old-www/HOWTO/DNS-HOWTO-2.html

129 lines
6.3 KiB
HTML

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<HTML>
<HEAD>
<META NAME="GENERATOR" CONTENT="SGML-Tools 1.0.9">
<TITLE>DNS HOWTO : Introduction.</TITLE>
<LINK HREF="DNS-HOWTO-3.html" REL=next>
<LINK HREF="DNS-HOWTO-1.html" REL=previous>
<LINK HREF="DNS-HOWTO.html#toc2" REL=contents>
</HEAD>
<BODY>
<A HREF="DNS-HOWTO-3.html">Next</A>
<A HREF="DNS-HOWTO-1.html">Previous</A>
<A HREF="DNS-HOWTO.html#toc2">Contents</A>
<HR>
<H2><A NAME="intro"></A> <A NAME="s2">2. Introduction.</A></H2>
<P><B>What this is and isn't.</B>
<P>
<P>DNS is the Domain Name System. DNS converts machine names to the
IP addresses that all machines on the net have. It translates (or
"maps" as the jargon would have it) from name to address and from
address to name, and some other things. This HOWTO documents how to
define such mappings using Unix system, with a few things specific to
Linux.
<P>
<P>A mapping is simply an association between two things, in this case
a machine name, like <CODE>ftp.linux.org</CODE>, and the machine's IP number
(or address) <CODE>199.249.150.4</CODE>. DNS also contains mappings the other
way, from the IP number to the machine name; this is called a "reverse
mapping".
<P>
<P>DNS is, to the uninitiated (you ;-), one of the more opaque areas
of network administration. Fortunately DNS isn't really that hard.
This HOWTO will try to make a few things clearer. It describes how to
set up a <EM>simple</EM> DNS name server, starting with a caching only
server and going on to setting up a primary DNS server for a domain.
For more complex setups you can check the
<A HREF="DNS-HOWTO-10.html#qanda">qanda</A> section of this document. If it's not described there
you will need to <EM>read</EM> the Real Documentation. I'll get back to
what this Real Documentation consists of in
<A HREF="DNS-HOWTO-11.html#bigger">the last chapter</A>.
<P>
<P>Before you start on this you should configure your machine so that
you can telnet in and out of it, and successfully make all kinds of
connections to the net, and you should especially be able to do
<CODE>telnet 127.0.0.1</CODE> and get your own machine (test it now!). You
also need good <CODE>/etc/nsswitch.conf</CODE>, <CODE>/etc/resolv.conf</CODE>
and <CODE>/etc/hosts</CODE> files as a starting point, since I will not
explain their function here. If you don't already have all this set
up and working the Networking-HOWTO and/or the
Networking-Overview-HOWTO explains how to set it up. Read them.
<P>
<P>When I say `your machine' I mean the machine you are trying to set
up DNS on, not any other machine you might have that's involved in
your networking effort.
<P>
<P>I assume you're not behind any kind of firewall that blocks name
queries. If you are you will need a special configuration --- see the
section on
<A HREF="DNS-HOWTO-10.html#qanda">qanda</A>.
<P>
<P>Name serving on Unix is done by a program called <CODE>named</CODE>. This
is a part of the ``BIND'' package which is coordinated by <EM>The
Internet Software Consortium</EM>. <CODE>Named</CODE> is included in most Linux
distributions and is usually installed as <CODE>/usr/sbin/named</CODE>,
usually from a package called <CODE>BIND</CODE>, in upper or lower case
depending on the whim of the packager.
<P>
<P>If you have a named you can probably use it; if you don't have one
you can get a binary off a Linux ftp site, or get the latest and
greatest source from
<A HREF="ftp://ftp.isc.org/isc/bind9/">ftp://ftp.isc.org/isc/bind9/</A>. This
HOWTO is about BIND version 9. The old versions of the HOWTO, about
BIND 4 and 8, is still available at
<A HREF="http://langfeldt.net/DNS-HOWTO/">http://langfeldt.net/DNS-HOWTO/</A> in case you use BIND 4 or 8
(incidentally, you will find this HOWTO there too). If the named man
page talks about (at the very end, in the FILES section)
<CODE>named.conf</CODE> you have BIND 8; if it talks about <CODE>named.boot</CODE> you
have BIND 4. If you have 4 and are security conscious you really
ought to upgrade to the latest version of BIND 8. Now.
<P>
<P>DNS is a net-wide database. Take care about what you put into it.
If you put junk into it, you, and others, will get junk out of it.
Keep your DNS tidy and consistent and you will get good service from
it. Learn to use it, admin it, debug it and you will be another good
admin keeping the net from falling to its knees by mismanagement.
<P>
<P><B>Tip:</B> Make backup copies of all the files I instruct you to
change if you already have them, so that if after going through this
nothing works you can get it back to your old, working state.
<P>
<H2><A NAME="ss2.1">2.1 Other nameserver implementations.</A>
</H2>
<P>This section was written by Joost van Baal.
<P>
<P>Various packages exist for getting a DNS server on your box. There
is the BIND package (
<A HREF="http://www.isc.org/products/BIND/">http://www.isc.org/products/BIND/</A>);
the implementation this HOWTO is about. It's the most popular
nameserver around and it's used on the vast majority of name serving
machines on the Internet, around and being deployed since the 1980's.
It's available under a BSD license. Since it's the most popular
package, loads of documentation and knowledge about BIND is around.
However, there have been security problems with BIND.
<P>
<P>Then there is djbdns (
<A HREF="http://djbdns.org/">http://djbdns.org/</A>), a relatively
new DNS package written by Daniel J. Bernstein, who also wrote qmail.
It's a very modular suite: various small programs take care of the
different jobs a nameserver is supposed to handle. It's designed with
security in mind. It uses a simpler zone-file format, and is
generally easier to configure. However, since it's less well known,
your local guru might not be able to help you with this.
Unfortunately, this software is not Open Source. The author's
advertisement is on
<A HREF="http://cr.yp.to/djbdns/ad.html">http://cr.yp.to/djbdns/ad.html</A>.
<P>
<P>Whether DJBs software is really an improvement over the older
alternatives is a subject of much debate. A discussion (or is it a
flame-war?) of BIND vs djbdns, joined by ISC people, is on
<A HREF="http://www.isc.org/ml-archives/bind-users/2000/08/msg01075.html">http://www.isc.org/ml-archives/bind-users/2000/08/msg01075.html</A><P>
<HR>
<A HREF="DNS-HOWTO-3.html">Next</A>
<A HREF="DNS-HOWTO-1.html">Previous</A>
<A HREF="DNS-HOWTO.html#toc2">Contents</A>
</BODY>
</HTML>