 213 10 NameServerDaemon(NSD) 261 11 tinydns 283 12 ldapdns 315 13 dnsmasq 331 14 DNSonMicrosoftWindows 349 15 DNSandPerl 357 16 DNSblacklists 371 17 Cachingnameservers 387 18 DelegationandprivateDNSroots 435 PartIII OperationalIssues 453 19 UpdatingDNSzonesandtheirassociatedrecords 455 20 TheNameServiceSwitch 487 21 InternationalizedDomainNames 497 22 IntroducingDNSSEC 505 23 Performance 545 24 SecuringandmonitoringyourDNSservers 563 Appendixes 579 A Gettingstartedwith(Open)LDAP 579 B Use$INCLUDEandfixyourSOA 604 C BINDSDB 607 D BindDLZ 615 E PerlDNSnameservers 621 F UserDefinedFunctionsinMySQL 629 G Bitsandpieces 637 H ScriptingPowerDNSRecursorwiththeLuaprogramminglanguage 645 Copyright©UITCambridgeLtd.2009.Allrightsreserved.Forpersonalandnoncommercialuseonly.Cheatswillhavefingersremoved.