From owner-freebsd-questions@FreeBSD.ORG Mon Dec 4 15:28:09 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 8623E16A514 for ; Mon, 4 Dec 2006 15:28:09 +0000 (UTC) (envelope-from af300wsm@gmail.com) Received: from nz-out-0102.google.com (nz-out-0506.google.com [64.233.162.224]) by mx1.FreeBSD.org (Postfix) with ESMTP id BEF4143CBB for ; Mon, 4 Dec 2006 15:24:57 +0000 (GMT) (envelope-from af300wsm@gmail.com) Received: by nz-out-0102.google.com with SMTP id i11so1821416nzh for ; Mon, 04 Dec 2006 07:25:15 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=ANVvJTM9VAFEXwCalCdvNItXcom0ySspWl9eNKsn8uoKupoc6Y2km5e4D/baJq4zfDK+8YqJgYu21+3f6eoW9CLXOH+n2hELbaY901K9WWf6gj9mKHxW++LH0M3XlgltUGc/c9D4yIukyEEJLCgS/bChIsQiMvYPppndxmC8CrI= Received: by 10.78.149.15 with SMTP id w15mr7737497hud.1165245476748; Mon, 04 Dec 2006 07:17:56 -0800 (PST) Received: by 10.78.156.13 with HTTP; Mon, 4 Dec 2006 07:17:56 -0800 (PST) Message-ID: <340a29540612040717x3645c6c5g2c801b45d590d3f3@mail.gmail.com> Date: Mon, 4 Dec 2006 08:17:56 -0700 From: "Andrew Falanga" To: "David Robillard" , freebsd-questions In-Reply-To: <226ae0c60612040657m3f34c8bam555980433c8e6abe@mail.gmail.com> MIME-Version: 1.0 References: <226ae0c60612040657m3f34c8bam555980433c8e6abe@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: Subject: Re: Configuring DNS (BIND) in isolation X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 04 Dec 2006 15:28:09 -0000 On 12/4/06, David Robillard wrote: > > > Hello, > > > > I have a need to make my own DNS system on an isolated network. Years > ago, > > I administered DNS for a couple of different companies, but that was > quite a > > while ago and since I've turned to programming I haven't done much in > the > > way of network administration. I recall from using BIND 4, when I was > > reading up on it, that it is most certainly possible to configure an > entire > > DNS system on a totally isolated network. > > > > Would I need zone files for the root, ".", zone and any other zones I > > configure; e.g. "isolation."? This would seem to be the way to go about > it, > > but I'm having some difficulty visualizing it in my head. I just did > some > > searches online for the O'Reilly book "DNS & BIND". I recall using this > > book in the past and it was quite helpful (and unfortunately for me, > > belonged to my former employers). Would this book be a good reference > for > > this task as well, or are there better books that I might want to look > into > > getting for this? Or, are there good on-line resources that could help > me > > muddle through? > > > > Any help is greatly appreciated. > > > > Thanks, > > Andy > > Hello Andy, > > First, you need to know that BIND has jumped from version 4 directly > to version 8 and is now at version 9. There is a whole world of > difference between the version 4 that you've worked with in the past > and the latest version 9 (such as Views, DNSSEC, IXFR, etc). > > Now, the book you mentioned above is still THE reference on the topic. > O'Reilly recently published the 5th edition of "DNS & BIND" which > covers everything BIND 9 has to offer. Plus an extended chapter on the > DNS architecture itself. It's a great book, you should get yourself a > copy if you're interested by DNS. > > Third, while "DNS & BIND" is a fine book, you'll have more direct help > from another O'Reilly book called "DNS & BIND Cookbook" from Cricket > Liu. It presents some common DNS related tasks in the form of easy to > follow "recipes". It sure is a great help when it actually is time to > build and configure your DNS servers. > > Moreover, FreeBSD is an excellent platform for building DNS servers. > I've built DNS servers out of Solaris, AIX, RedHat and FreeBSD > machines and BSD is by far the easiest and more flexible to setup and > secure. > > > Finally, if for various reasons you don't have the time or expertise > to setup your own DNS machine. Then have a look at the appliances from > the author of "DNS & BIND" Cricket Liu's company called Infoblox at > http://www.infoblox.com. > > > Cheers, > > David > -- > David Robillard > UNIX systems administrator & Oracle DBA > CISSP, RHCE & Sun Certified Security Administrator > Montreal: +1 514 966 0122 > I wanted to thank everyone who answered, but I think my first reply went only to the individual of whose e-mail I chose to respond to (sorry) and thanks everyone. I think I've got what I need to get going. Andy