Networking / Beginners

---

BIND Configuration

BIND's configuration file is stored as named.conf in the /etc directory. It is a text file that you can use to configure various aspects of BIND. BIND also comes with a shell script that can convert older BIND 4 configuration files to the newer format of BIND. This shell script is exceptionally useful while upgrading BIND because the format of the configuration file of BIND 4, which is named.boot, is entirely different from BIND 8 and above.

Global Options

The Global Options section of the named.conf file allows you to configure the following directives:

• directory. This directive defines the base directory for storing all relative paths specified in the named.conf file.
• pid-file. This directive stores the name of the Process ID (PID) file for the named service.
• allow-query. This directive specifies the range of computers that can send DNS queries to a server. The directive accepts individual IPs, IP ranges, and any keyword as valid arguments.
• allow-transfer. This directive specifies hosts that might copy the database. This option can be used to limit zone transfers in a BIND server. The arguments are similar to those of the Allow-query directive.

An example of the Global Options section of BIND's main configuration file is shown in the following code:

options {
	directory 	"/var/named";
	pid-file 	"/var/run/named.pid";
	allow-query 	{ any; };
allow-transfer 			{ 172.17.100/50; };
};

In the preceding code snippet:

• The directory directive specifies that the default zone directory for BIND is /var/named.
• The pid-file directive specifies that while the named service is running, its ProcessID should be stored in the /var/run/named.pid file.
• The allow-query directive specifies that any client can perform a DNS query transaction with the server.
• The allow-transfer directive specifies BIND to allow DNS transfer transactions only to the server whose IP address is in the range 171.17.100/50.

Zones

A zone is a subset in a domain name space. This subset is maintained in a master name server. It is advisable to have one or more slave name servers also for backup purposes. Depending on ownership or permissions for a domain name, the DNS master server can be configured to manage an entire domain, a domain and all its child domains, or any portion in the domain.

Master Zones

Master zones are used to generate authoritative records for queries on non-cached domain names. The host name given in the query is matched against all configured zones. The file directive specifies the text file that contains the particular zone's database.

An example of an entry for a master zone in BIND is shown in the following code snippet:

zone "example.com" IN {
	type 	master;
	file 	"db.example.com";
};

Slave Zones

The slave server, which is the secondary server, loads the zone information from a primary server or another slave server. This server acts as an instantly available backup solution in case the primary name server is down or unreachable. An example of an entry for a slave zone in BIND is shown here:

zone "example.com" IN {
	type 		slave;
	masters 	{ 172.17.100.1 }
	file 		"db. example ";
};

Root Zones

Root zone is the default zone found in every installation. It is used whenever configured zones do not resolve a query. The type here is hint. The file directive contains named.ca, which contains information about root servers on the Internet. The sample code for the Root zone is shown here:

zone "." IN {
	type hint;
	file "named.ca";
};

Loopback Zones

Although loopback zones are not strictly required, they are always specified. Many programs in the X Window System use local sockets to emulate IPC queues between cooperating processes. These sockets are bound to host 172.17.0.1, which is the lookup device. Loopback zones should never be slaves.

"0.0.172.in-addr.arpa"