164 lines
9.2 KiB
Plaintext
164 lines
9.2 KiB
Plaintext
|
.\" ++Copyright++ 1986, 1988, 1995
|
||
|
.\" -
|
||
|
.\" Copyright (c) 1986, 1988, 1995
|
||
|
.\" The Regents of the University of California. All rights reserved.
|
||
|
.\"
|
||
|
.\" Redistribution and use in source and binary forms, with or without
|
||
|
.\" modification, are permitted provided that the following conditions
|
||
|
.\" are met:
|
||
|
.\" 1. Redistributions of source code must retain the above copyright
|
||
|
.\" notice, this list of conditions and the following disclaimer.
|
||
|
.\" 2. Redistributions in binary form must reproduce the above copyright
|
||
|
.\" notice, this list of conditions and the following disclaimer in the
|
||
|
.\" documentation and/or other materials provided with the distribution.
|
||
|
.\" 3. All advertising materials mentioning features or use of this software
|
||
|
.\" must display the following acknowledgement:
|
||
|
.\" This product includes software developed by the University of
|
||
|
.\" California, Berkeley and its contributors.
|
||
|
.\" 4. Neither the name of the University nor the names of its contributors
|
||
|
.\" may be used to endorse or promote products derived from this software
|
||
|
.\" without specific prior written permission.
|
||
|
.\"
|
||
|
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
|
||
|
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||
|
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||
|
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
|
||
|
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||
|
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||
|
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||
|
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||
|
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||
|
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||
|
.\" SUCH DAMAGE.
|
||
|
.\" -
|
||
|
.\" Portions Copyright (c) 1993 by Digital Equipment Corporation.
|
||
|
.\"
|
||
|
.\" Permission to use, copy, modify, and distribute this software for any
|
||
|
.\" purpose with or without fee is hereby granted, provided that the above
|
||
|
.\" copyright notice and this permission notice appear in all copies, and that
|
||
|
.\" the name of Digital Equipment Corporation not be used in advertising or
|
||
|
.\" publicity pertaining to distribution of the document or software without
|
||
|
.\" specific, written prior permission.
|
||
|
.\"
|
||
|
.\" THE SOFTWARE IS PROVIDED "AS IS" AND DIGITAL EQUIPMENT CORP. DISCLAIMS ALL
|
||
|
.\" WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES
|
||
|
.\" OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DIGITAL EQUIPMENT
|
||
|
.\" CORPORATION BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
|
||
|
.\" DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
|
||
|
.\" PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
|
||
|
.\" ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
|
||
|
.\" SOFTWARE.
|
||
|
.\" -
|
||
|
.\" --Copyright--
|
||
|
.\"
|
||
|
.\" @(#)types.me 6.3 (Berkeley) 9/19/89
|
||
|
.\"
|
||
|
.sh 1 "Types of Zones"
|
||
|
.pp
|
||
|
A ``zone'' is a point of delegation in the DNS tree. It contains all names
|
||
|
from a certain point ``downward'' except those which are delegated to other
|
||
|
zones. A ``delegation point'' has one or more \fINS\fP records in the
|
||
|
``parent zone'', which should be matched by equivalent \fINS\fP records at
|
||
|
the root of the ``delegated zone'' (i.e., the ``@'' name in the zone file).
|
||
|
.pp
|
||
|
Understanding the difference between a ``zone'' and a ``domain'' is crucial
|
||
|
to the proper operation of a name server. As an example, consider the
|
||
|
\s-1DEC.COM\s+1 \fIdomain\fP, which includes names such as
|
||
|
\s-1POBOX1.PA.DEC.COM\s+1 and \s-1QUABBIN.CRL.DEC.COM\s+1 even though
|
||
|
the \s-1DEC.COM\s+1 \fIzone\fP includes only \fIdelegations\fP for the
|
||
|
\s-1PA.DEC.COM\s+1 and \s-1CRL.DEC.COM\s+1 zones. A zone can map exactly
|
||
|
to a single domain, but could also include only part of a domain (the rest
|
||
|
of which could be delegated to other name servers). Technically speaking,
|
||
|
every name in the DNS tree is a ``domain'', even if it is ``terminal'', that
|
||
|
is, has no ``subdomains''. Technically speaking, every subdomain is a domain
|
||
|
and every domain except the root is also a subdomain. The terminology is not
|
||
|
intuitive and you would do well to read RFC's 1033, 1034, and 1035 to gain a
|
||
|
complete understanding of this difficult and subtle topic.
|
||
|
.pp
|
||
|
Though \s-1BIND\s+1 is a \fIDomain\fP Name Server, it deals primarily in terms
|
||
|
of \fIzones\fP. The \fIprimary\fP and \fIsecondary\fP declarations in the
|
||
|
\fInamed.boot\fP file specify \fIzones\fP, not \fIdomains\fP. When you ask
|
||
|
someone if they are willing to be a secondary server for your ``domain'', you
|
||
|
are actually asking for secondary service for some collection of \fIzones\fP.
|
||
|
.pp
|
||
|
Each zone will have one ``primary'' server, which loads the zone contents
|
||
|
from some local file which is edited by humans or perhaps generated
|
||
|
mechanically from some other local file which is edited by humans. Then
|
||
|
there will be some number of ``secondary'' servers, which load the zone
|
||
|
contents using the \s-1IP/DNS\s+1 protocol (that is, the secondary servers will
|
||
|
contact the primary and fetch the zone using \s-1IP/TCP\s+1). This set of
|
||
|
servers (the primary and all of the secondaries) should be listed in the
|
||
|
\fINS\fP records in the parent zone, which will constitute a ``delegation''.
|
||
|
This set of servers must also be listed in the zone file itself, usually
|
||
|
under the ``@'' name which is a magic cookie that means the ``top level''
|
||
|
or ``root'' of current zone. You can list servers in the zone's
|
||
|
top-level ``@'' \fINS\fP records that are not in the parent's \fINS\fP
|
||
|
delegation, but you cannot list servers in the parent's delegation that are
|
||
|
not present in the zone's ``@''. Any servers listed in the \fINS\fP records
|
||
|
must be configured as authoritative (either primary or secondary) for the
|
||
|
zone. If a server listed in a \fINS\fP record is not authoritative, it
|
||
|
will respond with a ``lame delegation'' when queried.
|
||
|
.sh 1 "Types of Servers"
|
||
|
.pp
|
||
|
Servers do not really have ``types''. A server can be a primary for some
|
||
|
zones and a secondary for others, or it can be only a primary, or only a
|
||
|
secondary, or it can serve no zones and just answer queries via its ``cache''.
|
||
|
Previous versions of this document referred to servers as ``master'' and
|
||
|
``slave'' but we now feel that those distinctions \(em and the assignment of
|
||
|
a ``type'' to a name server \(em are not useful.
|
||
|
.sh 2 "Caching Only Server"
|
||
|
.pp
|
||
|
All servers are caching servers. This means that the server caches the
|
||
|
information that it receives for use until the data expires. A \fICaching
|
||
|
Only Server\fP is a server that is not authoritative for any zone. This
|
||
|
server services queries and asks other servers, who have the authority, for
|
||
|
the information needed. All servers keep data in their cache until the data
|
||
|
expires, based on a \fITTL\fP (``Time To Live'') field which is maintained
|
||
|
for all resource records.
|
||
|
.sh 2 "Remote Server"
|
||
|
.pp
|
||
|
A Remote Server is an option given to people who would like to use
|
||
|
a name server from their workstation or on a machine that has a limited
|
||
|
amount of memory and CPU cycles.
|
||
|
With this option you can run all of the networking programs that use
|
||
|
the name server without the name server running on the local machine.
|
||
|
All of the queries are serviced by a name server that is running on another
|
||
|
machine on the network.
|
||
|
A host which has an
|
||
|
\fI/etc/resolv.conf\fP file listing only remote hosts, and which does not
|
||
|
run a name server of its own, is sometimes called a Remote Server (because
|
||
|
the actual server is remote?) but more
|
||
|
often it is called simply a DNS Client.
|
||
|
This kind of host is technically not a ``server'',
|
||
|
since it has no cache and does not answer queries.
|
||
|
.sh 2 "Slave Server"
|
||
|
.pp
|
||
|
A Slave Server is a server that always forwards queries it cannot
|
||
|
satisfy from its cache, to a fixed list of \fIforwarding\fP servers
|
||
|
instead of interacting
|
||
|
with the name servers for the root and other domains.
|
||
|
The queries to the \fIforwarding servers\fP are recursive queries.
|
||
|
There may be one or more forwarding servers, and they are tried in turn
|
||
|
until the list is exhausted.
|
||
|
A Slave and forwarder configuration is typically used when you do not
|
||
|
wish all the servers at a given site to interact with the rest
|
||
|
of the Internet servers. A typical scenario would involve a number of
|
||
|
workstations and a departmental timesharing machine with Internet
|
||
|
access. The workstations might be
|
||
|
administratively prohibited from having Internet access.
|
||
|
To give the workstations the appearance of access to the Internet
|
||
|
domain system, the workstations could be Slave servers to the timesharing
|
||
|
machine which would forward the queries and interact with other
|
||
|
name servers to resolve the query before returning the answer.
|
||
|
An added benefit of using the forwarding feature is that the central
|
||
|
machine develops a much more complete cache of information that
|
||
|
all the workstations can take advantage of. The use of Slave mode
|
||
|
and forwarding is discussed further under the description of
|
||
|
the \fInamed\fP bootfile commands.
|
||
|
.pp
|
||
|
There is no prohibition against declaring a server to be a \fIslave\fP
|
||
|
even though it has \fIprimary\fP and/or \fIsecondary\fP zones as well;
|
||
|
the effect will still be that anything in the local server's cache or
|
||
|
zones will be answered, and anything else will be forwarded using the
|
||
|
\fIforwarders\fP list.
|