Domain Name System
Domain Name System (DNS) is a name lookup system, typically used to map hostnames on the Internet to Internet addresses.
The most common DNS server implementation for Linux and other FOSS operating systems is the Internet Systems Corporation (ISC) implementation of the Berkeley Internet Name Daemon (BIND), now in version 9.
Other implementations include dnsmasq and djdns.
Contents |
Zone Master
A zone is a collection of DNS names in a domain or sub-domain. A DNS server is the "master" (or authoritative) for a zone. It can delegate authority for sub-domains to other DNS servers.
It is generally considered to be a good idea to "hide" the domain master and only expose secondary, or slave, servers to the wider Internet.
Dynamic DNS
Protocols exist to allow a node with a dynamically-allocated address (IPv4, IPv6 or other) to update a DNS master server with a new "A" (or "AAAA") record for it's new address.
Sometimes this can be done by the DHCP server. If the DHCP server is administered by another entity (eg. a public Wi-Fi, ISP or other) then the client machine needs to perform the update.
One protocol for doing this is Transaction SIGnature (TSIG) as defined in RFC 2845.
One tool for performing the update is nsupdate (see, eg. nsupdate manpage).
DNS over HTTPS
External Links
- Domain Name System at Wikipedia
- Bind9 at the Debian Wiki
- List of Internet top-level domains at Wikipedia
- RFC 1035 - DOMAIN NAMES - IMPLEMENTATION AND SPECIFICATION at IETF.org
- C Programming with the Resolver Library Routines from ch. 14 of "DNS and BIND" by Cricket et. al.
- resolver(3) manual page at manpagez.com
- DNS as a Covert Channel Within Protected Networks from US Dept. of Energy
- Extremely severe bug leaves dizzying number of software and devices vulnerable at arstechnica.com
- Dynamic DNS at Wikipedia
- TSIG at Wikipedia
- Howto/DNS updates and zone transfers with TSIG at freeipa.org
- How To Manage Your Own Domain Name Server at Github.com
- A hidden, master, authoritative-only Name Server at Github.com
- BIND Installation On CentOS at howtoforge.com
- Installation Of BIND As A Secondary (Slave) DNS Server On CentOS at howtoforge.com
- Hidden Master DNS Configuration at inetdaemon.com
- DNS Configuration at help.ubuntu.com
- Creating a subdomain in bind9 at ubuntuforums.org
- Setup OpenDNS FamilyShield nameservers