Chapter 3. Where Do I Start?"What do you call yourself?" the Fawn said at last. Such a soft sweet voice it had!"I wish I knew!" thought poor Alice. She answered, rather sadly, "Nothing, just now." "Think again," it said: "that won't do." Alice thought, but nothing came of it. "Please, would you tell me what you call yourself?" she said timidly. "I think that might help a little." "I'll tell you, if you come a little further on," the Fawn said. "I can't remember here." Now that you understand the theory behind the Domain Name System, we can attend to more practical matters. Before you set up your zones, you may need to get the BIND software. Usually, it's included as a standard part of most Unix-based operating systems. Often, though, you'll want to seek out a more recent version with all the latest functionality and security enhancements. Once you've got BIND, you need to decide on a domain name for your main zone -- which may not be quite as easy as it sounds, since it entails finding an appropriate place in the Internet namespace. That decided, you need to contact the administrators of the parent of the zone whose domain name you've chosen. One thing at a time, though. Let's talk about where to get BIND.
3.1. Getting BINDIf you plan to set up your own zones and run name servers for them, you'll need the BIND software first. Even if you're planning on having someone else host your zones, it's helpful to have the software around. For example, you can use your local name server to test your data files before giving them to the administrator of your remote name servers.Most commercial Unix vendors ship BIND with the rest of their standard TCP/IP networking software. And the networking software is usually included with the operating system, so you get BIND free. Even if the networking software is priced separately, you've probably already bought it, since you clearly do enough networking to need DNS, right? If you don't have a version of BIND for your flavor of Unix, though, or if you want the latest, greatest version, you can always get the source code. As luck would have it, it's freely distributed. The source code for the most up-to-date versions of BIND as of this writing (the BIND 8.2.3 and 9.1.0 releases) is available via anonymous FTP from the Internet Software Consortium's web site, ftp.isc.org, in /isc/bind/src/cur/bind-8/bind-src.tar.gz and /isc/bind9/9.1.0/bind-9.1.0.tar.gz, respectively. Compiling these releases on most common Unix platforms is relatively straightforward.[17] The ISC includes a list of Unix-ish operating systems that BIND is known to compile on in the file src/INSTALL, including several versions of Linux, Digital Unix, and Solaris 2. There's also a list of other Unix-ish and not-so-Unix-ish (MPE, anyone?) operating systems that BIND has supported in the past and that these most recent versions of BIND will probably compile on without much effort.[18] Regardless of which category your operating system falls into, we strongly recommend reading all of the sections of src/INSTALL relevant to your OS. We also include instructions on compiling BIND 8.2.3 and 9.1.0 on RedHat Linux 6.2 as Appendix C, "Compiling and Installing BIND on Linux". It's a remarkably short appendix. [17]Compiling early versions of BIND 9 (before 9.1.0) can be a little tricky, since these versions require pthreads and many OSes sport broken pthreads implementations. BIND 9.1.0 and later can be built without pthreads by running configure - -disable-threads. [18]We know for a fact that BIND 8.2.3 compiles cleanly on several of these operating systems.Some of you may already have a version of BIND that came with your operating system, but you're wondering whether you need the latest, greatest version of BIND. What does it have to offer that earlier versions of BIND don't? Here's an overview:
If, after reading through this list and checking the appendix, you're convinced you need BIND 8 or BIND 9's features and neither a BIND 8 nor BIND 9 name server comes with your operating system, download the source code and build your own. 3.1.1. Handy Mailing Lists and Usenet NewsgroupsInstructions on how to port BIND to every other version of Unix could consume another book this size, so we'll have to refer you to the BIND users mailing list (bind-users@isc.org ) or the corresponding Usenet newsgroup (comp.protocols.dns.bind) for further help.[19] For BIND 9, there's a separate mailing list, bind9-users@isc.org.[20] The folks who read and contribute to the BIND users mailing lists can be enormously helpful in your porting efforts. Before sending mail to the list asking whether a particular port is available, though, be sure to check the searchable archive of the mailing list at http://www.isc.org/ml-archives/bind-users. Also, take a look at the ISC's BIND web page at http://www.isc.org/products/BIND for notes or links specific to your operating system, and check Andras Salamon's DNS Resource Directory for precompiled BIND software. The directory currently has a short list of precompiled binaries at http://www.dns.net/dnsrd/bind.html.[19]To ask a question on an Internet mailing list, all you need to do is send a message to the mailing list's address. If you'd like to join the list, however, you have to send a message to the list's maintainer first, requesting that he or she add your electronic mail address to the list. Don't send this request to the list itself -- that's considered rude. The Internet convention is that you can reach the maintainer of a mailing list by sending mail to list-request@domain, where list@domain is the address of the mailing list. So, for example, you can reach the BIND users mailing list's administrator by sending mail to bind-users-request@isc.org. [20]Most of the BIND 9 developers read the bind9-users mailing list exclusively.Another mailing list you might be interested in is the namedroppers list. Folks on the namedroppers mailing list are involved in the IETF working group that develops extensions to the DNS specifications, DNSEXT. For example, the discussion of a new, proposed DNS record type would probably take place on namedroppers instead of the BIND mailing list. For more information on DNSEXT's charter, see http://www.ietf.org/html.charters/dnsext-charter.html. The address for the namedroppers mailing list is namedroppers@ops.ietf.org, and it is gatewayed into the Internet newsgroup comp.protocols.dns.std. To join the namedroppers mailing list, send mail to namedroppers-request@ops.ietf.org with the text "subscribe namedroppers" as the body of the message.
3.1.2. Finding IP AddressesYou'll notice that we gave you a number of domain names of hosts that have FTPable software, and that the mailing lists we mentioned include domain names. That should underscore the importance of DNS: see what valuable software and advice you can get with the help of DNS? Unfortunately, it's also something of a chicken-and-egg problem: you can't send email to an address with a domain name in it unless you've got DNS set up, so how can you ask someone on the list how to set DNS up?Well, we could give you the IP addresses for all the hosts we mentioned, but since IP addresses change often (in publishing timescales, anyway), we'll show you how you can temporarily use someone else's name server to find the information instead. As long as your host has Internet connectivity and the nslookup program, you can retrieve information from the Internet namespace. To look up the IP address for ftp.isc.org, for example, you could use:
This instructs nslookup to query the name server running on the host at the IP address 207.69.188.185 to find the IP address for ftp.isc.org, and should produce output like:% nslookup ftp.isc.org. 207.69.188.185
Now you can FTP to ftp.isc.org's IP address, 204.152.184.27.Server: ns1.mindspring.com Address: 207.69.188.185 Name: isrv4.pa.vix.com Address: 204.152.184.27 Aliases: ftp.isc.org How did we know that the host at IP address 207.69.188.185 runs a name server? Our ISP, Mindspring, told us -- it's one of their name servers. If your ISP provides name servers for its customers' use (and most do), use one of them. If your ISP doesn't provide name servers (shame on them!), you can temporarily use one of the name servers listed in this book. As long as you use it only to look up a few IP addresses or other data, the administrators probably won't mind. It's considered very rude, however, to point your resolver or query tool at someone else's name server permanently. Of course, if you already have access to a host with Internet connectivity and DNS configured, you can use it to FTP the stuff you need. Once you've got a working version of BIND, you're ready to start thinking about your domain name.
|
|