Вы находитесь на странице: 1из 690

DNS and BIND

Fourth Edition

PaulAlbitz and Cricket Liu

O'REILLY

DNS BIND

DNS BIND


.

,
DNS BIND. - . . - . -, 2002 - 696 , .
ISBN 5 93286-035 9
DNS BIND .
,
,
DNS.
9 BIND,
, 8,
. BIND 8 9
DNS.
: DNS;
,
; MX ;
DNS; ;
DNS-; BIND 9;
DNS (DNSSEC) (TSIG);
DNS-; ,
, ; (
nslookup dig, ); DNS- DNS Perl Net::DNS.

ISBN 5-93286-035-9
ISBN 0-596-00158-4 ()
-, 2002
Authorized translation of the English edition 2001 O'Reilly & Associates Inc This
translation is published and sold by permission of O'Reilly & Associates Inc., the owner of all rights to publish and sell the same
,

,
193148, , , 4,
(812) 324 5353, edit@symbol ru N 000054 25 12 98
-
005-93, 2, 953000 -
26 02 2002 70x10046
43,5 3000 N i()82

199034, , 9 , 12

1.
()
-

BIND
DNS?

2. DNS

DNS-
DNS

3. ?
BIND

4. BIND


BIND

(BIND 4.9.4 )

- DNS
DNS-

?

20
20
21
24
29
30

32
32
39
42
44
49
49
58

61
61
66

83
84
85
98
101
105
108
109
115
123
124

5. DNS
-
-, ?
-
6.
DNS-
DNS-


7. BIND
DNS-


BIND 8 9
log- BIND 8 9

8.
DNS-?
DNS-
DNS-
TTL


9.

?

:
in-addr.arpa



10.

DNS:
DNS NOTIFY ( )

125
126
129
131
135
135
149
151
157
180
180
190
200
205
206
218
240
240
249
255
259
263
267
272
273
273
274
276
287
293
298
301
302
303
304
312

(IXFR)

Round Robin:
DNS-
DNS-:
DNS-
DNS-

IPv6

IPv6:

11.
TSIG
DNS-
DNS
DNS

12. nslookup dig


nslookup?
?




nslookup

dig

13. BIND



DNS-
(BIND 8)
DNS-
(BIND 9)

317
321
326
328
332
338
339
340
342
353
354
356
360

367
368
373
389
414

442
443
445
445
449
449
453
461
467
467

473
473
477
478
491
492
493

14. DNS BIND


NIS?




TSIG

15.
DNS-

nslookup

DNS-
Perl
Net::DNS
16.

494
495
496
504
524
525
530
531
538
539
545
573
577

CNAME-

-


RR-
DNS WINS

577
582
583
584
590
592
600

DNS Windows 2000

602

A. DNS RR-

609

B. BIND

630

C. BIND Linux-

632

D.

637

E. DNS- BIND

643

664


,
(Domain Name System), , . ,
World Wide Web, DNS -
.
, ,

. 32,
.1 , , ,
. .
?
.
10 -.
.
DNS , , -, . , DNS
,

. DNS , ,
, (, telnet),
, FTP, , , -, Netscape Navigator Microsoft Internet Explorer.
DNS .
, .
.
, DNS
. 1

IP- 6 128 , 39-.

10

- . , , , DNS . , ,
DNS- .
DNS ,
.
DNS-
.
, DNS . ,
,
. .
, DNS,
, -
.
, , , Usenet.
,
-, , , .
,
.
- . ,
DNS. ,
DNS-: , , . DNS . , ,
,
. , .
DNS - , , , ; , .
, -

11

. , , .
, DNS,
BIND, Berkeley Internet Name Domain,
( )
DNS.
BIND. ( ,
; , ). , , ; Perl
.
, DNS
BIND, , ,
, ,
DNS BIND, .

BIND - 9.1.0
8.2.3, 4.9. , 9.1.0 8.2.3
,
Unix-, , ,
.
BIND, 4.8.3,
, ,
, Unix-.
4.9, 8.2.3 9.1.0,
, , BIND.

DNS - nslookup. nslookup BIND
8.2.3. nslookup
( ) nslookup 8.2.3. 1
,
nslookup; , , .
1

nslookup BIND 9.1.0.


. 12 nslookup dig.

12

?
,
BIND; :
NOTIFY, (signed dynamic updates), BIND 9
update-policy - 10.
- 10.
, (conditional forwarding), - 10.

IPv6 6 DNAME,
- - 10.
- (transaction signatures,
TSIG) - 11.

DNS- - 11.
- 11.
DNS, (DNS Security Extensions DNSSEC), , - 11-
.
, ,
Windows 2000 BIND, - 16.

.
1 2 . 3
6 ,
,
. , 7 11,
,
DNS-, , . , 12 16
, ,
DNS-.
:

13

1 ,
, DNS, .
2 DNS DNS, - DNS, , DNS-. , .
3 ? BIND
, , , ,
,
.
4 BIND - , DNS- BIND,
, .
5 DNS DNS
MX, , . , -
, .
6 ,
(resolver) BIND,
- Unix-, Windows 95/NT/2000.
7 BIND , , , -
DNS- , .
8 , , ,
.
9 - , .
, ( ), , (!) .
10
, , DNS-
.
11
DNS-, -

14

, DNS,
: DNS Security Extensions
(Transaction Signatures).
12 nslookup dig
DNS-, DNS-.
13 BIND - 1
BIND. , BIND, ,
, , DNS-
14 DNS BIND
,
DNS BIND,
, , .
15 , BIND DNS- Perl.
( ) ,
DNS- .
16 .
(wildcards) DNS, , , ,
DNS Windows 2000.
DNS RR- (resource records) , DNS, RR-.
BIND -

BIND.
BIND Linux- BIND 8.2.3 Linux.
1

-
, ()
, 1799 . - . 1822 .
. - .
.

15

D - .
DNS- BIND
.


, DNS-, ,
,
.
, , , ,
. ,
.
,
, 1 2, DNS, 3 - ,
4 5 - , .
6 , DNS. 7,
, , . 12, 13 14 , .
6,
, DNS- , 7,
, .
8 ,
, , . 9 ,
- , , , , . 10
BIND 8.2.3 9.1.0. 11
DNS- . 12 14 , .
, , 5,
,

16

11, DNS.
, DNS,
1 2, 15, BIND.
, , 1 2,
DNS, 12, nslookup dig, 14, .
1 2,
DNS, 5, , DNS
, 12, nslookup dig, - .
1 2,
DNS, - , !
, Unix-, TCP/IP,
Perl. . . Unix ( ), .


-, ,
FTP :
ftp://ftp.uu.net/ublished/oreilly/nutshell/dnsbind/dns.tar.Z
ftp://ftp.oreilly.com/publlshed/oreilly/nutshell/dnsbind/
:

System V - tar-:

zcat , uncompress tar.

O'Reilly

17

,
, ftpmail.
ftpmail,
ftpmail@online.oreilly.com. ;
- help.

O'Reilly
, ,
:
O'Reilly & Associates, Inc.
101 Morris Street
Sebastopol, CA 95472
(800) 998-9938 ( )
(707) 829-0515 (/)
(707) 829-0104 ()
O'Reilly -, , . :
http://www.oreilly.com/catalog/dns4
,
, , :
bookquestions@oreilly.com
- O'Reilly , , , O'Reilly (O'Reilly Network):
http://www.oreilly.com


, Unix:

:
if test -x /usr/sbin/named -a -f /etc/named.conf
then
/usr/sbin/named
fi

18

,
, , :
X cat /var/run/named.pid
78

( , root), (#):
# /usr/sbin/named

.
, , , , Unix, , .

2.9
Millenium Fulcrum (Project Gutenberg) 1.7 . 1 , 2 , 5 , 5 , 8 1 4
, 3, 4, 7, 9, 10, 11, 12, 13,
15 16 - .1

(Ken Stone),
(Jerry McCollom), (Peter Jeffe),
(Hal Stern), (Christopher Durham),
(Bill Wisner), (Dave Curry),
(Jeff Okamoto), (Brad Knowles), (. Robert Elz), (Paul Vixie) . - (Eric Pearce), (Jack Repenning), (Andrew Cherenson), (Dan Trinkle), (Bill LeFebvre) (John Sechrest)
.
( !).
: (Dave Barr),
1

(.:,
, 1992). -..

19

(Nigel Campbell), , (Mike


Milligan) .
: (Bob Halley), (Barry Margolin) .
(Kevin Dunlap), (Edward Lewis) (Brian Wellington), .
, (Rick Nordensten),
,
; ,
, ,
, ,
, , . ,

(Regina Kershner) (Paul Klouda) . , (Matt Larson), Acme Razor;
- , .
(Walter ), , . , ,
,
.
O'Reilly & Associates, . - (Mike Loukides) ( ) (Debra Cameron) ( ),
, : (Nancy Kotary),
(Ellie Fountain Maden), (Robert Romano), (Steven Abrams), - (Kismet
McDonough-Chan), (Seth Maislin), (Ellie Cutler), (Mike Sierra), (Lenny Muellner),
(Chris Reilley), (Emily Quill), -
(Anne-Marie Vaduva) (Brenda Miller).
(Jerry Peek) ,
' , .
1

!
1

Cricket ( ) . . . .

()

BIND
DNS?

.
- , ? - .
- , - , , .
- !

DNS, ARPAnet.
DNS
, , ARPAnet, .
, ,
. , ,
, DNS.

()
(Department of Defense's Advanced Research Agency,
ARPA) - DARPA- ARPAnet,
,
. . ARPAnet
: ,
(
), , .
TCP/IP (Transmission Control Protocol/Internet Protocol)

21


ARPAnet. BSD Unix, , . BSD Unix . ARPAnet
, ARPAnet. , ARPAnet, , ARPAnet.
.
ARPAnet
, TCP/IP. .
1988 DARPA ,
. ARPAnet.
,
(National Science Foundation) NSFNET.
, 1995 ,
; NSFNET ,
, MCI Sprint,
PSINet
UUNET.
.
- .
, , - ARPAnet.
.

-
-.
:
, . ,
- .
- , ARPAnet , , TCP/IP-,
. - -

22

1.
- TCP/IP,
, TCP/IP- .
.
- ,
, .
TCP/IP.
-, Xerox XNS DECnet.
intranet, , -
-, ,
, , . , extranet - , ,
, .


ARPAnet . - , , ARPAnet,
HOSTS.TXT. Unix- , /etc/hosts, - HOSTS.TXT ( Unix- ).
HOSTS.TXT (NIC,
Network Information Center) (SRI, Stanford Research Insitute). , , SRI-NIC.1
ARPAnet, ,
NIC HOSTS.TXT SRI-NIC FTP.
HOSTS.TXT
. ARPAnet
. ARPAnet. , :
HOSTS.TXT,
1

SRI International
, ( ); ,
.

23


SRI-NIC.
ARPAnet TCP/IP . ,
HOSTS.TXT:

SRI-NIC , , .

, HOSTS.TXT, . NIC
, ,
.
,
, . , , , ARPAnet.

. , HOSTS.TXT
ARPAnet, ,
, .
, HOSTS.TXT
. , ARPAnet
HOSTS.TXT.
ARPAnet ,
HOSTS.TXT.
, , . , .
, .
. ,
.

,
(Information Sciences Institute). 1984 RFC

24

1.
882 883, (Domain
Name System, DNS). RFC- RFC 1034 1035,
DNS.1 RFC 1034 1035
,
DNS , , , DNS-cep, .


DNS - .
, - -.
.
- DNS , DNS- (name servers, - ). DNS-
, (resolvers).2 , DNS - ,
.
DNS
Unix (. 1.1). ( )
, ( ) . , ,
(, bin). , ,
( "") .
(.). Unix
(/).
.
() - 1

RFC (Request for Comments, )


. RFC-
, ,
, .
,
DNS, DNS-,
. - . . .

25

. 1.1. DNS Unix

Unix,
. , DNS , - . ,
, .
, , . , ,

. DNS - ,
, ;
. Unix
- ,
( , DNS;
. 1.2),
().
DNS , . , Network Solutions
edu (educational, ), berkeley.edu
(. 1.3).
: -

26

1.

. 1.2. DNS Unix

, . ,
winken (. 1.3) , /usr/nfs/winken.
berkeley.edu - . berkeley.edu edu , berkeley.edu. , edu
, edu, , , , berkeley.edu. berkeley.edu
cs.berkeley.edu, , berkeley.edu
. cs.berkeley.edu , berkeley.edu , cs.berkeley.edu (. 1.4).
DNS.
DNS .
. -

27

. 1.3.

.
, .
, (. 1.5). IP-,
. , -

28

1.

. 1.4. edu, berkeley.edu cs.berkeley.edu

(, ) . . 1.5
mailhub.nv... rincon.ba.ca...
? ,
HOSTS.TXT. ,
.

. 1.5. DNS,

BIND

29

. 1.6.

, ,
, , , . ,
, ,
. , , hic.com
puella (. 1.6), ,
hic.com.

BIND
JEEVES,
. BIND, Berkeley Internet Name Domain, 4.3 BSD
Unix () . 1
BIND Internet Software Consortium.
BIND ,
BIND DNS. Unix
Unix. BIND Microsoft Windows NT.

Internet Software Consortium BIND http://www.isc.org/bind.html

30

1.

DNS?
DNS, ,
. DNS ,
. , DNS-, . , ,
, DNS-. , :
...
...DNS . DNS
:
, World Wide Web, , , DNS.
, ,
.
( - 3 ?). ,
-, .
- ,

. ,
.
, , ,
.
, . !
- TCP/IP...
... DNS, , . Ethernet ,
TCP/IP ( ),
. - Appletalk-
Apollo token ring, .
- ,
DNS (, DECnet OSI), ,
. , , Unix, DNS . -

DNS?

31

.
...
... ,
DNS. Windows Internet Name Service (WINS) Microsoft, ,
Network Information Service (NIS) Sun.
, ,
, DNS . , , -, , .





DNS-
DNS-

DNS
- , - , , ?

- , , , . ,
: , ,
, . , , , , DNS,
.
DNS, - .

DNS.
,
. ,
( - DNS).
- , .
.



. -

33

,
. ,
. 2.1, Unix.
.1 Unix

(/). DNS (root).
, DNS , .
127 (, -
).

. 2.1. DNS


,
63 ,
. ( ) . - .
( ), .
, , , : www.oreilly.com.. ( -
.) 1

, , .

34

2. DNS

, (.) , , , . .
, FQDN {fully qualified domain name).
( ) ,
, / (), .
DNS , , ,
. , . ,
, . Unix: . hobbes.pa.ca.us , /usr/bin
(. 2.2). , hob
bes.pa.ca.us hobbes.lg.ca.us, , /bin /usr/bin.

. .
, , purdue.edu
purdue.edu (. 2.3).
, /usr
/usr (. 2.4).
.
,
. ,
pa.ca.us ca.us
us ( 2.5).
-
. , - ? - , ?
, , ,
. , DNS. - ,
. -

35

. 2.2.
Unix
, .
, , - , . ,
, , , - .1
, , , ,
1

: DNS NIS,
Network Information Service Sun. , NIS -
, , . NIS , :
, NIS, ,
NIS NIS. NT, ,
DNS.

36

2. DNS

. 2.3. purdue.edu

.
,
.
.
( ),
. , hp.com
Hewlett-Packard ,
- Hewlett-Packard.
, , .
- hp.com -

. 2.4. /usr

37

. 2.5. ,
, telnet-
( . 2.6, , IP- hp.com).
, .1
, , - .
. ,

. 2.6. ,
,
1

DNS BIND . : ,
.

38

2. DNS

la.tyrell.com tyrell.com, la.tyrell.com tyrell.com. ,


tyrell.com.

, . Usenet
.
:

() (
).

, . .


,
(RRs, resource records). 1 , .
- ( TCP/IP), Chaosnet, a
,
Hesiod. (Chaosnet - , ).
- . ( , - Chaosnet, Hesiod
- MIT). -.
- ,
, .
, . ,
. , RR-,
1

RR-,
RR. -. ..

39

. ( RR- - DNS RR-.)


, :
. RR- 4
BIND, .


, ,
- ( ) -
, .
, .
, ,
. ,
, . , Z,
( ).

. , ( , , ).
. .

, Hewlett-Packard (hp.com),
Sun Microsystems (sun.com) IBM (ibm.com).
edu
, (berkeley.edu) (purdue.edu).
gov
, NASA (nasa.gov) (nsf.gov).

40

2 DNS

mil
, (army.mil) (navy.mil)
.
net
, , NSFNET (nsf.net) UUNET (uu.net). 1996
net, , .
org
, (Electronic Frontier Foundation) (eff.org).
net, 1996 .
int
, NATO (nato.int).
, r
p ARPAnet
. ARPAnet , r, .
. r
, , .
- .
- - , ARPAnet, , . ,
ARPAnet .
(generic top-level domains gTLDs). 2001
, name, biz, info, pro, , .
,
, - Internet Corporation for Assigned Names and Numbers
(ICANN) - gTLD, aero, coop museum 2000 . ICANN
http://www.icann.org.

, ,
,
. -

41

,
. ( ) .
ISO 3166.1 ISO 3166 .
D
.


.
, ISO 3166,
. ,
, , ,
edu.au com.au. ISO 3166 uk ,
co.uk, , ac.uk .
.
us. us 50 , - ! - . 2
,
. , :
. .


,
, , , .
:
1

. ISO 3166
gb. ( ) uk. .
us : ( ), , . .

42

2. DNS

lithium.cchem.berkeley.edu
, , berkeley.edu ~ . ( , , ,
, ,
edu.) cchem - berkeley.edu, . , lithium
() - , , , , .
winnie.corp.hp.com
, . hp.com, , Hewlett-Packard (,
). , , -. A winnie - ,
.
fernwood.mpk.ca.us

us. ca.us - , , mpk . ,
-, . (, -,
, -.)
daphne.ch.apollo.hp.com
, , , apollo.hp.com - Apollo
Computer, hp.com. ( HP
Apollo, -
Apollo, apollo.com, apollo.hp.com.) ch.apollo.hp.com - Apollo (
), daphne - .

, , ? .
.

.
, ,
,

43

- . , , . , , ,
, .
, . , stanford.edu, ,
(. 2.7.)
, .
, ,
. , Acme (
)
, -
, rockaway.acme.com
kalamazoo.acme.com. , Acme,
acme.com, - .1
, .
, .

. 2.7. stanford.edu

ACME Co. - Bugs Bunny & Roadrunner. acme.com


, , , Unix-. - . .

44

2. DNS

DNS-
, ,
DNS-. DNS-
( )
, . ,
. DNS-
.
, . ,
berkeley.edu hp.com, , , . .
edu (. 2.8) , berkeley.edu,
purdue.edu nwu.edu.
edu. , , edu,
edu : berkeley.edu. berkeley.edu . ,
edu? edu, , edu.
berkeley.edu, ,
(. 2.9). -

. 2.8. edu .

DNS

45

cc, cs, , , . .
,
berkeley.edu. , ,
DNS-.

. 2.9. berkeley.edu

, . ,
, . ,
() ab.ca, . qc.ca, , . ab.ca, . qc.ca . , ab.ca,
. qc.ca. (. 2.10),
, , . ab.ca, . qc.ca .
, - , .
. sk.ca ( ) , . (, .. , , ,
.) , -

46

2. DNS

. 2.10. ...

, b. sk.ca,
(. 2.11).

. 2.11. ...

, , DNS-cep, , : , .1 1

, ,
: !

DNS-

47

, . , .
, . , ,
.



. - . ,
DNS- (
, ).

, , . , DNS-
, DNS-,
.

DNS-
DNS DNS-:
- (primary master) ,
- (secondary master). - -. - DNS-, (master server). - , : -
. , ,
, . , (zone transfer). -
slave (, )1, (
, , Microsoft DNS Manager)
.
1

, , slave,
.
. - . .

48

2. DNS

, -
.
, , slave- . DNS . DNS- .
DNS-, - .
, .
, DNS- - . , ,
, ,
DNS-.
.
DNS-
. , . , DNS
. , . , , ,
, .


, DNS- , , , .
. DNS- . , , .
. ,
, DNS-
.
RR-, . RR-
. BIND -

DNS

49

#include .

DNS
DNS (resolvers) DNS-. , , DNS-.
:
DNS-.
(RR-
).
, .
BIND - , Telnet FTP. -
. , ,
, ,
, , .
, ,
. DNS (stub resolver).
DNS
, (,
, DNS-1).
, ,
BIND.


DNS-
. , DNS-. , , , , .
.
,
, : DNS- ( , ?).
1

, CHIVES ,
TOPS-20, .

50

2. DNS

DNS- , .

DNS-
DNS . ( DNS- , gTLD.) , , ,
DNS-, ,
. DNS-
,
. , , .
, , . DNS (, , ),
.
DNS-. DNS. DNS- .
, (
) , . PSINet, ,
NASA, , .
,
; , , . DNS- ,
.
, . . 2.12
, , .
DNS- girigiri.gbrmpa.gov.au
DNS- . , DNS- , gov.au. DNS- gov.au DNS- gbrmpa.gov.au. , -

51

. 2.12. girigiri.gbrmpa.gov.au

DNS- DNS- gbrmpa.gov.au .

, , , DNS- . ,
,
- , DNS-.
. DNS- - , , ,
.
DNS-
? . ,

52

2. DNS
- ? : .
: (
). DNS-. ,
, - DNS- .
DNS - ( ), , . , , , - DNS- .
.
( )
, , . 1
DNS-, .
DNS-, , , . , , , DNS- ( ),
, , DNS-, . 2
, , .
DNS-, ,
, . - , ,
, . , girigiri.gbrmpa.gov.au, ,
, , , girigiri.gbrmpa.gov.au, , ,
1

DNS- BIND 8 ,
; 11 .
DNS-, ,
, , DNS-. , , (forwarder). 10 .

53

. DNS- gbrmpa.gov.au, gov.au .


, ,
DNS-
.
DNS-
. DNS berkeley.edu waxwing.ce.berkeley.edu, , DNS- ce.berkeley.edu. , ce.berkeley.edu,
, ce.berkeley.edu ( berkeley.edu); , .
DNS, DNS-,
, . waxwing.ce.berkeley.edu

DNS- ce.berkeley.edu berkeley.edu, ,
.
: DNS- ce.berkeley.edu
( ce.berkeley.edu berkeley.edu). , , edu
berkeley.edu waxwing.ce.berkeley.edu.
DNS- berkeley.edu ce.berkeley.edu
.


, DNS-
.
. . , , ( , )
. , DNS-, ,
, . , , , DNS-
.

54

2. DNS

DNS-
( 1), , : ,
, DNS- ? , 13 DNS- .
DNS- ?
?
DNS- BIND , (roundtrip time, RTT),
DNS- . , . ,
, DNS- BIND
. ,
.
,
RTT.
BIND ,
RTT, , , . , DNS- BIND
, .
, , ,
DNS- BIND DNS-, ,
, .


,
, . 2.13.
DNS- DNS-, .
- , ,

. , . 1

, ,
2% IQ. 1946 (Roland Berrill) (Lance Ware), . - . .

55

. 2.13.

DNS- ,
,
RTT DNS-,
, .



, -
. -
, (,
log-). . , Unix-
.rhosts hosts.equiv.
.
.
. DNS . , , , . , - . -

56

2. DNS

, , ,
.
, .
, , ,
. in-addr.arpa.
inaddr.arpa IP- (dotted octet representation - ,
, - 32- IP-
, 0 255 ). , in-addr.arpa 256 , IP-.
256 ,
.
, RR-, ,
IP-. : in-addr.arpa, . 2.14, , IP- .
, , IP- , .
, IP- winnie.corp.hp.com - 15.16.192.152, in-addr.arpa- 152.192.16.15.in-addr.ar, winnie.corp.hp.com.
IP-
, IP- in-addr.arpa. IP- .
IP-, , . , , - . , IP- , -
. . 2.15.
, IP- , inaddr.arpa .
15.in-addr.arpa,
, 15: 15.0.0.0.

57

. 2.14. in-addr.arpa

, . IP- ( ),
15.in-addr.arpa , IP- 15, .

. 2.15.


in-addr.arpa IP . , ,
-, , , , in-addr.arpa, .

58

2. DNS


(inverse queries). -
, .
DNS-,
. , ,
, . .
.

, ,
. , DNS- IP-, , , , , DNS. ,
, .
BIND 4.9.8 , ,
. BIND 8 9
, BIND
.1
, (, nslookup) .


. . , , - .
, DNS- . . , DNS- ,
, - , . , , , . BIND 4.9, BIND 8 9,
:
, ,
1

12
nslookup dig>>.

59

. DNS- , . DNS- , - , . ,
, . DNS- , , ,
DNS-,
, .
, DNS- eecs.berkeley.edu. DNS-
eecs.berkeley.edu berkeley.edu ( IP- eecs.berkeley.edu). DNS- ,
baobab.cs.berkeley.edu,
DNS-. berkeley.edu baobab.cs.berkeley.edu, - , DNS-
berkeley.edu (. 2.16). , DNS-
, eecs.berkeley.edu ,
.

DNS- ,

. 2.16. baobab.cs.berkeley.edu

60

2. DNS

.
.


, DNS- . . . , ,
(time to live, TTL). - ,
DNS- . DNS-. ,
, DNS- .
,
. TTL , , .
, DNS- ,
.
, TTL , ,
. , DNS-
DNS-.
- , , .
, , .

BIND

?
- ? - .
.
- ! - .
: - ...
- , - . -
... ,
.
- , ? - .
- ...
- , - . -
...

, DNS,
. , BIND. ,
Unix.
.
BIND, ,
, ,
. ,
.
. , BIND.

BIND
DNS-
, BIND.
- ,
. , DNS-cep DNS-.

62

3. ?
Unix- BIND TCP/IP-,
, BIND . , , , -
BIND, .
, BIND
Unix-, ,
. ,
. BIND ( BIND 8.2.3
9.1.0) FTP-
Internet Software Consortium ftp.isc.org,
/isc/bind/src/cur/bind-8/bind-src.tar.gz /isc/bind9/9.1.0/bind-9.1.0.tar.gz
. Unix- - .1 ISC
Unix- ,
BIND, src/INSTALL:
Linux, Digital Unix Solaris 2.
Unix- ( Unix)
(- ?), BIND . 2 ,
,
src /INSTALL.
BIND 8.2.3 9.1.0
RedHat Linux 6.2 BIND
Linux-. .
- , ,
BIND, , ,
BIND? , ? :

BIND ,
. BIND 8.2.3 9.1.0
1

BIND 9 ( 9.1.0)
, pthreads,
. BIND 9.1.0
pthreads configure -disable-threads.
, BIND 8.2.3 .

BIND

63

, a BIND 4.9.8 - . BIND ,


. DNS-
, BIND 8.2.3
9.1.0, - BIND 4.9.8
.
,
BIND 8 9 , , .
BIND 4.9
, . DNS-, , - , , .
11 .
DNS UPDATE
BIND 8 9
(Dynamic Update), RFC 2136.

, . BIND 4
.
10
.
DNS NOTIFY
BIND 8 9 , , -
(serial)
. BIND 4 NOTIFY .
NOTIFY 10.

BIND 8.2.3 BIND 9
, DNS- .

, , .

, BIND 8 9, BIND 4.
, -

64

3. ?
BIND. ,
.
BIND 8 9 4 - ;
BIND .
, BIND (4.9.8, 8.1.2, 8.2.3, 9.1.0), BIND. , ,
,
, BIND 9,
.
, BIND 8 9,
, .

Usenet
, BIND Unix-, , BIND (blnd-users@isc.org)
Usenet (comp.protocols.dns.bind).1
BIND 9 , bind9-users@isc.org.2 ,
BIND ,
, BIND.
,
BIND ,
, http://
www.isc.org/ml-archives/bind-users. , ISC, BIND (http://www.isc.org/products /BIND), , ,
1

,
.
, . , . ;
list-request@domain,
list@domain - . , BIND bind users-request@isc.org.
BIND 9 bind9-users.

BIND

65

DNS
BIND. (http://www.dns.net/dnsrd/bind.html).
, , namedroppers. , namedroppers, IETF, DNS,
DNSEXT. , , DNS,
, namedroppers,
BIND. DNSEXT http://www.ietf.org/html.charters/dnsext-charter.html.
namedroppers - namedroppers@ops.ietf.org, comp.proto
cols.dns.std. namedroppers, namedroppers-request@ops.ietf.org,
subscribe namedroppers.

IP-
, ,
FTP-, ,
. DNS:
DNS.
, : ,
, DNS , . .
, DNS.
, IP- ,
IP- ( ,
), , DNS- .
nslookup,

. , , IP- ftp.isc.org, :
% nslookup f t p . i s c . o r g . 207.69.188.185

nslookup
DNS-, , IP-
207.69.188.185, IP- ftp.isc.org.
:
Server: ns1.mindspring.com

66

3. ?
Address:

207.69.188.185

Name:
isrv4.pa.vix.com
Address: 204.152.184.27
Aliases: ftp.isc.org

IP- ftp.isc.org (204.152.184.27)


FTP-.
, IP- 207.69.188.185
DNS-? - Mindspring, .
- DNS- ( ),
. - DNS- ( !),
DNS-, .
, , , . DNS-
, DNS,
DNS- .
,
DNS,
FTP- .
BIND, .


- , , , , . , ,
, - .
- ,
.
: , , .
, ,
( , ),
. DNS, .
, DNS
DNS- ( ftp.isc.org), .

67


, : , . DNS,
.
- ,
( - ),
.
, . , . ( ) ,
.
, - ,
, DNS- , . .
Network Solutions Inc.
com, net, org edu. .

?
, , - , com, net,
org, ,
. . ,
- ,
- , , ,
. ,
.
, , , .
,
D .
, (nz), () (uk), .

68

3. ?

, , , . , ,
(fr) (dk) , ;
- univ-st-etienne.fr,
Unix- - dkuug.dk.
-,
. URL - ,
, http://www.allwhois.com.
- , , nslook
up, . ( , ,
12 nslookup dig.) , ,
nslookup :

69

: DNS-
( ),
DNS- DNS- .
,
,
-

70

3. ?
. , , ,
, .
, , RR- SOA
(start of authority, ). SOA-
, , . 1 ( SOA ,
.) SOA- nslookup.
, csiro,
, SOA-
csiro.au:

mail addr - csiro.au.



, .
@. , hostmaster.csiro.au hostmaster@csiro.au.2
1

,
SOA- , . , SOA-, ,
( ),
, .

DNS, MB MG. MB (mailbox, ) MG (mail group, ) () . MB MG , , , SOA-, , .

71

whois
whois . , whois-cepepo - , DNS-, whois-
. ,
whois-, whois-.
whois http://
www. allwhois.com (. 3.1). , - ;

whois-, HTML-
whois-cepepo.

. 3.1. Allwhois.com

Australia (),
Jump to Whois , csiro.au (. 3.2).
Submit whois
(. 3.3).
WebMagic,
- -
whois. - http://www.webmagic.com/whois/index.html (
- ), , -

3 7

72

. 3.2. - whois

, whois-cepepy.
, ,
.
- , . . , , dh
co.uk org.uk.
.


, . , ?

, ,
, , . ,
us:

-12 ( ).

73

. 3.3. csiro.au, wh.ois-cepee.pa


.
.
, , , , , , acme.boulder.co.us,
us.
us , ,
( );
, , (,
2 DNS). , , , , -

3 7

74

- -,
toms-basement.colorado-springs.co.us.
. us, ,
net org; .
us , , - NIC- ,
http://www.nic.us.
, , com, net org. ,
. .

us
, , us
. ,
, . -, , .
, , ,
-. ( , ,
nslookup DNS.)

, DNS- co.us.
DNS- co.us, venera.isi.edu, ,
(, nslookup):

75

! , - ! la-junta, morrison, littleton, mus, . -, , , boulder.

boulder..us!
whois, boulder..us - ,
,
. , NIC-
us http://www.isi.edu/in-notes/us-domain-delegated.txt. , nslookup
SOA- boulder.co.us , csiro.au. , , SOA-,

76

3. ?

( ),
, , .
nslookup, SOA-
boulder.co.us:

csiro.au, .
mail addr @, . ,

cgarner.westnet.net cgarner@westnet.net.
boulder.co.us, http://
www.nic.us/cgi-bin/template.pl .
,
,
us http://www.nic.us/register/locality.html
http://
www.nic.us/cgi-bin/template.pl.


, ,
,
, , com, net org: , e , .

.
-
, ,

77

-. ,
UUCP-,
.
, us
. - , us - . .
- (The Gizmonic Institute), , gizmonics.com .
, , gizmonics.com:

! , gizmonics.com ( 1
?) . , gizmonic-institute.com , :

, gizmonic-institute.com ,
- .

, gizmonics.com (Joel
Hodgson), ,
3000.

78

3. ?


? ! 1999
com, net, org edu - Network
Solutions Inc.
, Network Solutions.
1999 ICANN, , ( ), com, net org. com, net
org. http://www.internic.net/reglst.html.
, ,

, . ,
, .


, IP- ( , ). DNS-, , (
) in addr.arpa, .
IP- IP-. , 15/8
IP- 15.0.0.0 15.255.255.255.
199.10.25/24 199.10.25.0 199.10.25.255.
InterNIC IP: IP- ,
, , .
InterNIC
-,
,
. ,
, ( ). , , , , ( ) , .
,
.

__

79

CIDR

- -,
, 32-
: ,
. , ( ) IP- ,
, ,
, . ,
, , . ,
- ,

.
, ,
. , , 254 , ,
, 65534 . -
. , .
,
, (Classless Inter-Domain Routing, CIDR, ).
, CIDR , . CIDR
(, ), IP. , , , ,
14 , , 18 ( , ) .
, CIDR ,
. , CIDR-, , ,
, . . 15/8 - ,
00001111.
128.32.0.0
128.32/16. 192.168.0.128/25 128 IP-, 192.168.0.128 192.168.0.255.

80

3. ?

InterNIC
-, , . ? , , . (
?) .
IP- ARIN (American Registry of Internet Numbers), http://www.arin.net. APNIC (Asia Pacific Network Information Center), http://
www.apnic.net. RIPE
(http://www.ripe.net).
; , ARIN . , .

- whois, , . URL whois- :
ARIN
http://www.arin.net/whois/index.html
APNIC
http://whois.apnic.net
RIPE
http://www.ripe.net/cgi-bin/whois
, , in-addr.arpa.
, ( ,
).
, -.
.
, , , ; .



, online-, -. -

81

, , .
, , - DNS-, , , . , ,
DNS-. DNS- . (
, , DNS- .) 4 DNS-,
. , ,
, , ( ).
whois- , .
, ,
.
whois, whois- .
, : . ,
. Network Solutions, com, net org, $35 . ( com, net
org, Network Solutions ,

whois, , .)
,
, in-addr.arpa, IP-,
. ,
192.201.44/24,
44.201.192.in-addr.arpa. ,
IP- .
in-addr.arpa 4.
( )
, -? , , ? ?

82

3. ?

, inaddr.arpa.
, -, , inaddr.arpa.
in-addr.arpa -. - .
-, SOA- in-addr.arpa, . , 153.35/16 UUNET,
SOA- 35.153.in-addr.arpa
.
,
in-addr.arpa . -
.
, , . DNS-, .



BIND

(BIND 4.9.4
)


- DNS
DNS-cepeepa

?

BIND
- , -
, - - .
(,
, .)
- -
, ...

, , , - DNS-.
, .
DNS-. -, ,
( !). , ,
,
.
,
DNS-. - : (, FTP ftp.uu.net), ( ), . , ,
11 .
, ,
, DNS- -

84

4. BIND
. , , , . . DNS-,
, , , , DNS-.


. . IP
. - ,
movie.edu.
.

Ethernet-, .
192.249.249/24 192.253.253/24.
:

: , . - ..
-,
: , ,
. - ..

85

. 4.1.

. 4.1.


DNS- - . DNS-
.
. . , -
.
.
: ,
, db.DOMAIN. movie.edu db.movie.edu. , ,
, dbADDR, ADDR -
. db.192.249.249 db. 192.253.253;

86

4. BIND

. db - (database).
db.DOMAIN dbADDR
. : db.cache
db.127.0.0. . DNS-
, .
, DNS- - BIND 4 /etc/named.boot. BIND 8 9 /etc/named.conf.
DNS, -.
DNS- -
DNS- BIND.


RR-
DNS. DNS ,
, . . , , . , Tootsie.movie.edu, tootsie.movie.edu
, .
RR- . RR-
, , ,
-
. RFC- DNS RR-
. (
), . , :
SOA-

NS-
DNS-


:


PTR

87

CNAME
( )
, -,
....
( , ),
RR-. , .

,
. (;)
. , , , DNS .

TTL
, , BIND . ,
(TTL, time to live) BIND 8.2. TTL
SOA-. BIND 8.2
RFC 2308, SOA- . , DNS-
,
, , ,
.
TTL BIND 8.2 ? - $TTL. $TTL
, ( $TTL)
.
TTL , DNS-
.
, . - . , , , , - DNS-, .
BIND, TTL oe-

88

4. BIND

$TTL. , - ,
:
$TTL 3h

DNS- , BIND 8.2,


$TTL, DNS-
.

SOA-
( - DNS- ,
BIND 8.2) - SOA- (RR-
SOA). SOA- , DNS-
.
DNS- movie.edu SOA-. SOA- db.DOMAIN dbADDR. SOA-.
SOA- db.movie.edu:

movie.edu. .
, , ,
! ( ,
.)
IN Internet. - , . IN.
. , DNS- , ;
.
SOA (terminator.movie.edu.) -
- DNS movie.edu. (al.robocop.movie.edu.) ~
, ;
, .
@. root, postmaster hostmaster
. , . , , . BIND, 4.9,

89

RR-. RP (responsible person, ). RP


7 BIND.
SOA- . SOA- DNS-. , . ,
.
SOA- db. 192.249.249
db.192.253.253. SOA-
movie.edu. in-addr.arpa: 249.249.192.in
addr.arpa. 253. 253.192.in-addr.arpa.

NS-
, , -
NS- (name server, DNS-). NS-
DNS-, .
NS- db.movie.edu:

, DNS- vie.edu. terminator.movie.edu wormhole.movie.edu. , , , wormhole.movie.edu, DNS-,


.
, , . DNS-
8 .
SOA-, NS- db.192.249.249 db.192.253.253.

RR-
RR- db.movie.edu:

90

4. BIND

- .
, RR- , wormhole.movie.edu .
, , -
. , DNS
; ,
wormhole.movie.edu .
DNS- , DNS-
. 10 .
, , . (round
robin) BIND 4.9.
.
CNAME-RR- (canonical names,
).
( - ). CNAME .
CNAME ,
. , DNS- CNAME-, ,
. ,
wh.movie.edu, CNAME-,
wormhole.movie.edu. wormhole.movie.edu
.
,
bigt.movie.edu -

91

RR-. , RR-
(, terminator.movie.edu). , NS-
.
.
, , , wormhole.movie.edu.
ping
. ping wormhole.movie.edu, DNS-
, ping .
?
,
wh249.movie.edu wh253.movie.edu;
.
DNS, (CNAME-) wh249.movie.edu wh253.movie.edu, . . ,
wormhole.movie.edu. . , 192.253.253.1 wormhole.movie.edu, ping wh253.movie.edu,
. wh249.movie.edu.
:
, ()
. CNAME-
, .
wh249.movie.edu wh253.movie.edu. .
wh249.movie.edu, ,
(, .rhosts). , ,
, wormhole.movie.edu.
()
wh249.movie.edu wh253.movie.edu,
: CNAME- ?.
CNAME- ,
IP-.
, , sendmail, . Sendmail ;
, , -

92

4 BIND

, CNAME-. CNAME- , sendmail , ,


sendmail.
sendmail, , .rhosts. ,
CNAME-, ,
, .

IP-, rlogind, , .

PTR-
. db.192.249.249
192.249.249/24.
RR- DNS, PTR- - (pointer records).
. (, DNS - , , . in
addr.arpa.)
PTR-, 192.249.249/24:

, . -,
- . , 192.249.249.1 wormhole.movie.edu, wh249.movie.edu.
PTR-, wormhole.movie.edu wh249.movie.edu, , , . -, , wormhole.movie.edu , . ,
192.249.249/24, wormhole.movie.edu .
192.253.253/24.

93


, RR- , , . ,
.
db.movie.edu:

94

4. BIND

Loopback-
db.ADDR
loopback- ,
. ()
127.0.0/24, () 127.0.0.1. , db. 127.0.0. db.ADDR.
db.127.0.0:

95

DNS- ? . 127.0.0/24, loopback. , .


, DNS- .
127.0.0.1 ,
DNS- , 127.0.0.1 . ,
DNS-.


, DNS- DNS- .
- ftp.rs.internic.net (198.41.0.6). FTP-, med.root domain . (named.root -
, db.cache.
db.cache.)

96

4. BIND

97

. . ,
. named.root.
? , .
BIND ,
, , , , . db.cache bind-users namedroppers. , , ,
.
,
DNS-? , . DNS- . ( ), - .
, (root
hints). , , TTL, .
DNS-, DNS DNS-, . TTL , DNS-cep .
DNS- DNS-
- , , DNS- - DNS-, ? , DNS-, ,
DNS-, .

98

4. BIND
3600000?
.
99999999. , DNS- ,
. 99999999 -
, . DNS-

, TTL .
3600000 , BIND-.

BIND
, , DNS, . BIND
. , DNS.
BIND, RFC- DNS.

4 8. , 8 9. BIND 4,
BIND 8 9.
named1 ,
. BIND 4,
BIND 8 9, med-bootconf,
BIND. BIND 8 src/bin/named-bootconf. BIND 9 - contrib/namedbootconf.
BIND 4, ,
, :
;

BIND 8 9 :
-, ++- :
1

named name-dee (-) name-server


daemon ( DNS-). BIND kind"
().
- bin-dee (-) named ( tamed, ).

BIND

99

BIND 4
BIND 8 9 - , BIND .
, ,
. ,
. BIND 4:

- BIND 8 9:

options, ,
,
directory.
-
, .
BIND 4 - primary ( ),
:

BIND 8 9 zone, (in - ).


master primary BIND 4. :

, RR-,
DNS- , .

100

4. BIND
in zone .
zone BIND 8 9 in , . BIND 4 ,
in.
BIND 4,
:
BIND 8 9 1 :

, ,
(hints) DNS-.
BIND 4 /etc/named.boot,
. BIND 8 9 /etc/named.conf
/etc/named.boot. /var/named.
- .
, ,
, , ,
DNS-. /etc/
named.boot BIND 4:

/etc/named.conf BIND 8 9:

, BIND 9 , zone
named.conf. ,
.
;

101

, ,
- DNS. ,
, .
, , , . , BIND, .


primary (BIND 4) zone (BIND 8
9) .
.
(origin) . ,
, , .
, robocop.movie.edu db.movie.edu
:

102

4. BIND

db.192.24.249 :

249.249.192.in-addr.arpa , :

, ,
. , . :

robocop.movie.edu.movie.edu, .

@
,
@. SOA- . :


RR- ( ) , . . :

wormhole. ;
, RR-
.

103


, ,
, .
db.movie.edu:

db. 192.249.249:

104

4 BIND

db.192.253.253:

(BIND 4.9.4 )

105

db. 127.0.0:

, db.movie.edu movie.edu SOA NS :

,
. db.movie.edu , SOA NS

(BIND 4.9.4
)
DNS- ,
4.9.4, 9 9.1.01, .
DNS- 4.9.4 , . 4.9.4,
BIND RFC 952.
.
1

BIND 9 9.1.0. ,
BIND 9,
.

106

4 BIND

, , , . , RR- . :

() - ( 5 DNS ).
SOA
NS. CNAME- , , .
.
.
:

, , ASCII-.
RR-
( SOA-), ,
, , . , :

key_grip@movie.edu
SOA-, . , @ .,
:

(BIND 4.9.4 )

107


, BIND ,
, , .
(
?),
. BIND 4
:

BIND 8 BIND 9:

log- syslog, , . BIND 4 :

BIND 8 BIND 9:

,
( ), secondary primary:
check-names secondary ignore
BIND 8 9, slave secondary:

, , :

BIND 8:

108

4. BIND
BIND 4.9.4:

BIND 8:

BIND 8 ,
, options:

options (check-names master fail), -


(check-names fail). , zone (,
).

, -? , Perl: h2n. h2n


. ,
h2n . , , -.
/etc/hosts h2n .
h2n, , /etc/hosts, '.
, :
i

- DNS

109

( BIND 8 9 -v 8 .)
-d -
. , . -s DNS- , NS-. - (user, ) SOA-.
h2n 7,
, DNS .

- DNS
, , DNS. . DNS-,
, syslog. DNS-
, log- syslog. , DNS- .

DNS-
,
DNS- BIND nslookup.
named , , , .
BSD DNS-
/etc, /usr/sbin. named /usr/etc/in.named /usr/sbin/in.named. , /usr/sbin.
, (root). , root.
DNS- ,
. , .
DNS-.
terminator.movie.edu:

, /etc/
named.boot (BIND 4) /etc/named.conf (BIND 8 9). -

110

4. BIND

,
DNS- - , -:

log- syslog
, DNS-, -
log- syslog . ,
syslog,
syslog.conf syslog
syslogd ( syslog). log daemon () named. , syslog, , daemon
/etc/syslog.conf:

syslog- DNS- log-,


/var/adm/messages, syslog
, LOG_NOTICE
. LOG_INFO - .
, , 7, syslog .
DNS- log- :

,
, . ( restarted () starting,
. BIND 4.9.3.)

. , :

syslog-:

- DNS

111

, zone /etc/named.conf:

BIND 4.9.4 , , RFC 952, log syslog :

, ,
syslog, ,
. ,
; ,
.
DNS
RR-, - RR. , , ndc :

1
. ndc DNS-
7.

nslookup
,

.
nslookup. nslookup
( 12, nslookup dig),
, DNS-.
1

BIND 9 rndc,
. 7. A ndc .

112

4. BIND


nslookup,
.
carrie carrie.movie.edu - movie.edu .
: hostname(l) /etc/resolv.conf. , /etc/resolv.conf. . , hostname( 1).
/etc/resolv.conf ,
( movie.edu ):

hostname( 1) . terminator hostname( 1) terminator.vie.edu. .


nslookup RR- , DNS-. ()
, DNS-, resolv.conf. ( DNS- solv.conf, DNS- DNS-.)
nslookup, nslookup - .

.
nslookup carrie:

,
DNS- , , :

- DNS

113

, carrie (
),
(hostname(l)), DNS ( syslog).


nslookup ,
PTR- . nslookup
carrie:

, DNS-
in-addr.arpa ( ).
, ,
, .


- DNS-
, ftp.uu.net,
,
. ,
. nslookup DNS, ,
.

, ,
DNS- DNS- , , .
( syslog log-), , DNS- .
.
, ! - DNS -

114

4. BIND

.
DNS-.


, . ,
.
, DNS-
DNS-. DNS- ,
.
DNS nslookup,
, DNS-
. , - , , nslookup . DNS- gatekeeper.dec.com
carrie.movie.edu:

,
DNS- - , , ,
DNS- . ,
, . , FTP
, FTP- ,
. . , , ,
, ,
. , .


, DNS- ,

DNS-

115

. , , DNS . , , /etc/named.conf /etc/named.boot. : 1

, System V:
,
, ,
, ifconfig:

, DNS- ,
, (routed gated), ,
DNS-, /etc/hosts.
,
. (hostname(1)) .
, :

DNS-
DNS-. ( )
DNS- . DNS- - , , ,
,
. DNS- 1

Linux : grep named /etc/red/*/S*. . . .

116

4. BIND


. DNS-,
. DNS-. ,
, , , .
DNS- , ? named.conf - . NS- . ( , DNS : , DNS- .)
DNS- ? , .
DNS- .
, DNS-.
.
DNS- DNS-, .
DNS-
,
, -
. DNS-; DNS-
. , , . -
SOA-, .
(BIND 8 9 , .)
DNS- :
db.cache db. 127.0.0 , , .
, DNS-
0.0.127.in-a.ddr.arpa. ,
0.0.127.in-addr.arpa,
, .

DNS-, , ( , /var/named)
/etc/named.conf, db.cache db. 127.0.0:

DNS-

117

/etc/named.conf DNS-. BIND 4,


primary secondary;
0.0.127.in-addr.arpa.
IP- - DNS, . , BIND 4 :

BIND 8 9 :

master slave
masters IP- :

DNS-,
movie.edu , DNS- IP- 192.249.249.3. DNS
bak.movie.edu.
DNS-
wormhole.movie.edu. terminator.movie.edu ( ) :

/etc/named.conf, db.cache db.127.0.0


wormhole.movie.edu

118

4. BIND

. BIND 4
wormhole.movie.edu :

BIND 8 9 :

DNS-, wormhole.movie.edu, movie.edu, 249.249.192.in-addr.arpa 253.253.192.inaddr.arpa , DNS-


192.249.249.3 (terminator.movie.edu). ,
/var/named. , -
. (bak), . , ,

DNS-

119

, .
.
DNS-.
log- syslog, ,
. -, :

, DNS-, . ,
. ,
wormhole.movie.edu, var/named bak.movie.edu, bak.192.249.249 bak.192.253.253.
, .
DNS-, ,
.
nslookup , DNS-,
. DNS- ,
, DNS-
, hostname(1) .


DNS- . , DNS- ,
- DNS ,
.
,
.
? , DNS-- .
,
DNS- , . , ,
.
DNS- , .
,
secondary ( BIND 4).

120

4. BIND

BIND 8 9 file.
DNS- , . - ,
, ,
.

SOA
SOA-?

, .
. , .
,
1997102301. MMNN, - , , - , NN - . ,

. : , .
DNS- , . DNS- ,
, ,
. . , . ,
- .
7.
, :
(refresh)
DNS-, . ,

DNS-

121

, ,
SOA- .
, , . , ,
. , DNS, .
, DNS- ( DNS-), , , 24 .
(retry)
(, ,
), , . , , .
(expire)
DNS- ,
. , , , . , , , . - ,
( ) ,
. , ; ,
.
TTL
TTL - (time to live).
DNS-,
.
BIND , 8.2,
SOA- - (
) .

, ,
, SOA-. - BIND , , - . ( , -

122

4. BIND

, , 608400
.) , ,
(BIND 4.8.3), , SOA-, TTL, . ,
3h, 180
2h60m. d, - w.
SOA- .
,
DNS- , .
, ,
. RFC 1537
DNS- :

, .
BIND, 4.8.3, . BIND
. , , , DNS-
, . BIND
, 15- , .
, , DNS- ...
BIND 8 9 !
, BIND 8 9 . - BIND
8 9, - DNS
.

. 10.

-
DNS- ? : IP-
-. BIND 4 IP-, . -

123

BIND 8 9
IP-, :

- ,
. BIND 8.1.2 DNS-
-, . DNS- . BIND 8.2, - DNS
, . , ( ) .

IP- , - DNS , . , , ,
, IP- , DNS- , - . ,
- DNS ,
DNS- - DNS.


, DNS-,
. ?
. , , - primary
secondary (BIND 4), zone (BIND 8 9) .
secondary
- DNS, a primary - DNS. (, , DNS- 0.0.127.in-addr.arpa.)
, . DNS- DNS DNS-.
- - . . DNS- , . , DNS-
, , .

124

4. BIND

?
,
/etc/hosts
DNS-, DNS-. ,
- : DNS-. , DNS-.
.

-
-,
?
-

5
^
* ^^

^*^^

DNS
,
. :
- ?
?
:
- ?
,
,
, .

, ,
. , ,
: DNS .
, ,
.
DNS . ,
HOSTS.TXT (
, /etc/hosts), IP- .
.
DNS , , , . ,
, , , .
, DNS
. -
-

126

5. DNS

.
,
- . ,

. , , .
,
.

-

DNS RR-: -.
- : MD- (mail destination) MF- (mail forwarder). MD , , ; MF- , , .
DNS ARPAnet ,
.
MD-, MF- , ,
- .
- ( MD MF) DNS- .
(
),
. , , , .

- MX. -
.
- ,
TTL.
- (mail exchanger)
; , , (, ).

127

,
, .400 Microsoft Exchange.
,
STMP (Simple Mail
Transfer Protocol, - ).

.
, MX, ,
: (preference value). ( 0 65535), . , -:

relay.hp.com
peets.mpk.ca.us 10.
,
. , , : ?

, ,
. ,
. ,
, 0.
( ), . ,

. , -

128

5. DNS

.1 , ,
.
, , - oreilly.com:

- oreilly.com :
1. ora.oreilly.com
2. ruby.oreilly.com opal.oreilly.com,
3. 10 (, 2)
, oreilly.com . ora.oreilly.com ruby.oreilly.com opal.oreilly.com.
, oreilly.com - ; O'Reilly & Associates.
O'Reilly & Associates , . e-mail , oreilly.com,
- ruby.oreilly.com amber.oreilly.com - .
, ora.oreilly.com
, . ora.oreilly.com
(aliases),
.
, -
, -? ? , sendmail
. sendmail : -, -, 1

(Version 8) sendmail .

-, ?

129

. 8 sendma.il, ,
-. , , ,
.
, , - . sendmail
- . , DNS- - - , sendmail -.
, DNS- . -
, , , , sendmail
, DNS- - .

-, ?
, ,
, . . , - . , ,
, ,
, .
, -, .
, , - , - -, - .
( ,
, . .) ? :

- - , (

130

5. DNS

), (), ( ). ,
, (
) - .
: -, , - , . , - , -.
, -, -.
, ?
:

-, -,
. (, ,
.)
, .

? , ,
.

, ,
. , - . , !
.


, ,
, .
. , , -

131

.
, .

-
- ,
- , . , , ,
.1
, ,
. ,
nuts@oreilly.com ,
. , ora.oreilly.com
. ! - oreilly.com?


ruby.oreilly.com, . ruby.oreilly.com ora.reilly.com,
, , . ? ruby.oreilly.com , opal.oreilly.com, ruby.oreilly.com. ,
. ruby.oreilly.com ,
. ruby.oreilly.com
opal.oreilly.com, opal.oreilly.com
ruby.oreilly.com, ,
.
, -
, . -
, . , -, -
1

RFC 974,
.

132

5. DNS

(
). , , .
. ,
- ( ), , . ,
- ( ).
- , .
, -, ,
, (
). - - . -
. ,
,
.
:

-. (
CNAME-) . ,
-, ; .
, , :

I refuse to talk to myself ( )


sendmail. :
-.
: ,
, .
, .
oreilly.com. ruby.oreilly.com , -:

MX-

133

, ruby.oreilly.com 10 ( ):

ora.oreilly.com , ruby.oreilly.com , .
, ,
(
-) -
? IP-
.
. , DNS , ( ) ,
. , -, .
, , acme.com,
-, , acme.com, -:

, ,
. mail.isp.net ,
acme.com , ,
,
, 1
. - acme.com 1

, . mail.isp.net
. .

134

5. DNS

, , :

sendmail w w .
sendmail.cf, :

(, UUCP) , , , .
, , ,
, 10. , - ,
, . 1 100.

DNS-


, ,
:
, . ,
.

, DNS- ,
, . , DNS- . , hosts.equiv
.rhosts , DNS; ,
. DNS.
,
Unix, Microsoft Windows 95, Windows NT Windows 2000, .

DNS-
DNS- 2 DNS,
.
DNS- .
DNS-,
. DNS- 4
BIND, . DNS-
- , .

136

, :
DNS BIND 8.2.3 .
;
, DNS,
, . ,
,
BIND 8.2.3 , 4.8.3 4.9,
.
.
DNS-? : , () , () . Unix- ,
DNS.
, , ,
Sun (NIS), .1
DNS- /etc/resolv.conf ( - /usr/etc/resolv.conf ,
- (resolver), ,
4 5). , resolv.conf: domain, search, nameserver, sortlist
options. DNS-.
Unix ,
.


- , DNS-. , . , terminator.movie.edu, ,
movie.edu .
,
. , :

NIS Yellow Pages ( ) YP,


, ,
Yellow Pages .

DNS-

137

.rhosts relay . , bernie


, relay. , hosts.equiv hosts.lpd, .

; , .. ,
. ,
(hostname) asylum.sf.ca.us
sf.ca.us, dogbert - , ,
, , , . 1
domain resolv.conf. domain
, .
domain , , . domain ,
.
. . :

BIND ( , BIND 4.8.3)


,
,
, , , . - LOCALDOMAIN.
LOCALDOMAIN , . , ,
. , . LOCALDOMAIN
.
1

, , , c.

138

6.
?
,
- , . ,
, ,
ruserok() , hosts.equiv ,
hostname.
, (hostnames),
domain. hostname -
, DNS- resolv.conf. LOCALDOMAIN
.


-
resolv.conf - .
, .
, (, )
.
Unix, (, telnet, ftp, rlogin, rsh), .
BIND 4.8.3 BIND 4.9
, . ,
4.8.3, , BIND
1
8.2.3 , , 4.9.
BIND, ,
, .2 ,
:
1

ISC BIND 8, ,
BIND 4.9.
, . , Unix,
, .
, .

DNS-

139

, .
Unix MS-DOS.
,
, ( ).

BIND 4.8.3
BIND 4.8.3
, . ,
4.8.3 :

, -, cv.hp.com , -, hp.com - . , . 1
, ,
. :

pronto.cv.hp.com.cv.hp.com pronto.cv.hp.com.hp.com,
pronto.cv.hp.com. :

,
asap.cv.hp.com asap.hp.com, asap, (asap)
.
, , ,
. asap
hp.com, asap.cv.hp.com .
1

, BIND
, ,
- , , -
. ,
edu foo . , foo.com foo.edu
, .

140

6.

BIND 4.9
BIND 4.9 .
:

cv.hp.com. , - ,
. -
, .
, .
, - ( ,
), ,
, .
?
DNS , , , . ,
.
4.9
:

pronto.cv.hp.com ( ). ,
pronto.cv.hp.com.cv.hp.com. :

,
asap.cv.hp.com, ,
asap.

search
, ?
BIND 4.8.3 , . search.

DNS-

141

search
domain, ,
. search
, .

.1
, search domain .
resolv.conf, , .
, :


corp.hp.com, paloalto.hp.com, hp.com.
,
corp.hp.com paloalto.hp.com.
, BIND 4.8.3, :

.
( 4.9
, .) , ,
DNS- (
DNS-).
domain
4.9 , , ,
, , .
search
, . , BIND 4.9, 8
9 domain nsr.hp.com search nsr.hp.com
hp.com .

DNS- BIND 9 .

142

nameserver
4 DNS-:
- DNS-. ,
DNS, DNS- ? ,
DNS- (, )?
DNS- ?
, . DNS-, ,
nslookup terminator.movie.edu wormhole.movie.edu DNS-.
.
nameserver (-, ) IP- , . ,
:

DNS-, IP- 15.32.17.2, DNS- . , , DNS, nameserver


DNS-. ,
,
DNS-.
, BIND 4.9, DNS- ,
, DNS-. , DNS- - , ,
, .
, , DNS-, IP- , . , 0.0.0.0, TCP/IP
. , IP- . ,
, loopback- - 127.0.0.1.

DNS-

143

DNS-, , ? ? ?
(- ) DNS- nameserver. DNS- , , . , :

DNS-
15.32.17.2, - DNS-
15.32.17.4. , DNS DNS-.
nameserver
loopback-! TCP/IP, , ,
BIND , DNS- . , DNS- ,
DNS 127.0.0.1. DNS- ,
.

DNS-
DNS-1 .
,
DNS-, . , , DNS- ; , ,
. ,
:
ICMP- (port unreachable), , DNS- DNS-
1

, nameserver re.solv.conf,
nameserver - .

144

.
ICMP- (host unreachable) (network unreachable),
, IP
, . DNS-, , , , . DNS ,
,
DNS- .1
( 2 ),
. , ,
. ,
/etc/hosts.

DNS-
DNS- , . : DNS- , ,
DNS-.
, DNS- . , ; , , (unconnected),
DNS-, ICMP- .
DNS-
, ,
.
DNS-, rsolv.conf. - 10 ,
1

DNS : -
,
, . - ,
. , , .
BIND 8.2.1 .

DNS-

145

DNS- .
. (
),
DNS- .
BIND 8.2.1 ISC DNS- ,
,
DNS-, resolv.conf.
,
DNS- .
, , . 6.1,
,
DNS-.
6.1. BIND 4.9 8.2

BIND 8.2 . 6.2.


6.2. BIND 8.2.1

, DNS-,
.
,
,
. DNS-, (10
- ) .

146

6.

? , . , , . ,
DNS-
, , .
, ? . :

, 75 , .

sortlist
sortlist BIND 4.9
,
, .

.
NFS-; : Ethernet- 128.32.1/24; FDDI, 128.32.42/24. DNS-
, , IP- NFS-
(, ). ,
FDDI, resolv.conf sortlist,
128.32.42/24 ,
, :

. ,
:
, 128.32/16. (
IP-.)
, ( ) ,
:

DNS-

147

DNS-
sortlist,
.

options
options BIND 4.9, DNS-. RESDEBUG. :

RESDEBUG,
, ,
DEBUG. (He ,
,
.) ,
, , , .
- ndots, -,
.
, , ndots:1.
, .
, , ,
. ,
mit.edu, :

mit.edu prep.ai.mit.edu,
ndots , DNS-
ai. :

BIND 8.2 : attempts, timeout, rotate no-check-names, attempts , DNS-cep, resolv.conf, . , - - DNS-,
, 8.2.1:

148

6.

- .
timeout . - . ,
:
- 30 .
DNS-, resolv.conf.
rotate DNS-,
resolv.conf, .
DNS- ,
. DNS-
,
DNS- .
:

DNS . , - DNS-, . .
,
, , .
, ping,
ping
, , resolv.conf, ,
. ping
, DNS- . , ,
sendmail, .
.
, DNS- sendmail , .
, , no-check-names
, .1
, , 1

DNS-, ,
BIND 4.9.4.

DNS-

149

: ,
. , ,
.
, resolv.conf :

BIND 4.9 ( , )
resolv.conf.
, ,
.

4.9
BIND 4.9,
.
, .
,
Unix- , . ,
.
,
( , 4.8.3), search ,
, :
resolv.conf domain search,
domain search. domain, search,
. domain, search
.

DNS-
, resolv.conf, . DNS-, DNS- .

150


, movie.edu, , DNS-. , , , - movie.edu.
Pixar - , , , pixar.com . search:

movie.edu pixar.com
, movie.edu.
192.249.249/24,
DNS- - wormhole.movie.edu (192.249.249.1) terminator.,vie.edu (192.249.249.3). DNS-. ( DNS , , - DNS- .)
, ,
wormhole.movie.edu . nameserver resolv.conf:

, ,
, terminator.movie.edu (192.249.249.3) DNS-.
, - wormhole.movie.edu, -
(, terminator.movie.edu ).
, resolv.conf :

DNS-
,
postmanrings2x.movie.edu, , postmanrings2x.movie.edu movie.edu. DNS- ,
, , DNS- .

151

DNS- - : resolv.conf
DNS-cep. (hostname)
, .
, DNS-cep, resolv.conf . , ,
DNS-. DNS BIND , , , .
, , DNS- .
DNS-,
DNS- resolv.conf (IP-
0.0.0.0 - ),
. , loopback-, , TCP/IP- , .
, , , postmanrings2x.movie.edu 192.249.249/24, terminator.movie.edu wormhole.movie.edu - DNS- ( ).
, ,
DNS-.
, DNS, . ,
, resolv.conf:


, DNS, ,
. ?
?

152

, .
, DNS. .


, telnet, ftp, rlogin rsh ,
. , movie.edu (
movie.edu , movie.edu), :

:
.
. , : DNS- IP- , Telnet, FTP
- ,
, -
, , :

, sortlist resolv.conf .
NFS. mount , /etc/fstab ( - /etc/checklist).
, /etc/exports /etc/netgroup, , /etc/exports ,
NFS- NFS-.
netgroup , exports .

153

, NFS DNS
exports netgroup - NFS
RPC (Remote Procedure Call). ,
, ,
Sun RPC (hostname). , , -, .


, ( ,
sendmail), , , sendmail , .
DNS-, sendmail , , , .
sendmail
ANY, , sendmail , DNS: ,
, , . DNS-, , CNAME- (), sendmail , ,
( ,
).
DNS- , sendmail
, , . DNS-
, -, :

, sendmail , -, .

, sendmail ,
, .
, . , ,
1
-.

-, , 16 .

154

6.
SMTP- sendmail
-
SMTP.1
, sendmail $w
hostname sendmail. , , sendmail
,
resolv.conf. sendmail $w $w, , $=w,
.
, $=w
sendmail .
sendmail ,
, , .
sendmail ,
( w
w, 5 DNS ), , , .
$=w, ,
- sendmail
, $=w. ,
- , ,
$=w, ,
. .
sendmail: DNS- sendmail ( 8),
I sendmail.cf. I sendmail
-. /etc/hosts .
, , - ,
. DNS, , , , .
I sendmail
, .
1

sendmail :
- CNAME- .
CNAME CNAME-.
, .

155

I O1 sendmail.cf.

.rhosts, hosts.equiv
DNS ,
. , , .
, lpd.allow wormhole.movie.edu
:

mash twins comedy.movie.edu, lpd; lpd.allow


mash.movie.edu twins.movie.edu. , lpd:

, :

- , , .
Perl,
:

156

6.


.rhosts,
hosts.equiv sendmail.cf DNS,
, . ,
DNS.

DNS - , . , , telnet doofy rlogin doofy
, . doofy - doofy.maroon.com. , , .
, BIND .
HOSTALIASES ,
. ,
doofy, HOSTALIASES
/etc/host .aliases ( ),
:

:
, , .
, .
, telnet doofy rlogin doofy, DNS- doofy - doofy.maroon.com DNS-. :

/etc/hosts,
HOSTALIASES .
/etc/hosts.

157

, , , ,
telnet .
, , HOSTALIASES. , ,
.
HOSTALIASES .


, Unix - ,
Unix,
. DNS- , Unix.
, .

DNS- .

SunOS 4.x Sun


, SunOS,
. , DNS-
SunOS BIND, Unix-. ,
, DNS- SunOS Sun (Network Information Service, NIS, Yellow Pages).
, NIS . /etc/hosts, /etc/services, /etc/passwd . Sun
DNS , NIS; ,
NIS ( IP-) NIS
(hosts), DNS.
, DNS-
ypserv, NIS-. , ypserv, ! ( , Solaris 2 ypserv.) ypserv
,
DNS- NIS,

158

NIS. 1 NIS NIS- , NIS, , DNS.


SunOS 4.x (Solaris 1), : (1) DNS NIS, (2) NIS hosts
(3) DNS; . , , , Sun .
Solaris 2, -
DNS- , nsswitch.conf, , DNS.


, ,
BIND 4. libc.so,
, NIS, DNS-. Sun
, .
, , SunOS 4.x,
BIND 4.8.I.
BIND 4 SunOS 4.x - shres/
sunos ( INSTALL). BIND 8, ( BIND 8.2.2 ).
BIND -
FTP- ftp.isc.org,
/isc/bind/src.
SunOS 4.x , BIND 4.9.7, ftp.isc.org/isc/bind/src/
4.9.7/bind-4.9.7-REL.tar.gz.
, resolv+, BIND 4.8.3.
resolv+ 4.8.3 SunOS.
1

DNS- , sendma.il.mx, - sendmail Sun.

159

(Bill Wisner), , NIS DNS ( ,


Unix- ). libc.so ftp.uu.net, /networking/ip/dns/resolv+2.1.1.tar.Z.
resolv+
, , Linux.

DNS NIS
, NIS
DNS . , . NIS
,
(Hal Stern) NFS NIS (Managing NFS
and NIS, O'Reilly). , SunOS , 4.1. SunOS,
ftp.uu.net .
-, Makefile, NIS - ,
.
NIS, .
SunOS NIS /var/yp/Makefile. , , :
, . :

NIS:

hosts (magic cookie),


NIS DNS ,
hosts.
ypserv hosts NIS , ,

160

DNS-. , ypserv DNS-, NIS (domainname) domain resolv.conf.


, , resolv.conf. DNS- SunOS :

{hostname) , .

search resolv.conf,
SunOS 4.x BIND 4.8.I.
.

NIS (domainname)
( NIS, NIS),
DNS. BIND; , domainname
fx.movie.edu, movie.edu.
fx.movie.edu?
NIS , fx.movie.edu - hosts
fx.movie.edu.


NIS {domainname), (+)
domainname.
fx.movie.edu, domainname +fx.movie.edu
.fx.movie.edu.
NIS, domain resolv.conf. fx.movie.edu
, domain
fx.movie.edu resolv.conf.

, domain resolv.conf DNS,


NIS (domainname).
NIS (domainname)-He , DNS. ,
NIS- it.dept.movieu, . DNS-,
dept.movieu, NIS - domain movie.edu resolv.conf.

, resolv.conf Sun nameserver


, BIND. , -

161

NIS DNS,
rsolv.conf .

NIS
Sun,
NIS, :
NIS hosts. resolv.conf, NIS, , hosts. hosts
/etc/hosts
NIS, NIS, /etc/hosts :

, NIS, , .
NIS , , hosts /etc/hosts. -
hosts NIS (Makefile). Makefile, :
.

Solaris 2.x Sun


Solaris 2 2.5.1 BIND 4.8.3.
Solaris 2.6, 7 8 BIND 4.9.4-P1.
, Sun RFC 1535 - ,
2.6
, ,
. - Solaris 2.5 2.5.1
1
BIND 4.9.3.
DNS- Solaris 2.x ,
,
1

http: / / sunsolve.sun.com/pub-cgi/show.pl? target=patches/patch-access.

162


, DNS, NIS, NIS+ /etc/hosts.
nsswitch.conf, /etc.
, nsswitch.conf ,
.
, , . DNS- hosts. hosts : dns, nis, nisplus files (, , /etc/hosts).
, , . , :

DNS (
DNS-), /etc/hosts.
,
( , ,
DNS /etc/hosts). , . :
UNAVAIL
( DNS - rsolv.conf DNS- ).
NOTFOUND
, (
DNS - , ).
TRYAGAIN
, ( ,
).
SUCCESS
.
: continue
( )
return (). SUCCESS return, - continue.
,
NXDOMAIN ( ),
/etc/hosts DNS:

163

, nsswitch.conf
Solaris , Sunlnstall.
, nsswitch.conf dns. - .?

nscd
Solaris 2.x nscd.
nscd passwd, group hosts. nscd DNS-, , ,
passwd group. Sun nscd .
, nscd DNS, nscd. , nscd round robin (nscd
).
nscd
- /etc/nscd.conf. nscd.conf. :
enable-cache hosts (yes | no)

positive-time-to-live hosts value
(, ),
negative-time-to-live hosts value
(, NXDOMAIN),
nscd DNS, :
hosts.

HP-UX HP
HP - BIND.
HP-UX 8.0 10.00 BIND 4.8.3, domain, nameserver search. , DNS, NIS , . DNS, ( , resolv.conf -

164

6.

DNS-). DNS, NIS,


NIS. DNS, NIS, .
,
( DNS- - resolv.conf - DNS-).
, , , , .
DNS, NIS , , ,
.
HP-UX 10.10 11.00
BIND 4.9.x.
, BIND 4.9.x, options ndots.
HP-UX 10.x , DNS-
BIND 4.9.7. , HP-UX, http://ussupport.external.hp.com, . .
HP-UX 11.10 BIND 8.I.2.
BIND 8.1.2 ,
BIND 4.9.x: .
HP-UX 10.00 nsswitch.conf Solaris-; nsswitch.conf ,
1
. , Solaris.
hosts HP-UX:

nsswitch.conf,
BIND 4.9.7, HP-UX
9.0. - HP-UX. :
, libc.so,
HP-UX.
1

HP-UX 10.10 nsswitch.conf


hosts. 10.10 services, networks,
protocols, rpc netgroup.

165

mount, .
nslookup.
ifconfig route.
HP Visual User Environment (VUE,
) Common Desktop Environment (CDE,
), .

AIXOTIBM
AIX, 4.3
4.2.1, .
BIND 4.9.x, domain, search, nameserver, options sortlist; AIX nameserver. AIX 4 4.1 DNS-, BIND 4.8.3, , AIX 4.2.1, options sortlist.
AIX BSD- , AIX
resolv.conf DNS-. resolv.conf , DNS-
/etc/hosts. , DNS-,
/etc/resolv.conf ,
.

AIX 4.3
AIX 4.3 - RES_TIMEOUT
RES_RETRY,
(- options timeout)
(- options attempts). ,
:

AIX 4.3 , irs.conf Solaris- - nsswitch.conf. . ,


nsswitch.conf, hosts. (dns, nis local files), AIX continue ,
.
,

166

( [NOTFOUND=return]),
=auth . DNS, /etc/hosts , DNS , irs.conf:

, NSORDER. NSORDER
, irs.conf, ,
:

irs.conf,
=auth:

AIX 4.2.1
AIX 4.2.1 ,
. AIX 4.2.1 /etc/netsvc.conf. hosts,
, ,
DNS bind, /etc/hosts local. :

AIX /etc/hosts, NIS (hosts),


DNS. AIX4.3,
, netsvc.conf, NSORDER.
,
AIX - System Management Interface Tool (SMIT).

Tru64 Unix Digital Unix Compaq


, Tru64 Unix 5.0,
BIND 8.I.2. , Digital Unix 4.0, BIND 4.9.x. ,
,

167

, BIND 8.2, options timeout.


Tru64 Unix 5.0 ,
,
. ,
, allow_special. , :

all
, .
Unix Compaq NIS, DNS .
svc.conf ( svc.conf(4) ).1 svc.conf
, , ( IP- ), , .
svc.conf hosts. , , ,
. , . hosts
local (/etc/hosts), yp (Yellow Pages,
NIS) bind (DNS). local
hosts.
. ,
/etc
/hosts , , . , ,
IP-, , , , . ,
, ,
, named
.
Unix- Compaq ,
svcsetup (
1

Ultrix svc.conf.

168

svcsetup(8)). svc.conf
, . svcsetup, ,
, svcsetup
, .

IRIX Silicon Graphics


IRIX 6.5 DNS-,
BIND 4.9.x. domain, search, nameserver, options sortlist. IRIX, 6.4,
DNS- BIND 4.9.x, -
BIND 4.8.3. IRIX
5.3, DNS- BIND 4.9.7.
http://support.sgi.com/colls/'patches /tools /browse.
IRIX 6.x resolv.conf /usr/etc,
, /etc. (
,
IRIX, /usr/etc/
resolv.conf /etc/resolv.conf.)
IRIX 6.5 , Solaris 2.x HP-UX, nsswitch.conf. nsswitch.conf
IRIX Solaris, r ( ) . hosts:

IRIX, nsd, nsswitch.conf. nscd Sun, nsd , , ,


DNS NIS. nsd nsswitch.conf
, Solaris
HP-UX. , .
, nsd DNS :

negative_timeout. nsd(lm).
IRIX ( 6.4) hostresorder nsswitch.conf. nsswitch.conf, -

169

hostresorder ,
NIS, DNS .

HOSTRESORDER. DNS- IRIX 6.5 hostresorder.
hostresorder nis, bind local
( ).
. , , (,
DNS- , ), (, DNS-). , , , . ,
.

Linux
Linux . : Linux
Unix , Unix-. , Red Hat Linux 7.0,
Linux, DNS-
BIND 8.2.2-5. , - BIND
4.9.x. nsswitch.conf.
Linux resolv+, , , BIND 4.8.3. , resolv.conf 4.8.3
(domain, search nameserver, options sortlist),
.
resolv+, ,
4.8.3. -
DNS, NIS /etc/hosts (
nsswitch.conf), DNS ,
.
/etc/host.conf. , host.conf:

170

6.

order
; : bind, hosts nis,
. .
nospoof
on off. nospoof (PTR), DNS-,
()
, . ,
, , , PTR- .
reorder
on off.
reorder
, , ,
, ,
.

Windows 95
Windows 95 TCP/IP DNS.
, Windows 95 TCP/IP-: TCP/IP , - TCP/IP . Windows 95, ,
. DNS, Control Panel, Network, TCP/IP protocol. , , . 6.1. DNS Configuration.
: DNS Enable DNS, ( , )
Host ( )
Domain. DNS Server Search Order
DNS-, . , Domain Suffix Search Order . Domain Suffix Search Order , Windows 95
,
BIND 4.8.3.
Windows 95:
- DNS-

171

. 6.1. Windows 95

( , DUN).
, , My Computer, ,
Dial-up Networking;
, , Properties. Server Types TCP/IP Settings.
, . 6.2.
Server assigned name server addresses, DNS-,
, , .
Specify name server addresses
DNS-, Windows 95 .
, - DNS-. DNS- TCP/IP Properties
, DNS- .

, TCP/IP Properties ,
DNS . /1--

172

6.

. 6.2. Windows 95
Windows 95, DUN 1.3 .
Q191494 Microsoft.1

Windows 98
Windows 98 Windows 95. (
,
.)
2
, Windows 98 Winsock 2.0.
Winsock 2.0, ,
. DNS- , , ( ) , .
Q182644 Microsoft.
1

Microsoft
http://search.support.microsoft.com/kb:
Specific article ID number (
) .
Winsock Windows 95 2.0; .
Q182108 Microsoft.

173

Windows 98 DNS .
, TCP/IP Properties, , , - , ,
. , .

Windows NT 4.0
Windows NT
,
Windows 95, NT 4.0 Windows 95. , Edit , DNS-
, ,
. 6.3.

. 6.3. Windows NT

174

DNS Configuration,
Control Panel, Network,
Protocols. TCP/IP Protocol, DNS.
Windows NT . My Computer, Dial-Up Networking,
,
.
More Edit Entry Modem Properties. Server TCP/IP Settings.
, Windows 95
( ). Server assigned
name server addresses, DNS-cep , . Specify name server addresses
DNS-, Windows NT DNS-, . , Windows NT
.
Windows NT 4.0 - ,
. , Microsoft!
Windows NT 4.0, Service
Pack 4. SP4 sortlist, BIND 4.9.x,
. : , , . - , round robin - . - Q196500 Microsoft.
SP4 ( ) .
- Q187709 Microsoft.
SP4 - . DNS-
DNS Server Search Order. , DNS-, - , DHCP RAS. ,
.
15
. - Q198550 Microsoft.

175

DNS-, ,
SP4 (DNS Server Search Order) ( ), DNS- DNS Server
Search Order .

Windows 2000
Windows 2000 . , Start, Settings,
Network and Dial-up Connections. , . 6.4.

. 6.4. Windows 2000:


Local Area Connection Properties. , . 6.5.
Internet Protocol (TCP/IP)
, . 6.6.
Obtain DNS server address automatically, DNS-,
DHCP-. Use the following DNS server addresses,
DNS-, Preferred
DNS server Alternate DNS server.1
(, ) Advanced... DNS ,
. 6.7.
1

Microsoft - . Windows Primary DNS


Secondary DNS. , - -
. , DNS Domain Name System ( ), domain name server
( ).

176

6.

. 6.5. Windows 2000: Local Area Connection

DNS-, , ,
DNS server addresses, in order of use:. Windows NT 4.0,
, , DNS-,
. DNS , , , .
Windows 2000 , Windows NT 4.0 SP4: DNS-.
( , Microsoft) DNS-,
DNS- . - Q217769 Microsoft.

DNS-, Windows 2000
(
) DNS-. DNS-, -

177

. 6.6. Windows 2000

, . DNS-,
.
Append primary and connection specific DNS suffixes
(primary) DNS
, , . DNS
, DNS suffix for this connection. DNS
(Control Panel): System, Network Identification, Properties,
More... , . 6.8.
DNS Primary
DNS suffix of this computer.
Append parent suffixes of the primary domain suffix
(. 6.7)
BIND 4.8.3, DNS. fx.movie.edu
fx.movie.edu movie.edu. , DNS, , (

178

6.

. 6.7. Windows 2000

Microsoft) ,
.
Append these DNS suffixes (in order) , . DNS-,
, , .
, . Register
this connections addresses in DNS , , , . Use this connection s suffix in DNS registration , -
, , DNS .
, Windows 2000 IP-, DHCP-. ( DHCP -

179

. 6.8. DNS- Windows 2000

PTR- IP-
.) - WINS
(Windows Internet Name Service, Windows- ) Microsoft NetBIOS, . Windows 2000, , WINS.
, , ,
.

DNS-



BIND 8 u 9
log- BIND 8 u 9

BIND
- , - , , , .
- ! - .
, , ,
., ! , !

, DNS-. DNS-,
, .
,
log- syslog, , BIND.
.
DNS-.
- DNS. 14
DNS B I N D .

DNS-
DNS- named Unix. DNS- ,
, , -.
,
(, ), .

DNS-

181

BIND 8.2 ISC DNS - . Unix, -, DNS- .



. ISC , - ,
DNS- , .
DNS-
ndc (BIND 8) rndc (BIND 9). ndc
BIND 4.9, BIND 8.2 ,
- (, reload) (
, HUP). ndc .

ndc controls (BIND 8)


, ndc
DNS-, ,
Unix-. /var/run/ndc,
. root,
. DNS- BIND 8.2 Unix- .
-
controls. , /etc/
ndc, - named,
,
:
controls {
unix "/etc/ndc" perm 0660 owner 0 group 53; // 53 - "named"
};

, , ( 0).
, ,
chmod(l). .
ISC - -
Unix- ,
DNS-.
ndc DNS-
-, - .
ndc -,

182

7. BIND

DNS-, , , , . :

TCP-

controls:

DNS- BIND 8 - -. DNS- BIND 9


953,
. DNS-
loopback- . , ,
, DNS-.
( ),
DNS-
:

ndc - .
DNS-
, , :

,
:

/h ,
ndc ( DNS-). ndc, :

DNS-

183

/d ndc
( , , DNS-cep ).
DNS-, debug.
, / ( / /q)
ndc. , .
help , DNS-:

, , : start restart. , ndc , DNS-,


ndc. DNS- start - , ( ,
). DNS- restart,
, , . ndc
start restart.
:
getpid
DNS-.
status
DNS-, , ,
, ,
.

184

7. BIND

start
DNS-. DNS- named ,
start. : start - /'usr/'local/'etc /named.conf.
stop
DNS-
.
restart
DNS-.
start, named.
exec
DNS-. restart,
exec named; DNS- .
reload
DNS-. - DNS
.
DNS- 4.9
,
. reload ; , .
reconfig [-noexpired]
DNS-
. DNS-,
, .
-noexpired DNS-
, .
, DNS- ,
.
dumpdb
DNS- med_dump.db - /usr/tmp (BIND 4) DNS- (BIND 8).
stats
DNS- med.stats, /usr/tmp (BIND 4)
DNS- (BIND 8).

DNS-

185

trace [level]
named.run, /usr/tmp (BIND 4)
DNS- (BIND 8).
(level).
, ,
13 BIND.
notrace
.
querylog ( qrylog )
log-
syslog. LOGINFO. named QRYLOG ( QRYLOG ).
BIND 4.9.
quit
.

rndc controls (BIND 9)


BIND 9 controls .
- Inet.
(BIND 9.1.0 Unix- ,
, ISC, Unix- BIND 9 .)
BIND 9 , 953.
keys:

,
rndc DNS- . keys , DNS- log-
:

, keys, key:

186

7. BIND

key med.conf, named.conf


(),
, ,
named.conf :

HMAC-MD5,
D5- -.1 named
rndc Base 64. mmencode dnssec-keygen
BIND. 11
.
, foobarbaz Base 64,
mmencode:

rndc, rndc.conf rndc.


rndc.conf /etc.
rndc.conf:

named.conf.
options DNS-,
(
), ,
DNS- (
).
1

HMAC-MD5 RFC 2085 2104.

DNS-

187

key med.conf, . rndc.conf, med.conf.


, - , -
rndc.conf named.conf, ,
, DNS-.
rndc DNS-,
. key named.conf rndc.conf.
DNS- default-server options, rndc.conf, a
- , , default-key.
rndc :

,
. key,
server:

rndc,
-s DNS-, :

DNS-, , - rndc:
, DNS- ( 953),
- :
: BIND 9.0.0 rndc
reload, ,

188

7. BIND

9.1.0. BIND 9.1.0 BIND 8 ; - reload,


stop, stats, querylog dumpdb, refresh halt.
refresh

.
halt
DNS-
.

DNS-
. ( BIND , 8.2) . , DNS-,
ndc. ndc ( BIND
4.9 8.1.2), , ndc . ndc
BIND 4 DNS- BIND 8, .

ndc
:
, . ,
ndc named
WINCH.
ndc : named -

DNS-

189

. DNS- BIND
pid-, - ps.
pid- - /var/run/named.pid. pid- /etc/named.pid. ,
nam.ed.pid,
named. DNS- - ,
pid-, HUP
:

pid-,
ps. BSD- :

SYS V:

ps , named , DNS- BIND


. , , , ;
, . ,
.
DNS- BIND 4 BIND 8 . DNS
. , DNS- .
, BIND , 4.8.3, - DNS- .
DNS- :
.
BIND 9 , DNS , . DNS- .
BIND 8 9
DNS-. . , . DNS-

190

7. BIND

,
.
- DNS BIND 4 DNS-.
, -,
.
ps1 ,
. DNS-,
, named-xfer,
named:

DNS-, , , DNS- :

named,
, named , . DNS-.
, DNS-.
.


- - , , .
. -
?
, .
-
h2n. , - , 1

BSD- ps -axww,
: 80 . - . . .

191

. , , . .
,
, .
,
, - .



, . , , . , - .
DNS-,
,
.
1. db.DOMAIN. ,
, , .
2. (), CNAME () MX
( ) db.DOMAIN.
cujo RR db.movie.edu:

3. PTR- db.ADDR, , cujo , 192.253.253/24; PTR db. 192.253.253:


4. - DNS, :
BIND 8.2
, , :

192

7. BIND

- DNS , DNS-
, SOA-.
,
DNS- , . ( ,
?) DNS-
?
8 9, , - DNS
. DNS- 4.9
, , . ,
.
4.8.3 ,
( , ), , .
, .
, RR- db.DOMAIN, db.ADDR. , , - DNS.

SOA
.

. , DNS-
.
. ,
SOA-:

SOA- :

193

DNS-.
-
. ,
, , , . ,
, ... DNS- .
, ! h2n , , - , .
BIND ( 1,1) ,
. BIND 4 :
, BIND 1000. - - . , 1,1 10001, 1,10
100010. ; , 1,1 , 2, 1,10 , 2,1. ,
.
. : . - , . , . ,
15 1997 .
19970115. , .
, . 15 1997
- 1997011500.
1997011501. . ,
, . h2n -

194

7. BIND

.
32- .


,
, ? ,
BIND, ,
4.8.1 , ,
4.9 .
, BIND: DNS- .
( ).
: -,
- . - DNS .
,
DNS-, named
ndc stop. ( ,
r bak.movie.edu bak.192.249.249 bak.192.253.253)
. , - .
DNS-. -
, .
DNS- BIND , 4.8.1 (
4.8.1), , BIND 9, - . , DNS-
. ,
, .
, .
.
( 4.9 ) , .
DNS - 32- 0
4 294 967 295. , -

195

(2 147 483 647 )


, , - .
. ,
5. 6 (5 + 2 14 7483 647) , 5, (5 +
2 147 483 649) 4 - . , 4 294 967 295
- 4. ,
(5 + 2 147 483 648),
5,
. .
. , 25 000, 1. . -,
(25 000 +
2 147483647 = 2 147 508 647). ,
4 294 967 295 ( 32- ), 4 294 967 296. ,
, . -,
(1), ,
(2 147 508 647). , ,
!


DNS-
, . , ?
, .
, . DNS. ,
, DNS-
.
SOA, NS, A, CNA, PTR MX. DNS, DNS- ,
. DNS .
RP; . (

) RR-
DNS RR-.


- (). -
, 255 . BIND, , 4.8.3, - . 4 BIND -
2 .
- ; , :

BIND 8 9 -
, - :



RP (Responsible Person, ). RP-
, , . , , , .
,
.
:
, .
, SOA-: @ .
, -. -
( , ) - . ,
(.).
RP- -:

, - root.movie.edu richard.movie.edu ,
, .

197

RP- BIND 4.8.3, BIND 4.9. RP-, DNS-, .


4 BIND, .
Perl , h2.1 :
- ,
h2n ! ,
,
PTR-, . , .
h2n? /etc/hosts h2n .

. , , h2n. h2n , . . h2n,
.
-, h2n . (h2n , .) : movie.edu db.movie, 192.249.249/24 -
db.192.249.249.
-d -:
-d
.
-
.
- .
.
h2n -d -; 1

, h2n, .

198

7. BIND

. , movie.edu, , :

:
-s
DNS- NS-. -, -s , DNS-cep. DNS- 8 9
NOTIFY-, . , h2n.
-h
, MNAME SOA-. - DNS, NOTIFY. , h2.
-
,
. - root , h2n.
-
SOA-, , -
, .
: 10800:3600:604800:86400.
-f

h2n , . ,
.
-v4|8
BIND 4 8; 4.
BIND 9 BIND 8, DNS BIND 9 -v 8.
-y
.
:

opts:

199

,
(, terminator.movie.edu)
(, terminator). h2n , -d.
( , h2 .)
h2n.
.
, RR- /etc/hosts, . , . h2n ,
.
h2n :
.
spcl.DOMAIN, DOMAIN - . h2
:

db.DOMAIN. ( $INCLUDE .) , movie.edu - spcl.movie, movie.edu, . , h2 :

db.movie.


4,
DNS-,
DNS-. . DNS- , - -

200

7. BIND

. -. 4 , FTP- ftp.rs.internic.net. , , .
dig,
nslookup BIND, DNS-, :


, - . .
. , , in-addr.arpa. ,
. DNS- . -
Is . . BIND , .
DNS- BIND 4.9 include, .
.
( BIND)
1
: $ORIGIN $INCLUDE. $ORIGIN
,
$INCLUDE . RR-,
DNS. , ,
.


. DNS-
( , ), . - - DNS 1

- , $TTL, BIND 8.2 .

201

, - .
BIND 4 :

BIND 8:

202

7. BIND

,
: , ,
rir-, , secondary-.
BIND 4:

named.boot.primary (BIND 4):

named.boot.slave (BIND 4):

BIND 8 9:

203

named.conf.primary (BIND 8 9):

named.conf.slave (BIND 8 9):

, ,
primary primary - directory,
,
primary/ . secondary. , . DNS- BIND 8 9
. DNS-
BIND 4 -

204

7. BIND

directory, , . DNS-
-
DNS-, , (, ).



BIND
primary secondary named.boot
(BIND 4) zone named.conf (BIND 8
9). - , , . $ORIGIN. $ORIGIN
. ( ,
!) , , , , . (, movie.edu) , $ORIGIN

. :

9 .


,
.
$INCLUDE:

BIND 8 9

205

,
:

. , comedy.movie.edu db.comedy.movle.edu. db.comedy.movie.edu


, db.comedy.movie.edu $ORIGIN.

BIND 8 9
BIND 8 9 : named.pid, named-xfer, named_dump.db
med.stats. ,
.
, DNS- (named.pid, named_dump.db named.stats),
, , . , , , .
named.pid /var/run /named.pid /etc/med.pid.
. (!
- ?) 10 DNS-
. named.pid:

named-xfer /usr/sbin/named-xfer /etc/


named-xfer. , , , named-xfer
DNS- . ,
,
BIND . bind named-xfer:

BIND 9 named-xfer ,
named-xfer BIND .

206

7. BIND

DNS- named dump.db (BIND 8


9) () .
, :

DNS-
named.stats (BIND 8 9.1.0 ). :

log- BIND 8 9
BIND 4 log- - , syslog. BIND 4
log- , . BIND 8 9 log-, BIND
, BIND 4.
-
,
. log- ,
. log-.
log- :
. , : log-
syslog, , named . , log-. BIND
log- , . , , BIND, , update.
.
. , (. 7.1) ,
log-
syslog.
. , :

log- BIND 8 9

207

. 7.1.

{critical, error, warning, notice info) - , syslog. (debug dynamic) BIND 8 9.


debug - DNS-,
. 1.
,
DNS- (, debug 3,
trace DNS-
). dynamic
, (, trace
DNS-,
. trace, 1 3.) info, ,
.

, , syslog, . : , syslog, log- syslog, log.
, . syslog
syslog- daemon; info . ,
, syslog. logging BIND 8 9:

208

7. BIND

, DNS-,
. ,
. 7.1: syslog ,
. category
logging, :

logging DNS-, .
log.msgs ! ( ,
, log.msgs DNS-.) , . , DNS-:

DNS- , log.msgs. DNS- -


, named.run. .
, .
named.run?

log- BIND 8 9

209

,
. log.msgs,
med.run , . !
.
. , DNS-cep syslog , .
, log- syslog .
, ( ), . ?
default syslog, (named.ru). defa
ult null, sys
log. :

syslog- log- syslog,


syslog- .
, - log-, .
, ,
. .

210

7. BIND

logging
logging. , ,
:

, , , DNS-. , :

log- BIND 8 9

211

default, panic, packet


eventlib, DNS- :

BIND 9 logging
:

, default
syslog, ( named.run). , syslog- info
syslog,
syslog-
named.run. BIND 4.


, syslog
.


, . ,
, ,
.
, DNS- BIND 8 9 file, file.O, file.l
file.2. DNS-
file.l file.2, file.O file.l, file file.O,
file. 99 .
, DNS- .


212

7. BIND


, . , .
versions size:

(
).
, - , G g- .
, debug dynamic. info, syslog-.

syslog-
syslog,
syslog-: kern, user, mail, daemon, auth, syslog, lpr, news, uucp, cron, authpriv, ftp, local0, local1, local2, local3, local4, local5, loca6 ll7.
daemon, .
, syslog syslog- local0 daemon:

stderr
-default_stderr, ,
stderr DNS-. BIND 8
stderr. BIND 9.

null
null,
, .

log- BIND 8 9

213


log- BIND 8 9 . , .
,
:

config, debug 1.
,
:

, syslog, syslog .


BIND 8 9 - , ! , , . , . ,
, DNS- log-, , , . , , - .

BIND 8
default
- , , default.
default .
, . , , -

f
214

7. BIND

default, ,
.
default :

CNAME ( , ... has CNAME and other data).


config
.
db
.
eventlib
; . :
insist
, .
lame-servers
.
load
, .
maintenance
( , ).
ncache
, .
notify
.
OS

, .
packet
;
.
:

log- BIND 8 9

215

panic
, . panic , ,
. :

parser
.
queries
BIND 4.
response-checks
, . .
security
/ .
statistics
.
update
, .
xfer-in
, DNS-.
xfer-out
, DNS-.

BIND 9
default
BIND 8, default , . BIND 9
default BIND, .
BIND 9 general.
general
general BIND, .
client
.
config
.

216

7. BIND

database
, BIND,
.
dnssec
DNSSEC-.
lame-servers
( BIND 9.1.0; resolver).
network
.
notify
.
queries
BIND 8 (
BIND 9.1.0).
resolver
,
DNS-.
security
/ .
update
, .
xfer-in
, DNS-.
xfer-out
, DNS-.


log- : DNS-
, ,
, .
, .
BIND 8:

log- BIND 8 9

217

BIND 9:

, default_debug. ,
, .
logging BIND 8, :

( logging BIND 9 panic, packet


eventlib.)
,
my_file. ,
, logging:
queries. , queries.
DNS- .
log.msgs :

, , DNS- .

218

7. BIND


- , .
, . , ,
.
-
- .
() - , , ,
.
: log- syslog DNS- BIND
. DNS-.

syslog-
, named
log- syslog.
. ,
log- syslog, .
named, log-
LOGNOTICE. (DNS- BIND 8):

BIND 9 :

, DNS- named ,
BIND, ( BIND 8) . , .
, , BIND . ( BIND
restarted () starting ().)
reload DNS- BIND 8 LOGNOTICE:

219

DNS- BIND 9:

, named ( reload) . .
, ,
- .
,
DNS-:

: DNS- , getrlimit() setrlimit(), coresize, datasize, stacksize files


DNS- BIND 8/9. , ; BIND
. , . ( , - getrlimit( ) setrlimit( )) - BIND HAVE_GETRUSAGE. LOG_INFO.
DNS- ( - ),
- :

, BIND .
BIND :
( UDP
TCP) . , , BIND
, .
, BIND
:
, .

220

7. BIND

: , DNS- BIND, , BIND.


BIND ( ),
listen-on, BIND . listen-on 10.
getrlimit()
setrlimit(), DNS- files. files
10.


,
named - ulimit.

DNS- BIND 8
LOG_INFO:

(DNS- BIND 4.9 primary zone master zone.)


,
( - IN) SOA-.
DNS- BIND 9 - 9.1.0 -
.
DNS- BIND 8 LOG_INFO:

( BIND 4.9 4.9.3


4.9.4. BIND 9 - 9.1.0 - .)
- .
, ,
DNS-. (, DNS-
.) CPU ,
(13,01 )

221

(3,26 ). . NSTATS ,
DNS-, . XSTATS . NSTATS XSTATS
.
BIND 4.9.4 ( BIND 9
9.1.0, BIND 9 )
, ,
RFC 952, log- syslog
:

LOG_NOTICE. 4.
syslog, LOG_INFO, , :

, :

- terminator2
. terminator2 - t2,
. , DNS- CNAME-, . , - terminator2 DNS- CNAME-,
- t2. CNAME terminator2, - terminator2 ; , . , RR-
, .
, , DNS- BIND 9 9.1.0.
, DNS-
BIND 4 8 - DNS
:

222

7. BIND

DNS- BIND 9:

LOG_NOTICE BIND 4 8 LOG_INFO


BIND 9 . , DNS-
4.9 ,
log- syslog. DNS-
. , - . DNS- , SOA-. (
), , . ,
syslog , . , . DNS- , ,
( touch, Unix). , DNS Is -l /usr/local/named/db*.
,
. , DNS-, 14.
syslog- 4.9
LOG_INFO, DNS- nslookup:

BIND 9 - 9.1.0 -
.
, , xfrnets (BIND 4) allow-transfer (BIND 8) - 10 -
,
approved unapproved. DNS- BIND 9 :

223

syslog LOG_INFO:

, -
DNS- .
, (192.1.1.1), (wormhole). . DNS , . , ,
(,
), . - -, (,
, ).
, - () UDP-. UDP- ,
.
DNS- BIND 4.9 8 ,
:

named BIND 9 :

,
:

bar.edu
movie.edu. DNS- 4.8.3
foo.bar.edu ,
db.movie.edu movie.edu. , 4.9, . syslog
LOG_INFO.

224

7. BIND

, RR-. BIND 4.9 8 :

BIND 9 -
9.1.0.
RR-:

NS- diehard.movie.edu,
dh.movie.edu. log-
DNS-.
syslog- log-
. DNS- BIND 4.9.3
BIND 8 LOG_INFO, 4.9.4 4.9.7 - LOG_DEBUG.
, DNS-, , :

DNS- DNS-,
DNS-. : DNS-
DNS- ( , DNS), , ,
DNS-. , PTR-, IP- , .
PTR- DNS-, r- BSD- ( , rlogin) .
, , ,
, DNS- IP- DNS-
, .
DNS- IP-,
DNS- DNS-, -

225

IP-. , BIND, BIND , IP-, . LOG_INFO.


syslog:

: 1,
(IN); 3, Chaos (CH); 4, Hesiod (HS). 226? DNS- - -
, 226 . ? . - ,
. , , ,
. DNS UDP-. syslog LOG_INFO.
, DNS- - :

, 253.253.192.in-addr.arpa
. , DNS- !
, ,
.
, -
DNS-,
DNS-. ,
. syslog LOG_NOTICE.
, DNS- BIND 8 9, , , ( ) , log- DNS-, - , ,
. DNS- BIND 8 :

226

7. BIND

DNS- BIND 9:

- LOG_NOTICE.
, ,
log- syslog DNS-.
BIND 8 ,
, :

BIND 9 :

, !
. DNS-
DNS-
, DNS-
. DNS- edu
movie.edu 10.0.7.125, DNS-, ,
movie.edu. , movie.edu,
. syslog LOG_WARNING
(DNS- 4.9.3), LOG_DEBUG (DNS- 4.9.4 4.9.7),
LOG_INFO (BIND 8 9).
DNS- BIND 4.9 :

BIND 8/9 :

LOG_INFO log- syslog , DNS-:

BIND 9 9.1.0. :

227

IP- , ,
. BIND 8.2.1 +, XX.
. ( querylog.)
BIND 8.1.2
syslog-:

DNS- BIND 9 :

: DNS- , DNS-, .
, DNS- ,
.

BIND
, DNS-,
, , . -

228

7. BIND

, DNS-,
. DNS-
, , .
, DNS.
DNS-, (. 7.2), , . , FTP, DNS-. DNS-

. 7.2. ,

229

, , DNS-.
- - . , , , .
: , DNS-
DNS-, . , DNS- .
DNS- BIND -
, .
DNS- -,
, . DNS- 1 -, DNS-,
. DNS-
1, . :

DNS-:

230

7. BIND

DNS-
, DNS-.
DNS-
DNS- ( DNS-,
DNS- , ), .

BIND 4.9 BIND 8


DNS-,
, . DNS- BIND 8, ndc:
DNS- BIND 4
ndc, named ABRT:
( Unix- , SVR4,
/etc/named.pid.)
, named.stats DNS- (BIND 8) /var/tmp/'named.stats /usr/
tmp/named.stats (BIND 4). ,
DNS-, , STATS,
, , . BIND 4.9.3 . DNS BIND 8
, RnotNsQ,
. DNS- BIND 9 9.1.0
,
.

231

DNS- BIND 8
IP- (Global),
host-statistics options, :


,
,
DNS-.
.

. (800708260) , Unix,
1970 . , BIND
: May 17, 1995, 3:57:40 a.m.
DNS-.
, 86400 (60x60x24, ). 8,5 .
DNS- .
, -

232

7. BIND

DNS . DNS- , .
, , - DNS - .
DNS- 14 . , DNS, DNS-.
268459 , . , .
3044 NS-. DNS-
NS- DNS- . NS- dig nslookup.
sendmail CNAME- ( ). sendmail
ANY ( ).
CNAME-
dig nslookup.
SOA- DNS- . , AXFR-,
. AXFR-,
, DNS-
.
PTR-
. IP-: inetd, rlogind, rshd,
.
,
HINFO- .

233

sendmail -
.
, , . , - , Harvest, , .

NSAP - ,
OSI Network Service Access
Point.
DNS- AXFR-, .
ANY
. sendmail. sendmail CNAME,
MX, , ANY, RR- DNS-.
. , DNS- , , - . , , , .
, , ,
.
, ,
. , bstat .
:

234

7. BIND

IP-
. - . , .
,
- DNS- 15.255.152.2 (relay.hp.com).
(, RQ)
, relay.

RQ - , relay. , relay , DNS-.


RR - , relay. , DNS-.
RQ,
. RQ - , relay; RR - , relay DNS- ( DNS-
relay).
RIQ - , relay. , PTR-. nslookup -

235

, RIQ .

RNXD - no such domain ( ), relay.

RFwdQ - , relay
(RQ) .
, DNS-
( resolv.conf) DNS.

RFwdR - relay
(RR), .

RDupQ - , relay.
,
DNS-.

RDupR - , relay.
, DNS-
, .

RFail - SERVFAIL-, relay. SERVFAIL DNS-.


SERVFAIL , DNS- . , ,
SERVFAIL . ,

, , DNS.

RFErr - FORMERR-, relay.


FORMERR .

/
236

7. BIND
RErr - ( SERVFAIL FORMERR).
RTCP - , relay, -. ( UDP.)
RAXFR - . , relay
, DNS-.
RLame - . , ,
DNS- IP-, DNS- .
ROpts - IP-.
SSysQ - , relay. ,
DNS-. DNS-, DNS-.
DNS- , , NS-.
relay DNS-, .
SAns - , relay. DNS-
439 441 (RQ), relay. , , ...
SFwdQ - , () relay ,
DNS-.
SFwdR - - DNS-,
() relay.

237

SDupQ - , relay.
, . , DNS-. , relay
, , DNS-.

SFail - SERVFAIL-, relay.

SFErr - FORMERR-, relay.


SErr - sendto(), relay.
RNotNsQ - , DNS-, 53. BIND 8 DNS-
53. , ,
. DNS- BIND 8 , , , DNS-. BIND 8 RNotNsQ .
SNaAns - , re
lay. 439 (SAns), relay, 431 .

SNXD - no such domain, relay.

BIND 9
BIND 9.1.0 - BIND 9,
. BIND 9
rndc:

DNS- ( BIND 8)
named.stats . BIND 8.
DNS- BIND 9:

238

7. BIND

DNS- ( +++ Statistics Dump +++ -- Statistics


Dump ---) stats.
(979436130), , , Unix.
BIND .
date .
, 979584113 Unix (
1 1970 ) , :

.
, DNS-.
, .
, DNS- .
, DNS- , .
, DNS- , , , .

239

,
.

, , nxrrset nxdomain.
, ,
BIND 8, BIND 9 , ,
.

BIND
DNS-? ,
? , DNS-,
. ,
, ,
.
DNS-, , , ( , , ) , .

, DNS- . DNS-.
, BIND 4.9.3, 1992938 746683 , 2,7 , .1 , , , ,
. - , ,
DNS-, .
.

DNS-?
DNS-
DNS-
TTL


- ? , , .
-, , - . , ,
...
- ? - .
- , ,
,
.

DNS-?
4 BIND DNS-. ,
. , .
- ,
. ? , .
, :

DNS-. . , .
-, , DNS- - -
.
DNS- , .

DNS-?

241

, , ,
. DNS- -
- , .
DNS-
. . , , ,
, .
, DNS- , , DNS- .
, - , , -, DNS- .
(. 8.1) ,
.

. 8.1.

, ,
DNS- - . d, , , , . - g,
, . , , f - ,

242

8.

. DNS-
. , d g.

DNS-?
DNS-,
, DNS- ( , , ).
, .
, : ,
(BIND - ), DNS-, .

, DNS- .
DNS- ,
.
,
( ),
DNS-
. DNS-
.
, - DNS. - DNS
,
. , DNS-,
.

,
DNS-, - , .
BIND, , - BIND 8.2.3 9.1.0, TCP/IP (
4.3/4.4 BSD Unix; ). BIND 8.2.3 9.1.0 -
, ,
. , BIND 8, , BIND ,
4.9.7, , .

DNS-?

243

, - DNS-.
,
Unix . DNS- , . ( !)
nslookup
named.conf Unix-. , Unix BIND, . DNS- , BIND 8 9, , BIND 8 9, DNS-.

, , DNS- ,
, DNS-.
DNS- ,
. , ,
, DNS-.
,
- DNS, , DNS-.
, , DNS-
, , , -
.


, , DNS-,
, DNS-, . , , ,
DNS-, , DNS-
.
DNS-?
- .

244

8.
, ,
. ,
(RPC),
, .

DNS- . ,
X Window DNS-
( ).
( ) : , DNS- ?
? !
, ,
DNS-, . named DNS-, . named
, (thrash, ), .
, DNS- named (, ).
, BIND 4: DNS-
BIND 4 named , named ,
. - DNS 5 10 , , .
, DNS- - , named . DNS-
,
.
1
top. ,
, .
: 5% 1

top - , , .
top FTP-
eecs.nwu.edu ( /pub/top/top-3.4.tar.Z).

DNS-?

245

, 10% - ,
DNS.
,
top DNS-:

, . top ( ) DNS-:

, , - ,
( , DNS-).
, : Pentium III NetBSD, ,
, Unix-
.
, DNS-,
, DNS- - log- syslog.1 ,
DNS- ( ,
BIND 8)
:

BIND
: ABRT (IO ). BIND 4.9 ,
4.9.4 4.9.7 ABRT.

246

8.

DNS- BIND 9 statistics-interval, rndc crontab,


DNS- BIND 9 :

. ,
, .
,
- - . , ,
, .
syslog DNS- BIND 8.2.3:

RQ (
). , , RQ : 458332 - 458031 = 301.
, , , DNS- .
DNS ,
.
DNS , .
DNS-
, (RQ) -

DNS-?

247

(SAns) - - 800 (100 DNS) 3600 ( ). , DNS. 1


. NSFNET ( 1995 ) , DNS 5%
( ) . ,
NSFNET, ,
DNS-.2 , DNS-, .
, , DNS- . ?
-, , DNS-
. , .
DNS- BIND 4.9 8.1.2, ,
DNS-
. DNS-
, DNS-.
BIND 8.2 ,
3
host-statistics options:

, BIND,
(Nigel Campbell) - bindgraph,
DNS,
http://www.dns.net/dnsrd/tools.html.
, , , NSFNET.
, BIND 9 host-statistics 9.1.0.

248

8.

Global IP , .
, ,
RQ, .
15.17.232.8,

DNS-

249

15.17.232.16 15.17.232.94, 88%


.
DNS-, , DNS-
, - DNS-. ( 13
BIND.) IP-, , DNS-. , , . ,
, , , DNS- .
, DNS-.
, .
DNS ,
DNS- . , , , . , :

,
-. DNS- .

. DNS- .

. DNS- .
DNS-, .

(
). DNS-
,
.

, , . DNS- .

DNS-
DNS-
, - .
, , 4;
DNS-, -

250

8.
.
DNS-, .
DNS- , , - DNS
DNS-, , .
:
- DNS.
,
.
DNS- , .
DNS-, (
).
DNS- ().


- DNS
, /etc/
named.conf . , ,
.
1
2
rdist rsync. distfile

:

rsync - , .
http://rsync.samba.org.
, rdist .

DNS-

251

- :

, rdist DNS-, special :

rdist .
- .
. . h2n ( r), ,

.1
.
SOA- .
DNS- . DNS-
,
DNS-, . DNS-
, .
: DNS-, ,
.
. IP- - DNS
IP-
.
named.conf:

, NOTIFY - .

252

8.

BIND 4 .
named.boot:


- DNS . , - ,
DNS-
. , DNS-
, - DNS.
,
DNS- . , DNS- , .
NOTIFY, BIND 8 9.
.
, DNS- 8 9.1 NOTIFY 10 .

DNS-, .
wormhole diehard, a
diehard wormhole,
DNS.
.

DNS-,

DNS-, , , DNS-. DNS- , 0.0.127.in-addr.arpa. ,
1

Microsoft DNS.

DNS-

253

DNS- - .
, , , - . ,
,
db. 127.0.0. named.conf DNS- :

BIND 4 named.boot :

DNS- - - , ,
. , DNS- . DNS- , .
DNS- ? ,
, , DNS- .
DNS-, ,
DNS- ? . db.cache - . , , DNS- DNS- DNS-
: . DNS-, ,
, .
DNS- ,
. , -

254

8.

DNS- ,
. , , . ,
, DNS- .

DNS-
DNS-
: DNS-, .
( , ). , movie.edu /24
( ) , , 20 in-addr.arpa.
DNS- 21 (
in-addr.arpa movie.edu), movie.edu in-addr.arpa, . , DNS- : movie.edu in-addr.arpa.
, DNS-.
zardoz.movie.edu IP-
192.249.249.9 192.253.253.9. med.conf zardoz DNS-:

DNS-

255

named.boot DNS- BIND 4 :

movie.edu
in-addr.arpa. named.conf DNS-
21 zone.
DNS-? DNS-cep , named.conf
. DNS-, inaddr.arpa, in-addr.arpa ( named.conf) .

.
.
movie.edu in-addr.arpa. ?
, DNS-, ,
: 192.249.249 192.253.253. , , .
in-addr.arpa, .

DNS-
DNS, : DNS-
? , DNS-,
DNS-. ,
DNS-, , . . DNS-
(, resolv.conf) . DNS-

256

8.
DNS-, . , , DNS-, DNS-
. . 8.2.

. 8.2. DNS-
, ,
DNS- :
DNS-,
UDP, .
10 NS-;
( );
. 1
DNS- - , , .
1


. , rootservers.net, UDP- .

DNS-

257

DNS- , , , DNS-cep . . ,
DNS- zardoz.movie.edu. , edu in-addr.arpa. ( , 3 ?)
,
() ,
- .
, ( ), DNS- . DNS-
, I-() . ,
, DNS- ( , )
. .
InterNIC, - http://
www.arin.net/cgl-bin/amt.pl . ( , http://www.arin.net/regserv/templates/modifytemplate.txt.)
, , in-addr.ar
pa, :

258

8.

, TTL
NS- -. , DNS- , DNS. ,
. ,
TTL.
-
DNS- - ,
DNS- in-addr.arpa. movie.edu, DNS-, terminator.movie.edu wormhole.movie.edu,
, DNS-
movie.edu.
DNS- ? ,
in-addr.arpa. DNS-,
; , DNS- .
DNS-: .
, , DNS, , ,
,
DNS-.
, DNS-
. DNS- , ,
. DNS-
DNS-, . DNS- , . ,
DNS- ( ) - ! .
,
DNS-, , (lame delegation).

TTL

259

TTL
,
. , TTL RR- -
, DNS-
. TTL RR-
3600 , .
,
DNS-.
TTL, , TTL
, DNS-. TTL , DNS-
DNS-, , .
DNS- .
TTL .
- - TTL .
, ,
. movie.edu,
, .
DNS- , TTL , $TTL, -
DNS- , BIND 8.2, - SOA-.
movie.edu . DNS-, ,
.
. , ?
TTL, DNS- . ,
DNS- ,
. TTL? , TTL,
. DNS-
BIND 4 TTL SERVFAIL. TTL,
30 , . :

260

8.

TTL $TTL db.movie.edu.


RR- , DNS- TTL
. TTL ,
,
, . ,
DNS- , DNS- . - TTL .
TTL , (IN).
, : (), h (), d () w ();
, $TTL. TTL
db.movie.edu:

, RFC 1034,
, DNS-:
TTL cujo - 1 , TTL SOA-,
TTL DNS- , BIND 8.2, .
?
DNS- BIND RFC- DNS, TTL SOA-
TTL RR- .
,
TTL, .
DNS- BIND . ,
BIND - . BIND TTL SOA TTL . (,
BIND TTL $TTL.) TTL ,
. , . , - , SOA-.
, DNS-, ,
TTL, - DNS:
- DNS TTL 1 , . DNS TTL , -

TTL

261

. TTL
, DNS- , , .
DNS- ,
. .
, BIND TTL RR-, , .
, DNS-, ,
. ,
, ,
, .
,
, . -
FTP- ( ) - .
TTL , .
, TTL . TTL :
,
. , , .
, TTL 12 , - 3 , TTL
15 , TTL . , DNS- - DNS BIND 8 9, NOTIFY,
, .

SOA-

- DNS. SOA-.
, (refresh) ,
. (retry) , -

262

8.

. (expire) ,
. , DNS- BIND 8.2
TTL . DNS- SOA- TTL .
, , DNS-
, .
1h
( - h2n). , - 15 . , . 1
, DNS-,
, DNS-
.
: DNS- SOA- ,
, . DNS-
( ) - DNS .
,
BIND 8 9 NOTIFY,
. DNS- BIND 4, , .
BIND -
-
. BIND
, , .
, . DNS- BIND 4
,
15 , . , DNS- BIND 4.9 1

, BIND 8 , .
4

263

, .
BIND
.
- ,
. , ; , , , .
BIND 8 , , , . (BIND 9.1.0
.) , BIND 8, .
, TTL . TTL , . - ,
TTL. ,
.


, . , , .
, , . -
, .
DNS , .
, DNS:
DNS-, , . .
DNS .
,
, DNS .
, .

264

8.


. , .
, , . . , DNS- -
. , , , , ,
, fsck! , , , .
, ,
, . Unix

( ):

( 'hostname' , a site-router - ) :
IP- , .
IP- .
, route .
ifconfig , IP- /etc/hosts,
/etc/hosts ,
, .
, route, ,
IP-.
route, DNS- .
DNS- , route . DNS-,
, . , resolv.conf.

265

DNS- BIND ,
resolv.conf DNS- ( DNS-
,
DNS- ). ,
. , :

ICMP- (port unreachable).


ICMP- (network unreachable).
UDP ( ,
).1
DNS-, resolv.conf,
, . DNS- . 75 ,
. ICMP-
, DNS-
, DNS-.
DNS-
, DNS-, , .
DNS-
, route .
, DNS-. resolv.conf
DNS-, BIND
, ifconfig
. DNS-, , .
.
DNS- ,
,
.

266

8.

, - IP-
( /etc/
defaultrouter).
.
: rsolv.conf , DNS-
.
, ,
/etc/hosts ( ,
). ,
DNS- , , . /etc/hosts,
.
BIND, ,
/etc/
hosts , DNS,
!
, /etc/
hosts, /etc/hosts ,
. , -
; .
- ICMP Router Discovery Messages. ICMP, RFC 1256, ()
.
Windows NT 4.0, . ,
Q223756 Microsoft. Sun Solaris
/usr/sbin/in.rdisc; IOS (Internetwork Operating System) Cisco.
, , DNS- ?
sendmail, NFS . DNS sendmail
,
NFS .
- DNS-
. ,

267

.
, , (UPS, Uninterruptible Power System) .
, , , DNS- .
,
fsck. , .
, , IP-
resolv.conf , . ,
DNS-cep. , .


, ,
. ,
,
. .
(
) .
, .

( )
( ), DNS- . , corp.acme.com - Acme, DNS- (acme.com) DNS-.
, , . :

268

8.

, , , - selma.corp.acme.com.corp.acme.com
( , , - 6). DNS-, r.me.com, , .
selma.corp.acme.com.acme.com. corp.acme.com, DNS- acme.com. ,
DNS- , , .
, ,
, , . :

:
( .) , , selma.corp.acme.com.
BIND 4.9 . 4.9,
,
. , :
, selma.corp.acme.com.
4.8.3 ,

. ,
, search. , corp.acme.com,
:
, :
selma.corp.acme.com.corp.acme.com (

269

DNS-), selma.corp.acme.com. :

( )
DNS- . DNS- , DNS-
, . ,
.
,

/etc/hosts.
resolv.conf resolv.bak, DNS- (
) - /etc/hosts.
, .
DNS-, , . named.conf type zone slave master, a
masters.
DNS- ,
, .

DNS-,
.

( )
( )
DNS- . DNS- DNS-. : DNS-
, .
DNS- , DNS-,
. , DNS. - DNS--

270

8.

, , . - , DNS-cep.
, , DNS-. db.root, . db.root
. ,
movie.edu , terminator db.root :

med.conf terminator:

271

BIND 4 - named.boot:

db.cache ( ) ,
DNS- ( , , ).
db.cache:

movie.edu
. ,
zone named.conf, zone terminator, DNS-.


?

:

in-addr.arpa



, ?
, ,
, . , ,
, ,
- , ,
.

, , .
. ; . , .
- - .
,
. ,
, , .
- ,

. DNS- , DNS- , .

273

,
,
. , .


, ,

. -, ,
, , :

- DNS-.

, - - :
?

?
, : .
. , ,
.
,
, ? DNS . .
.
- , , . , DNS-,
. ,

- .

274

9.

.
DNS-, . DNS-
DNS- .
, , , , ,
. ,
, , , ,
.
,
. - .
,
, , . , :

. 50 ,

( ),
. - DNS.
, .
, IP-
, .
,
, ,
(, , , ) -
- .


, , . -

275

;
. ,
.
.

. , - ,
.
,
. , , , .
, .
, ,
.
:
.

. ,
,
. ,
, .
, . , , ,
-
(Poughkeepsie) (Waukegan), ,
, , , .

.
, , ,
. Italy ()
it
(IT),
?

, .
: ,
. - !

276

9.

.
net , ,
, . . ,

Sun sun, HP 9000 - hp ( ). , sun.com hp.com,
, 1,

.

:
, , . ,
. ,
...
, , . ? .
,
.
, . , , , ; , .
-
, .


, , . ? RR-, . , movie.edu brazil,
1

, ,
sendmail. , 6 .

277

. brazil personnel.movie.edu, db.movie.edu.


db.movie.edu:

db.personnel.movie.edu
. ,
personnel.movie.edu ;
telnet db .
, $ORIGIN
personnel.movie.edu.
db.movie.edu:

,
db.movie.edu $INCLUDE
( ).
, SOA- personnel.movie.edu ? , SOA- movie.edu movie.edu.
personnel.movie.edu, movie.edu.


, - . ,
.
movie.edu . fx.movie.edu - , , . fx.movie.edu ,
. bladerunner outland, , -

278

9.

DNS- ( bladerunner
- DNS). , , DNS- -
DNS- fx.movie.edu, , ,
. , .
vie.edu - 192.253.254/24 network.
/etc/hosts:

,
fx.movie.edu.
db.fx.movie.edu:

279

db.192.253.254:

, PTR- 1.254.253.192.in-addr.arpa
movie-gw.movie.edu. .
movie.edu fx.movie.edu; , ,
PTR- 254.253.192.in-addr.arpa - .
named.conf - DNS:

280

9.

named.boot BIND 4:

, h2n,
:

. - - db.fx.movie.edu, db. 192.253.254 named.boot.


DNS- bladerunner.
, resolv.conf.
hostname bladerunner
, bladerunner.fx.movie.edu, .
named bladerunner
log- syslog . named ,
log- syslog , , nslookup
fx.movie.edu 254.253.192.in-addr.arpa :

282

9.

,
DNS- fx.movie.edu,
fx.movie.edu.

DNS- fx.movie.edu
DNS- fx.movie.edu
: named.conf, db. 127.0.0
db.cache bladerunner, named.conf
db.127.0.0 , 4
BIND.
named.conf:

283

named.boot:

bladerunner, outland rsolv.conf - hostname outland.fx.movie.edu.


- named log- syslog
. , fx.movie.edu.

DNS- movie.edu
fx.movie.edu DNS-cep fx.movie.edu, bladerunner outland. NS- db.movie.edu.
db.movie.edu:

RFC 1034 ,
(bladerunner.fx.movie.edu outland.fx.movie.edu) DNS-. DNS-, , , ,
(CNAME). , RFC- ,
- .

284

9.

. , ? DNS- fx.movie.edu fx.movie.edu? DNS- movie.edu


DNS-, fx.movie.edu? , NS- db.movie.edu
DNS- fx.movie.edu. - IP DNS- fx.movie.edu, . ? DNS- fx.movie.edu.
- ?
: DNS- fx.movie.edu
movie.edu. ,
, movie.edu, , fx.movie.edu. , DNS- fx.movie.edu fx.movie.edu, (glue records) -
. - ,
DNS-.
, , db.movie.edu :

.
( 4.9) DNS-. DNS- IP-, , DNS-
,
DNS-,
,
.
DNS- BIND 4.9 , , log- syslog , . , NS- movie.edu, DNS-, ns-l.isp.net,
, db.movie.edu - DNS movie.edu,
syslog:

DNS- , 4.9,
, ,

285

DNS- ,

:

, .
, .
bladerunner - , IP- - .
, movie.edu fx.movie.edu. , plan9.movie.edu (, )
fx.movie.edu, movie.edu,
:

movie.edu plan9, plan9.movie.edu.


-
fx.movie.edu db.movie.edu. plan9 movie.edu (
plan9.movie.edu), db.movie.edu. , p9.fx.movie.edu plan9.fx.movie.edu fx.movie.edu db.fx.movie.edu.
, DNS- BIND 4.9
, . DNS- ,
BIND, , .

in-addr.arpa
254.253.192.in-addr.arpa!
, fx.movie.edu, .
-, ,
254.253.192.in-addr.arpa .
,
3 ?.

286

9.

, 254.253.192.in-addr.arpa in-addr.arpa. , .
in-addr.arpa 253.192.in-addr.arpa 192.in addr.arpa , 192.253.253/24 192.253.254/24
, 192/8 192.253/16 CIDR-.
.
( 3), inaddr.arpa ARIN (American Registry of Internet Numbers). , nslookup SOA-
in-addr.arpa, .
- Modify Tool ( ) http://www.arin.net/cgibi/amt.pl, .

DNS- movie.edu
,
DNS- vie.edu 192.253.254/24.
DNS-, fx.movie.edu,
. DNS fx.movie.edu movie.edu -
,
.
DNS- movie.edu bladerunner. bladerunner - DNS fx.movie.edu. DNS-,
, . DNS- , 1
.
: named.conf bladerunner , named,
movie.edu IP- DNS movie.edu, terminator.movie.edu.
named.conf:

,
. DNS-
( ), ( ).

in-addr.arpa

287

DNS- BIND 4, med.boot:

in-addr.arpa
. in-addr.arpa , .
, , ,
. .

288

9.


/24 (
), ,
. -, Altered State,
, 172.20/16.
IP-; 255.255.255.0.
altered.edu, fx.altered.edu (,
), makeup.altered.edu foley.altered.edu.

( Spesial Effects - 172.20.2/24, Makeup 172.20.15/24, a Foley - 172.20.25/24), in-addr.arpa.
in-addr.arpa . db.l 72.20 Altered State
:

, , DNS .
: Altered State
, - 20.172.inaddr.arpa. NS- ,
. , DNS-, , .


,
, /24 ( )?
. :
in-addr.arpa in-addr.arpa . .

in-addr.arpa

289


/8 ( ) - 15/8, 255.255.248.0 (13- 11-
, 8192 2048 ). , ,
15.1.200.0 15.1.200.0 15.1.207.255.
, db.15,
15.in-addr.arpa,
:

- !
, 8.2 BIND
$GENERATE. $GENERATE
RR-, .
, 16 NS- $GENERATE:

: DNS- $GENERATE, ($) , .


/24 ( ), 192.253.254/24,

255.255.255.192. inaddr.arpa, 254.253.192.in-addr.arpa,
192.253.254.0/26,
192.253.254.64/26,
192.253.254.128/26

192.253.254.192/26. , -

9.

290

.
.

1
: 254.253.192.in-addr.arpa
, .

Webmin (http://www.webmin.com/webmin),
.

2
: .
, /8, . NS- IP-
db.192.253.254. :

, 254.254.253.192.in-addr.arpa.
,
$GENERATE:

in-addr.arpa

291

, , named.conf nsl.foo.com
:

nsl.foo.com BIND 4, named.boot:

db. 192.253.254.1 - - PTR-:

, PTR-
,
IP-. , PTR-
1.254.253.192.in-addr.arpa, DNS- 254.253.192.inaddr.arpa
nsl.foo.com ns2.foo.com, , , PTR-.
3
, ,
IP-.1 , /24, CNAME ; CNAME- , , 1

.protocols.,tcp-ip.domains
(Glen Herrmansfeldt) .
RFC 2317.

292

9.

, DNS-.
, 0-63, 64-127,128-191 192255, , .
PTR- .
db.192.253.254:

$GENERATE :

0-63.254.253.192.in-addr.arpa (db.192.253.254.063) PTR- IP-


192.253.254.1 192.253.254.63.
db.l 92.253.254.0-63:

293

, . DNS-cep PTR- 1.254.253.192.in-addr.arpa. DNS-cep DNS- 254.253.192.in-addr.arpa, CNAME-, , 1.254.253.192.inaddr.arpa


1.0-63.254.253.192.in-addr.arpa PTR-
. NS-, DNS-, 063.254.253.192.in-addr.arpa nsl.foo.com ns2.foo.com. DNS- PTR- 1.0
63.254.253.192.in-addr.arpa - DNS- nsl.foo.com ns2.foo.com,
.


, DNS- fx.movie.edu,
- -
host. ?
host? host Unix- FTP- ftp.nikhef.nl ( - /pub/network /host. tar.Z).
host, :

:
host .
NS- , DNS-cep -. , host DNS-, SOA- . ,
DNS-, , DNS- SOA-. DNS- , host

294

9.

- authoritative answer ( ). DNS-


.
DNS- .
, host .
?
, DNS-.
, , , . NS- -,
DNS-. ( 8 , , DNS-, .)
, DNS- fx.movie.edu carrie.horror.movie.edu. horror.movie.edu ( -
), , , NS- vie.edu,
. DNS- .
NS- DNS, , . ,
, . DNS-

DNS- , , :

295

DNS-,
. ,
DNS-
NS-. DNS-, , .
DNS- BIND 4.9 .

DNS- in-addr.arpa NS-


DNS-, in-addr.arpa r in-addr.arpa, a DNS-
NS- in-addr.arpa r. ( DNS ,
.) DNS- NS- DNS-, .
NS- , DNS- DNS-, IP-, DNS-, .
, NS-
, - DNS-, . , ,
, .

host
, , , ,
host, .
: host NS- DNS- , .
NS- fx.movie.edu DNS- movie.edu:

, NS- :

296

9.

, NS-, fx.movie.edu, .
host SOA-
DNS- fx.movie.edu SOA-. , :

NS- SOA- fx.movie.edu:

DNS- fx.movie.edu - , outland - , :

, DNS- outland
, fx.movie.edu.
DNS- fx.movie.edu , :

try again ( ) ,
host outland ,
.
, fx.movie.edu nslookup, host
.


, , DNS-. DNS- 8 ,
.
, .
, . , , -

297

. , , 192.254.20/24. . , alien.fx.movie.edu,
DNS- .
fx.movie.edu ( )
( ) :

- movie.edu : NS- - db.movie.edu.


, h2n
DNS-? spcl.movie, h2n
$INCLUDE db.movie.
fx.movie.edu - noc@netsol.com ( in-addr.arpa), 20.254.192.inaddr.arpa DNS- alien.fx.movie.edu, bladerunner.fx.movie.edu
outland.fx.movie.edu.

:
DNS- BIND 4.9 ,
. DNS- BIND 4.9 -,
DNS- , .

298

9.

DNS-, ,
SOA- NS- , . DNS-
NS- , SOA-
. ,
DNS- ,
NS-, DNS- .
DNS- movie.edu
named.conf:

DNS- BIND 4.9 :


, DNS movie.edu, fx.movie.edu movie.edu.1
DNS- movie.edu - , .


- fx.movie.edu . - .
,
movie.edu. , NSF

.
, .
movie.edu.
CNAME- ( plan9.movie.edu),
. , !
1

BIND 9 NS- ,
.

299

, , CNA- , .
h2, CNAME-
. . ,
telnet FTP ( -), , fx.movie.edu:

, ,
.
fx.movie.edu,
sendma.il, sendmail . sendmail
DNS-, . movie.edu fx.movie.edu. sendmail, , . w w sendmail.cf;
-
5 DNS .
? h2n,
fx.movie.edu
(192.253.254/24 192.254.20/24) ( /etc/hosts)
. ,
fx.movie.edu, movie.edu
fx.movie.edu.
/etc/hosts:

300

9.

- h2n
. h2n , , ( -d). , :

( options , movie.edu), movie.edu fx.movie.edu.


, , ,
. , . , , - . , ,
.
, , , . , , .rhosts
. . - DNS,
.
, CNAME-
, -
. ,

, - ,
.
h2n , -, ,
. -
h2n ( exclude) , , . ,
CNAME fx.movie.edu,

301

movie-gw.movie.edu ( 192.253.254/24):



, .
:
1. , .
2. ,
, - . , ,
CNAME-.
3. CNAME- .
4. - .
, , DNS-. .



DNS:

DNS NOTIFY (
.)

(IXFR)


Round Robin:


DNS-
DNS-:
DNS-cepeep

DNS-


IPv6

-... , .
- , , , ? .
- , , .
- , ?

DNS- BIND 8.2.3 9.1.0


.
, (NOTIFY)
. :
DNS-, , .
, DNS-.
DNS. ( -

303

, .)

,
(address match list). BIND 8 9 ( , ) .
- ( ?) , IP-.
IP-, IP-, ( ). 1 IP- :

, 15.0.0.0 255.0.0.0 ( )
15/8. 15 . , IP- 192.168.1.192 192.168.1.255
192.168.1.192/26 ( 192.168.1.192
255.255.255.192, 26 ). , :

- , .
,
named.conf acl { access control list).
acl :

()
. , acl,
(access control list), , , , .
,
1

BIND 9 IPv6- IPv6-, .

304

10

pa acl. . , 15/8 : HP-NET.


192.168.1.192/26 internal:


. ,
na.med.conf .
ACL- ,
, BIND
. , , .
:

. IP-
any
IP-
localhost
IP- (, DNS)
localnets
, ( ).

DNS:
TCP/IP . DHCP IP-. - DHCP ,
. , DNS
. , DNS Dynamic Update ( DNS), RFC 2136.
BIND 8 9 , RFC 2136.
RR- ,

DNS:

305

DNS- . DNS- NS-.


DNS-, , DNS-- ,
- . . DNS , , , . , DNS-- ;
DNS- , ( ).
DNS-
, .
,
.
RR-, RRset- ( RR-, ,
, , www.movie.edu)
, .
, , . , :

, armageddon.fx.movie.edu , armageddon.fx.movie.edu .
:
DNS- BIND
9.1.0, DNS- ,
DNS-- , . , DNS-- MNAME SOA. , , MNAME , DNS .
, DHCP, ,
.

306

10.

DNS-, ns_update(), ,
.
, , nsupdate, BIND.
nsupdate .
( ), ,
nsupdate. , , , .
nsupdate :
prereq yxrrset domain name type [rdata]
. RRset- type,
(domain name). rdata,
.
prereq nxrrset
. Rrset- type domain name.
prereq yxdomain domain name
.
prereq nxdomain
.
update delete domain name [type] [rdata]
,
type, RRset-,
rdata - , domain , type rdata.
update add domain name ttl [class] type rdata
. , TTL , type rdata,
-
IN.
, :

mib.fx.movie.edu,
, . -

DNS:

307

-
nsupdate, . , ?
:

, - mlb.fx.movie.edu,
, , .
:
( ,
SOA- NS-), .


DNS- , ,
, DNS-. . DNS-
.
DNS- BIND 8
, 100 , , . DNS- :
. DNS-
, NOTIFY ( ) DNS- , ,
.
DNS- BIND 9
.


, . DNS-
. , DNS-

.

308

10.

DNS-
BIND 8 9 . 1 , , , . DNS- (
). DNS- BIND 8 log-, . ( , .)
DNS- BIND 9 log-,
,
. (DNS- BIND 8 ,
,
.)
DNS- BIND 8 log- .log . DNS-
BIND 9 .jnl. , ,
- .
DNS- BIND 8 log-
( , DNS- ), DNS-. DNS- BIND 9 log- . log- , log-
DNS-.
- , log- BIND 8
:

log- BIND 9. ,
, , .


,
, , ,
. , DNS- BIND 8 BIND 9
,
.
1

, .

DNS:

309

, allow-update updatepolicy zone , .


allow-update .
.
:

TSIG-
DNS- BIND 9.1.0 , : IP-? DNS- DNS-, , , , . .1
, -, , . allow-update-forwarding .
,
IP-. , zone
,
Special Effects:

,
TSIG-. TSIG 11 ,
, TSIG- . , . , .
1

BIND 9.1.0 , , IP-.

310

10.

.
DNS- BIND 8.2 TSIG-:


fx.movie.edu - TSIG- dhcp-server.fx.movie.edu.
,
TSIG- IP-.
BIND 9 , allow-update,
, TSIG-. zone,
update-policy. update-policy , , ,
. DNS-- , DNS- .
, ,
, . update-policy:

grant deny :
. identity
, .
nametype :

, , . .
subdomain
, , (
). (,
.)
wildcard
, , , .

DNS:

311

self
, , identity ( ), ,
. nametype self, .
( ), .
, - , nametype. wildcard nametype, -.
types , ( ,
), NXT. ( ANY
, NXT.) types , , SOA, NS, SIG NXT.
update-policy: ( , ).
, mummy.fx.movie.edu mummy.fx.movie.edu,
, mummy.fx.movie.edu , , :

- , :

-, , :

312

10.

update-policy , SRV-, .
, , :

:
, , identity , fx.movie.edu (, NS-
), - .
TSIG-,
, nsupdate - , .

DNS NOTIFY
( )
DNS- BIND DNS--, ,
. . SOA- .

DNS NOTIFY ( )

313

,
DNS-.
. , DNS- ,
? , DNS--
, ; ,
mtime (
Unix) , , 1 , .
DNS-- , , ,
DNS- .
RFC 1996 ,
DNS-- . ,
DNS NOTIFY, DNS- BIND 8 9.
DNS NOTIFY : DNS- , ,
DNS-, .
NS- ,
DNS- MNAME SOA-
.
DNS- ? DNS-
, DNS-- , . .
, .
NOTIFY- DNS-.
QUERY. NOTIFY-, ,
, NOTIFY (!). NOTIFY SOA- :
, 1

,

.

314

10.

, , SOA. , .
NOTIFY-
DNS-, ,
NOTIFY-.
- , , . DNS-
, : SOA- , , DNS-cep. , .
- , ? , -
NOTIFY-, , DNS- , DoS (denial-of-service, ).
RFC 1996 - , , -
NOTIFY .
: DNS--
DNS-,
, . BIND 8.2.3 BIND 9,
BIND 8. DNS- BIND 8 NOTIFY-, .
. DNS-- movie.edu terminator.movie.edu, a wormhole.movie.edu zardoz.movie.edu - DNS- (. 10.1).

. 10.1. movie.edu,

DNS NOTIFY ( )

315

movie.edu terminator.movie.edu
, terminator.movie.edu NOTIFY-
wormhole.movie.edu zardoz.movie.edu.
terminator.movie.edu, .
, movie.edu,
, . wormhole.movie.edu
zardoz.movie.edu DNS- BIND 8.2.3
BIND 9, NOTIFY- , .
wormhole.movie.edu DNS-- zardoz.movie.edu ( movie.edu) ,
NOTIFY-, .
DNS- BIND 8 NOTIFY log syslog. log- terminator.movie.edu movie.edu:

NOTIFY-, terminator.movie.edu (2 NS), ,


movie.edu 2000010958.
DNS-. (DNS- BIND 9 log- NOTIFY-.)
.
DNS-- b, b - .
, b (. 10.2).
b , . b , ,
. NOTIFY- , DNS--
( b). b DNS-
BIND 8.2.3 BIND 9
, b
NOTIFY , , b. BIND 8.2.3 BIND 9, NOTIFY- b, , , .

316

10.

. 10.2.

, ,
NOTIFY- ,
masters DNS-
.
NOTIFY-, .
BIND 4 ( ,
NOTIFY) Not Implemented (NOTIMP, ). , Microsoft DNS DNS NOTIFY.
DNS NOTIFY BIND 8 9, notify:

NOTIFY .
, , fx.movie.edu
BIND 4, NOTIFY. zone:

NOTIFY-
DNS- fx.movie.edu. NOTIFY , . ,

(IXFR)

317

BIND 8, BIND 9 NOTIFY .


BIND 8 9 NOTIFY- DNS- , NS- . ,
DNS- ( 8 )
, .
DNS-
BIND 8, -
NOTIFY-.
NOTIFY-, also-notify zone:

BIND 8.2.2, also-notify options.


NOTIFY (
also-notify).
BIND 9.1.0, notify explicit; NOTIFY- DNS-, , also-notify. , allow-notify, DNS- NOTIFY-
DNS-- :

options allow-notify
. zone allow-notify ,
allow-notify .

(IXFR)
, NOTIFY,
- - , DNS- . ?

318

10.

, . , . : ,
,
Windows 2000 DHCP.
, , . (
Windows 2000 16 .)
, DNS-- , , NOTIFY- DNS-.
, , , , . ,
, .
! DNS-
, , (, ).
(incremental zone transfer IXFR)
, DNS- , , .

.
- IXFR AXFR
( ),
SOA- . DNS- , ,
, DNS-. ,
. .

IXFR
? ! IXFR , . -, BIND 8.2.3. DNS- BIND 9
IXFR, BIND 8.2.3.

(IXFR)

319

, IXFR , . , , ,
, IXFR. DNS--
BIND, ,
. DNS BIND, , , .
, IXFR,

.

IXFR
DNS- BIND 8 IXFR,
.
, IXFR . ,
IXFR , DNS- . IXFR-
.ixfr.
DNS- BIND 9 IXFR- . DNS-- ,
, . DNS- BIND 9
AXFR- , , .

IXFR BIND 8
IXFR BIND 8 . -,
DNS- maintain-ixfr-base options, IXFR - , DNS-
, DNS, IXFR-:

320

10

, IXFR-
. support-ixfr:

,
IXFR- DNS--. , ixfr-base
zone:

, DNS- IXFR-
:1

IXFR- 100 , . 100


.
, many-answers. .

IXFR BIND 9
IXFR DNS- BIND 9 , : . ( ,
), provide-ixfr server,
yes:

BIND 8.2.3 ( 1) - .

321

provide-ixfr options, DNS-cep, provide-ixfr


server.
DNS- BIND 9
many-answers , transfer-format.
request-ixfr, options server. IXFR- HeIXFR- DNS-- DNS- :

BIND 9 max-ixfr-log-size.

- , , - , ,
. DNS- . BIND , : forwarders ().
.
, ,
DNS-, DNS-
. ( 11, .)
, DNS-
. ,
, -

322

10.

.
,
, . DNS- , -
- , .

DNS-, .
, DNS, , DNS- : .
, DNS- , DNS-.
, DNS- , , .
DNS- , DNS-.
forwarders BIND 8 9, BIND 4 - DNS- movie.edu. wormhole.movie.edu terminator.movie.edu . forwarders
DNS-,
, :

BIND 4:
,
.
. , DNS- , - (, , ).
, : , .

323

DNS-
DNS- - DNS-,
. , DNS-
forward-only. DNS- forward-only DNS-, .
- , , , DNS- . DNS-, :

DNS- BIND 4:

DNS- BIND 4.9 slave ( options forward-only):

slave . DNS- BIND 4 slave forward-only. slave - DNS, -.


forward-only
forwarders. forward-only. DNS- BIND ,
8.2.3, forward-only, , IP- . DNS-
BIND 8 :

DNS- BIND 4 :

324

10.

DNS-

.
DNS- .
, DNS-cep forward-only - . DNS-
. DNS- :
resolv.conf, nameserver . ,
, DNS-, . ,
DNS- DNS-.



:
, DNS-, . , . , , - .
BIND 8.2 - ,
DNS-
. (
BIND 9 9.1.0.) , DNS
pixar.com DNS- Pixar:

DNS-cep, DNS-
DNS- pixar.com, ? , Pixar DNS-, , pixar.com.

325

zone,
,
. , , foo.bar.pixar.com, pixar.com, , pixar.com (
pixar.com - ).
,
.
, .
, DNS-, , options, .
zone,
forward. forwarders - , -. ,
options, :

- ,
? DNS- ?
,
,
.
movie.edu, fx.movie.edu. DNS- matrix.fx.movie.edu DNS-cep 192.249.249.3 192.249.249.1.
NS- movie.edu, DNS- fx.movie.edu.

, .

1
326

10.

DNS- BIND 8.2.3 . DNS


; DNS-
, .
, , . BIND
, ,
. BIND 8.2.3 , ,
DNS-.
, BIND 9 , , , .

BIND 9 (views), ,
, . DNS- . , DNS- , , ( ).
, BIND 9
, , . , view, :

, . ,
, , BIND ( internal, ). view options, .
, , match-clients view,

327

. match-clients, .
, fx.movie.edu, Special Effects. , :

,
acl:

, ACL- , acl view.


view? .
zone, DNS- server,
TSIG key.
options,
:

, ,
(, options) -
match-clients.
, view
BIND 9 ( ), doc/misc/options BIND.
named.conf , :

328

10.

, fx.movie.edu
254.253.192.in-addr.arpa,
. , .
view , IP- , . external
internal, internal ,
.
( ,
): view, zone .

Round Robin:
DNS-, BIND 4.9,
, ,
BIND.
(Bryan Beecher) BIND 4.8.3, -
- .

Round Robin:

329

, DNS- . ,
foo.bar.baz IP-, 192.168.1.1,
192.168.1.2 192.1.168.3,
DNS- :

- :


.
, , , FTP-, -, , .
: , DNS- IP-.
BIND 4.9 ,
. DNS- ,
-. ( , DNS- ,
1
. ) :

DNS- 4.9
, 4.8.3. BIND
round robin.
,
. , DNS-, , . DNS-cep1

BIND 9 PTR- . BIND 9


.

330

10.

,
.
, , , DNS- , , .
192.168.1.3 486DX33,
Linux, 9000; Linux- .
, BIND .

CNAME-
DNS- BIND 4
CNAME- ( ):

, ,
, CNAME- . DNS- BIND 4 (
) CNAME-
foo.bar.baz round robin.
, DNS- BIND 8
. , , CNAME-
:

DNS- BIND 9 CNAME- 9.1.0. BIND 9.1.0 , multiple-cnames.

rrset-order
, DNS- round robin. ,
- . DNS-

Round Robin:

331

-
. ,
.
DNS-, BIND 8.2 ( BIND 9 9.1.0), round
robin . , www.movie.edu, rrsetorder:

, , TTL
www.movie.edu, DNS-, , .
class, type , . IN, - ANY, - *,
. :

, DNS-.
:

rrset-order,
.
.
rrset-order (-, !) :
fixed

.

332

10.

random
.
cyclic

(round robin).
:

, rrset-order , DNS-.
SRV-, 16.

DNS-
round
robin, - . ,
,

. rrsetorder .
, , , ,
. , , , . 10
( ARPAnet) . ,
,
.
DNS-,
6, sortlist, - ,
.
DNS- , - , .
DNS- , . -

DNS-

333

BIND 4.9, ( DNS-) , 4.9,


BIND, .
DNS-, 4.8.3.
BIND, ,
DNS-cep. - - - BIND 8.2. BIND 9.1.0 - BIND 9, .

BIND 4
BIND 4 , BIND 8, ,
, . BIND 8
.


. , , -; , - . NFS . ,
. , - NFS-.
4 BIND , BIND
.
- ,
(wh249.movie.edu wh253.movie.edu wormhole.movie.edu) . -
, (, DNS) .

(, NFS), ,
.
DNS- BIND 4
: ,
DNS-, DNS-
(, ). BIND , ? BIND , . BIND

334

10.

. BIND ,
,
. , BIND .
(. 10.3), notorious DNS-
BIND 4. DNS- . spellbound DNS notorious, , notorious . ,
notorious spellbound , . charade DNS- notorious,
, notorious , . DNS- ,
DNS-. .
. , DNS-
gaslight. spellbound DNS- gaslight
notorious, , ,
spellbound gaslight , , DNS-. charade
, -

. 10.3.

DNS-

335

gaslight. notorious
charade, ,
- DNS-. , BIND 4 charade, DNS- .
, DNS- : DNS- ,
,
.
DNS-, NFS ,
.


, ,
. , movie.edu
192.249.249/24 192.253.253/24. 10/8
( ARPAnet). , ,
- 10/8 26/8.
26/8, - . 26/8 , 10/8 (. 10.4).

. 10.4.

336

10.

terminator.movie.edu reanimator.movie.edu,
10/8, 26/8
, . , DNS- terminator.movie.edu 10/8 reanimator.movie.edu;
, terminator.movie.edu 192.249.249/24, 10/8 26/8.
sortlist.
10/8 named.boot:
sortlist .
sortlist
terminator.movie.edu 192.249.249/24 10/8.
, terminator.movie.edu
DNS- terminator.movie.edu, DNS- , , 192.249.249/24.
192.249.249/24, 10/8. ; reanimator.movie.edu
10/8.


. DNS-
, , . , , DNS- ,
. ,
: sortlist
. . DNS- ,
sortlist ( ),
.
, sortlist, , .

sortlist
- sortlist,
, :

BIND 8 9
DNS- BIND 8.2 ( 9.1.0
) . , -

DNS-

337

.
options, , sortlist.
sortlist
. sortlist . , , .
, IP . , , , , . ? :

.

192.249.249/24 , .
,
IP- . , DNS- , , , . , , ,
. :


192.249.249/24 ,
192.253.253/24.
, :

338

10.

DNS-:
BIND 8 sortlist,
DNS-. ( BIND 9 9.1.0.)
, , DNS- (RTT). - -. BIND 8 DNS 64
RTT. - -
32 ( ! !),
32 . 33 96, . . ,
DNS-, ,
.
, , , ,
. RTT- DNS- , , , . DNS- ,
, .
, DNS-, .
DNS- .
,
DNS-. :

DNS- 15/8, 172.88/16. DNS- DNS- 15/8, DNS- 172.88/16


DNS- 192.168.1/24, , RTT
,
DNS- 15/8.
, DNS- .
,
. ,

DNS-

339

DNS- DNS-,
, , , .

DNS-
BIND , a DNS , ,
. ( , , 2 DNS.) DNS- .
, DNS-
, . , ,
DNS-. DNS- ,
. ,
, . ,
DNS-. , DNS-
, , , .1
DNS- BIND :

DNS- BIND 4.9 :


,
.
, recursion :

, ,
. :
, nslookup. ,
.

340

10.

, BIND 4.9:
DNS- . DNS BIND 9 ,
fetch-glue BIND 9 .
DNS- resolv.conf.
DNS- , , .1
DNS-
, allow-recursion, BIND 8.2.1 ( BIND 9). allow-recursion
;
, , :

allow-recursion IP-.
, DNS- . DNS-
, . DNS- ,
allow-recursion.
DNS- , ( ,
DNS-
DNS- ). ,
DNS- .

DNS-

DNS-, - , , 1

. , , , ,
, , nslookup, - .

DNS-

341

.
.
DNS- , ; DNS-cep BIND 4.9, BIND 8, BIND 9, 9.1.0.
:

BIND 4.9:
, IP- .
DNS- , ,
. , DNS- , .
DNS- - blackhole. DNS-
DNS- , .1 blackhole - options, :

DNS- , (. RFC 1918).


, -
.
blackhole BIND 8
8.2, BIND 9 9.1.0.
1

. , allow-query, , ,
. , blackhole, . .

342

10.


DNS- BIND
,
. , DNS-.


DNS-.
DNS- BIND 4 ( ,
) fork( ) named,
- . BIND 4.9 , . BIND 8 9 .


DNS-
BIND 4.9 , DNS-
. , - , .
BIND 8 9 :

BIND 4:

BIND 9 DNS-, . transfers server:

, ,
options. DNS-.
, , . . , DNS-

343

. DNS- ,
. , DNS . , DNS- . , , ; .
?
, DNS- , , , . , , DNS- . , , DNS-
, .



DNS-. DNS-. 4.9 BIND DNS- .
10 . , DNS-
DNS-. DNS-
DNS-, , .
BIND 8 9:

BIND 4:
, .
, , ,
, . DNS. ( , DNS-
, . -

344

10.

,
DNS-.)


DNS- BIND 9
.
, ,
DNS- ,
. BIND 9:

10.


DNS- BIND 8 9 . 120 ( ). , ,
, ,
, , , . (,
DNS- , ) :


max-transfer-time-in zone. ,
, rinhydink.com
(, ) - - ,
( ),
:

345

BIND 9 max-transfer-time-out, ( options zone).


( DNS-);
, max-transfer-time-in, - 120 .
BIND 9
. , max-transfer-idle-in max-transfer-idle-out, , .
options zone. 60
.



, DNS- . , DNS-
, ,
DNS-
. ( DNS-,
,
SOA-;
SOA-.) ,
,
DNS-- DNS-
.
9.1.0, BIND
max-refresh-time
min-refresh-time. -
options - zone. :

, 9.1.0, DNS-
max-retry-time min-retry-time,
.

346

10.


, , , -.
DNS
. : , . . DNS-, -,
, 64 !
DNS- BIND 8 9 , many-answers. many-answers
DNS . many answers , , , ,
DNS.
, DNS- ,
,
transfer-format. To , DNS-.
transfer-format options
server; options transfer-format . BIND 8
, one-answer, DNS- BIND 4. BIND 9 many-answers. :

DNS- DNS- many-answers, , server, ,


:

many-answers -
, , .
, :

347

many-answers (
, BIND 9), DNS- BIND 8, BIND 9
Microsoft DNS,
.
one-answer,
DNS-
BIND 4. transfer-format server, , .
, BIND 9
server DNS-
BIND 4 one-answer.


DNS-, :
, .
BIND 4.9, BIND 8
9 - .


, . DNS- ,
DNS-.
, ,
. BIND 4.9, BIND 8 BIND 9, 9.1.0, ,

.
med , .
BIND 8 9 :

BIND 4:
size () - , . , : - , m - , g - . , 64m - 64 .

348

10.


. DNS-
syslog LOG_WARNING, .


DNS- BIND 8 BIND 9, 9.1.0, , ,
named. :

size , datasize. datasize, stacksize , .


, named
(core files), coresize. , named
- ,
,
. coresize:

datasize, ,
, BIND 9 9.1.0.


DNS- ,
named - ; , , DNS- . , DNS- 1
, named
1

14 DNS BIND .

349

. Unix , .
DNS- , , syslog :

,
files:

( ) unlimited
( ), , DNS- , . ,
, - BIND 9 9.1.0.


BIND 9
, DNS-. ( DNS-, )
recursive-clients:

1000. , DNS log :

. , DNS-
,
.
, TCP- ( -)
tcp-clients. TCP- , UDP-,
TCP-. - 100.

350

10.

SOA-
BIND 8.2.2, DNS-
SOA-. ,
SOA-. ,
, , DNS- BIND 8 . DNS- , serial-queries:

serial-queries BIND 9. BIND 9


SOA- ( 20 ),
.


DNS- BIND , , . BIND 8 9
.


DNS- BIND 4.9
. , DNS-
, .
TTL , DNS- ,
. , DNS- BIND 4
,
, .
DNS- BIND 8 9
. ,
DNS- BIND 8 9 , DNS- BIND 4.
, , DNS-
.
60 . cleaning-interval
options. :

351

120 . ,
.


, BIND . DNS- BIND 8 9 , , .
. ,
60 . ,
,
, -
:

, , , .


- , DNS- BIND 8,
. ,
,
, .
statistics-interval :

60 ,
.
BIND 9 log- syslog,

.

352

10.

TTL
- BIND TTL - . BIND 8 9
.
BIND 8.2 DNS- TTL max-ncache-ttl options. , 8.2,
( RFC 2308 , 4). , DNS SOA- ,
TTL - ,
, . DNS-
:

TTL . 10800 ( ). ,
(
DNS-), DNS-
, .
DNS- BIND 9 TTL - max-cache-ttl. - . DNS- BIND 8 , .
, , TTL, ,
, TTL. ,
DNS- , DNS-
, .
, DNS, . DNS- BIND 8, 8.2,
BIND 9 , 9.1.0,
TTL lame-ttl options. 600 (10 ), - 30 . DNS- -

353

, , .

, , DNS- DNS.
rfc2308-type 1 , DNS-. DNS-cep BIND 8 9 SOA-
. NS- , DNS-
- . ,
- (,
) NS-, :

rfc2308-type 1 BIND 8.2;


BIND 9 .

DNS- . ,
,
, , . DNS- : . . !
auth-nxdomain options , DNS-
, DNS- .
BIND 8 auth-nxdomain on ( ); BIND 9 .
, BIND 8.2.2
Windows NT, , DNS- , (,
Windows) , ( Unix). ,
:

354

10.

BIND 9 , DNS- .

IPv6
,
IPv6- ,
IPv6. , , ,
IPv6 128 . IPv6 - ,
. :
( - 0123)
() .
, ,
, :
;
::. :: . , IPv6-. :

32 IPv6- dead:beef,
96 - .
:: IPv6- . , loopback- IPv6
:
127 , . ::
, :
:: , .
IPv6 , CIDR-
IPv4.
IPv6
. , -

IPv6

355

(, , ):

IP 4 ,
IPv4-: , , , , .
32- IP-:
, , , - .
IPv6
, IPv6-
. - IPv6-.
- IPv6 - (Top-Level
Aggregators, TLAs). , (Next-Level Aggregators,
NLAs). NLA- - IPv6 (. 10.5).
IPv4-ce, IPv6-.

. 10.5. - IPv6

356

10.

IPv6, IPv6-, RFC 2374:

FP - (Format Prefix),
.
, ( ) IPv6 Aggregatable Global Unicast Address Format (IPv6 () ),
001. 13 . , 24
. : Site-Level Aggregator ID (
) SLA ID -
IPv4-, a Interface ID ( )
.

, . ,
TLA . TLA,
NLA- , - SLA- . NLA- TLA-, SLA NLA-.


DNS- BIND 9 IPv4 IPv6; IPv4 IPv6. DNS- BIND 8
IPv4. , , .

IPv4
listen-on
DNS- BIND 8 BIND 9. listen-on :

357

DNS-
, . ( , 53) , port:

BIND 9 :

, DNS- , DNS- , . , masters :

DNS- BIND 9 DNS-, , :

BIND 9 NOTIFY- . DNS-


DNS- , :
:
DNS- , - , ,

358

10

DNS- , - query-source:

,
, IP-. :

BIND :
,
, , . :

, query-source UDP-; TCP-


; , , .
transfer-source,
, . BIND 9
SOA-, DNS-,
:

query-source, IP-, address. BIND 8 port . BIND 9


:

UDP- ( SOA- ).
transfer-source
zone,

359

(BIND 9 - SOA- )
:

, BIND 9.1.0 , , NOTIFY-, notify-source. , , DNS NOTIFY- IP-,


masters . notify-source source-. :

transfer-source, notify-source
,
zone :

IPv6
DNS- BIND 9 IPv6-.
DNS-
IPv6-, listen-on-v6:

IPv4-, liten-on-v6
any . , DNS- BIND 9 - - port:

360

10.

, , 53.
IPv6-, transfer-source-v6:

, ,
, . transfer-source, transfer-source-v6 zone.
SOA- .
, BIND 9.1.0 ,
IPv6- NOTIFY- - notify-source.
IPv6 , , notify-source-v6:

transfer-source-v6, ,
zone.

IPv6:
, - 128-
IPv6-; BIND , - 32- .
IETF , RFC 1886. 128- IPv6- - , ip6.int.
BIND 4.9. , . ,
, - 6 DNAME,
DNS- .
ip6.int , IPv6-,

IPv6:

361

, ,
.

ip6.int
, RFC 1886
, ,
-. ( ). IPv6-, . - :
RFC 1886 ip6.int, IPv6-.
ip6.int 128- - , -. () . ,
-,
, ip6.int,
IPv6-, 32
32 . , :

PTR-, in-addr.arpa:

, DNAME-, - ip6.arpa
. -
-
IPv6 6 DNAME. 6
DNAME RFC 2874 RFC 2672, .
BIND 9.0.0.
- ip6.int , , , . ,
, -
, 24 IPv6-
NLA-.1
1

, NLA-
TLA-, 16 ...

362

10

NLA-. .

6
6 IPv6-, , 64 ( ), , .
, , . ,
DNS- 6 . ,
NLA- NLA- TLA-.
, 6:

64 IPv6- drunkenmaster.movie.edu ( 64 ,
-) , 64
- subnet1.v6.movie.edu.
subnetl.v6.movie.edu, , 16
64- (SLA-),
6 drunkenmaster.movie.edu, 6:

48 subnetl.v6.movie.edu , .
, 6 , movie-u.nla-a.net,
movie.nlab.net. , NLA-, NLA NLA . NLA
:


NLA, NLA- . , NLA-

IPv6:

363

NLA, TLA-, .
NLA-
,
TLA-, NLA-. NLA 6 TLA-.
NLA , :

TLA :

:
, IPv6- , TLA-
TLA1

TLA2:

6, DNS- 128
IPv6 drunkenmaster.movie.edu. :

TLA 1 NLA
, - TLA 2 NLA . ( NLA- .) , TLA 1 NLA- NLA ,
6 nla-a.tla-l.net ; 6, NLA . , IPv6 , NLA-.
DNS- NS-
6, - 128- IPv6-.
, DNS-
DNS- DNS-
IPv6- DNS-.

364

10.

DNAME-
, 6,
IPv6-.
6, , ip6.int.
IPv6-
DNAME, RFC 2672, , RFC 2673. DNAME-
CNAME- .
. , movieu.edu, vie.edu, movieu.edu :

DNAME- movieu.edu , movieu.edu,


movieu.edu. DNAME-, CNAME-, ,
CNAME- DNAME-. DNAME .
DNS- movieu.edu
, movieu.edu, , cuckoosnest.movieu.edu, DNAME ,
cuckoosnest.movieu.edu cuckoosnest.movie.edu,
movieu.edu movie.edu:
DNAME- s (substitute, ) sed. DNS- movieu.edu CNAME-. ,
DNAME- , CNAME DNAME-.
IPv6 - ,
()

IPv6:

365

. , IP-. .
, IPv6-, 128
! !
- ,
, .
"\[" " ] " , , , : ,
.
- , IPv6- drunkenmaster.movie.edu:

, ,
IPv6, , in-addr.arpa. , - , :
, 32
- , , .
-
IPv6-,
, . TLA 1 - \[0222/16].
DNAME- -
, IPv6, , , ,
IPv-.
,
\[x024200196642000102104bfffe10d24].ip6.arpa,
,
drunkenmaster.movie.edu
( TLA 2 NLA ). DNS-, ,
DNS- DNS- ip6.arpa,
:

366

10.

,
, DNS- ip6.arpa , :

( 16 ) ,
ip6.tla-2.net, ,
TLA 2. ip6.tla-2.net :

:
DNS-
DNS- ip6.nlab.net. ip6.nlab.net :
:

, ip6.movie.edu PTR-,
:

, PTR-, ,
ip6.movie.edu.
NLA-, DNAME-, NLA- , . , , ,
. ,
NLA-,
.

TSIG

11
^


DNS-cepeepa
DNS


DNS

^^

^^^

- , ? , .
- , , - .
- , - .
- ,
!
-
? - .
- , , .

DNS?
, ? .
1997 , ,
,
www.internic.net - InterNIC, , AlterNIC. (AlterNIC DNS-, ,
med porn.) ?
(Eugene Kashpureff), AlterNIC,
, DNS- , , www.internic.net - AlterNIC.
, ; , , ,
AlterNIC, InterNIC. , DNS-, www.amazon.com www.wellsfargo.com -,
. , -

368

11.

, .
, DNS. DNS
. , , DNS-. DNS-,
, , - .
.
- DNS, ,
.

TSIG
BIND 8.2 DNS,
, TSIG (transaction signatures). TSIG DNS,
.
TSIG, RFC 2845,
, DNS DNS-, ,
DNS (
) . ( DNS,
.)
TSIG DNS- TSIG- DNS. TSIG-
DNS ,
1
, .

, , , TSIG-
, .
,
, ( ).

TSIG

369

-
TSIG
,
-. , , - .
-
, - . , - - , , -,
.
TSIG , MD5. , MD5,
HMAC-MD5. HMAC-MD5
, 128- -
, .

TSIG-
TSIG-, : TSIG - -, DNS- DNS-.
DNS TSIG-,
, - , , , .
, TSIG- -, DNS .
( , , DNS
HMAC-MD5 -.) - ,
. - , ,
.
TSIG- DNS. []
(replay attacks), , (, RR-) . DNS

370

11.

, ,
( TSIG).

TSIG
TSIG , TSIG- , . , TSIG
DNS-- movie.edu ,
:

terminator-wormhole.movie.edu., key
, ,
. ( DNS ,
.) RFC o TSIG , ,
.
.
, -
- , . TSIG , ,
TSIG-, . :

hmac-md5. Base 64, dnssec-keygen, BIND 9, dnskeygen, , BIND 8.


dnssec-keygen,
:

- ,
. ( , dnssec-keygen
, , DNSSEC.) -b

TSIG

371

; RFC
128 . -
HOST, . ( DNSSEC ZONE.) .
dnssec-keygen dnskeygen ,
, dnssec-keygen
.
dnssec-keygen Kterminator-wormhole.movie.edu.+
157+28446.key Kterminator-wormhole.movie.edu.+157+28446.private.
. ,
- 157 28446, : DNSSEC (157 HMAC-MD5)
(fingerprint, ) (28446), -, . TSIG, DNSSEC
,
.
Kterminator-wormhole.movie.edu.+157+28446.key :

Kterminator-wormhole.movie.edu.+157+28446.private:


Base 64 mmencode:

, , , DNS- (, ssh)
, . named.conf , ,
, include key
, :
, TSIG: . TSIG- , -

372

11.

,
, DNS- . :

, NTP (Network Time Protocol) - .1

TSIG
, TSIG , , , . BIND 8.2
, , TSIG.
keys server, DNS-,
,
DNS-. ,
DNS-, wormhole.movie.edu, , 192.249.249.1
( terminator.movie.edu) terminator-wormhole.movie.edu:

terminator.movie.edu
, terminator-wormhole.movie.edu:

terminator.movie.edu , wormhole.movie.edu
.
TSIG, allow-update update-policy, .
1

NTP - Time Synchronization Server http://www.eecis.udel.edu/-ntp.

DNS-

373

nsupdate, BIND 8.2


,
TSIG-. , dnssec-keygen , - nsupdate. nsupdate BIND 9:

:
BIND 8.2 nsupdate
, -k , :

(, nsupdate
),
nsupdate BIND 9:
- , ,
Base 64.
, Base 64 , .
Net::DNS, Perl,
TSIG-. Net::DNS 15
.
, DNS, DNS.

DNS-
BIND 4.9 , DNS-. BIND 8 9 , .
, DNS- ,
DNS-.
,
DNS-, . , DNS- ,
,
DNS-.

374

11

BIND
DNS- BIND. BIND 8.2.3 .
BIND http://
www.isc.org/products/BIND/bind-security.html.
:
, ,
BIND.
comp.protocols.dns.bind.
BIND : , BIND
, , , ,
. ,
: BIND 4.9, DNS- . - CHAOSNET version.bind, BIND :

, BIND 8.2 DNS- version.bind:

, NE TVOE DELO , 8.2 ,


.

DNS-

375


BIND 4.9 , DNS-.
: DNS ,
.
. , ,
,
, .
allow-query, BIND 8 9, IP-, . (access control list, ACL)
,
, DNS-. , , IP-
DNS-.


allow-query :

,
, :


BIND 8 9 . allow-query
zone , :

376

11.

, , .
, , , ACL, . , ACL- ,
. ACL- , ACL-.
BIND 4.9 secure_zone. RR-, . ( BIND 8 9 , , .)
DNS- BIND 4.9 ,
DNS-
, ; secure_zone , DNS-.
secure_zone, -
DNS--. DNS- . ,
BIND 4.9 .
- ,
secure_zone, RR-
:
:
- IP- ,
. -
, . 15/8
, 15.0.0.0:255.0.0.0.
IP- 15.254.0.0 15.255.255.255
15.254.0.0:255.254.0.0.
,
. 255.255.255.255; ,
32- . , 15.255.152.4:
IP- 15.255.152.4 .
, movie.edu
,
DNS- BIND 4.9 BIND 8 9. db.movie.edu -
movie.edu:

DNS-

377

, loopback- (127.0.0.1), , ,
DNS-, DNS- .
:, log syslog:

, , secure_zone
, , vie.edu .
, secure_zone DNS--.



,
DNS-, , DNS- .
, DNS-,
( , )
, . ,
, . , , , ,
.
allow-transfer BIND 8 9
xfrnets BIND 4.9 , allow-transfer zone
, options -
. .
IP- DNS- movie.edu: 192.249.249.1
192.253.253.1 (wormhole.movie.edu), 192.249.249.9 192.253.253.9
(zardoz.movie.edu). zone:

378

11.

movie.edu DNS-- . DNS- BIND 8 9


IP-, DNS,
zone:

BIND 8 9 ACL . ,
zone. , IP-:

BIND 4.9 - xfrnets


. xfrnets IP-, DNS-. IP- . :

15/8 128.32/16.
- secure_zone, xfrnets
, .
(
IP-), .
: & . ,
.
xfrnets
I-15.255.152.4 128.32.1/24:

DNS-

379

, , DNS- BIND
8.2 DNS-,
. DNS key,
:

DNS- . :

DNS-- , , DNS-. DNS- ,


,
.

BIND
BIND
, ; DNS- BIND
root.
DNS-, , . ,
, root.

380

11.

BIND 8.1.2 , , DNS-cep. DNS- : , . , DNS-,


.
BIND 8.1.2
chroot() DNS-:
, . , DNS- , , , , DNS-.
:
-
, DNS- . : named -
bin.
-g
, DNS . named -g other. , DNS- . DNS-
BIND 9 ,
-g.
-t
, chroot()
DNS-.
- -g ,
. - DNS-,
named. DNS- med.conf root, . ,
, , DNS-, , . , DNS-
.
DNS- , ( log- syslog), ,

DNS-

381

DNS-, .
-t .
, , , named,
, DNS-.
. , /var
/named:1
1. /var/named , .
deu, etc, lib, usr var. usr sbin. var- named run:

2.

named.conf /var/named/etc/named.conf:

3. BIND 8, namedxfer usr/sbin/ etc ( ,


, /usr/sbin /etc).
/var/named named-xfer,
named, . , /var/named , named.conf /var/named
. ( BIND 9, , BIND 9 named-xfer.)
4. dev/null :
5. BIND 8
lib:

. BIND 9 , .
6. ,
syslogd :
1

Red Hat Linux 6.2, .

382

11.

-a /var/named/dev/log. Unix syslogd /etc/rc.d/init.d/syslog.


syslogd /var
/named/dev/log, named .
syslogd -, logging - 7 BIND -
chroot-.
7. BIND 8 - -g,
etc passwd group, - -g (
):

/etc/passwd /etc/group . DNS- BIND 9, /etc/passwd /etc/group, DNS- BIND 9


chroot().
8. , ,
named -t /var/named . syslogd, Unix named /etc/rc.d/init.d/named.
ndc DNS-
BIND 8, ,
Unix- -:
rndc DNS- BIND 9 ,
953.

DNS-
DNS- : DNS-
DNS-. - DNS- ,
-
DNS-.

DNS-
DNS- "
DNS- , DNS- NS-, . DNS-
.

DNS-

383

, DNS-. , DNS- (
DNS- ). - , - . - - DNS-,
DNS-, DNS-,
, .
, DNS- , .
: , IP-,
DNS- DNS-,
, , ,
. , BIND 8
9:

, BIND 4.9:
( , ). ,
. DNS-
DNS-, NS-;
DNS- , DNS- BIND 8 ( DNS- BIND 9 ):

, DNS- BIND:

384

11.

DNS-
DNS-, DNS-, - DNS-. DNS-, . , . ,
DNS-
DNS-, , , IP .
BIND 8 9 IP, . ( DNS-cep BIND 4.9 IP,
- - secure_zone;
.) allow-query :

DNS- , DNS-, ,
.
,
DNS- - use-id-pool:

use-id-pool BIND 8.2. ,


- .
,
, .
, ,
BIND 9, DNS- BIND 9
.

DNS-

385


,
DNS-, DNS- ,
? - . ,

BIND 8 9. - - ,
DNS-,
.
DNS- ,
, ,
.
named.conf :

, DNS-, - .
BIND 8.2.1
, allow-recursion:

386

11

allow-query : DNS- , ,
. ,
DNS- . : DNS- ,
DNS-, . allow-query , ,
allow-recursion.
named . DNS-, . ,
, IP.
, , . , IP-.
IP- . IP- named. , IP-,
named IP- , -

DNS-

387

loopback-. ,
, , , DNS-.
named.conf DNS-,
IP- :

named.conf DNS-,
:

, DNS- ,
loopback-, . (

388

11.

DNS- IP-
, allow-query, DNS-.) ,
. ,
PID- ,
-
PID-,
.
DNS-, , resolv.conf :

nameserver.
BIND 9, DNS :

DNS

389

: , . ,
, . ,
. movie.edu 249.249.192.in-addr.arpa . , , .

DNS
DNS . DNS BIND
, DNS .
BIND -
, , DNS BIND.
,
.
- .
BIND
.
DNS - DNS-, .
, , - . ,
-, .


BIND , , . -

390

11.
DNS . ,
, , ,
.

DNS, , .
,
. ,
, , DNS-. . Zwicky, S. Cooper . Chapman Building Internet
Firewalls (O'Reilly).1


.
, , TCP/IP (
OSI, - ). , ,
(TCP UDP), IP- , (. 11.1).

,

. 11.1.

1

, , -, I . 2002 .

DNS

391

DNS .
, DNS-
.
DNS- DNS- (
). , , .
- FireWall-1
Checkpoint, PIX Cisco SunScreen Sun.

DNS

393

. ,
DNS- .
Firewall Toolkit ( )
Trusted Information Systems (TIS
Network Associates) - , Telnet, FTP HTTP. Gauntlet
Network Associates Eagle Firewall Axent
.
, -
. ,
, , , DNS.
, , , ; , DNS- .


- DNS ( , ).
DNS- DNS- ,
DNS-. .
, - - :

BIND , . ,
BIND, DNS, . DNS-
DNS- , . DNS-
,
, .

DNS-, , DNS
,
. , Telnet, DNS,
telnet.

394

11.


, DNS, ,
DNS. , , DNS-, ,
DNS- , - (. 11.3).

. 11.3. , -

, , , DNS- DNS- . , DNS, (. 11.4).


DNS-,
DNS-, .
,
. ,
DNS- , , DNS, . forwarders, 10 .
. 11.5 : DNS- DNS-, -.

, .

DNS

395

, , DNS-

. 11.4. , ,
DNS-

. 11.5.

396

11.

, terminator.movie.edu wormhole.movie.edu,
DNS- DNS- . DNS-
. BIND 8
9 :

BIND 4 - :

,
. DNS-cep BIND 8.2.3 , , .
DNS- , , , , , , DNS-
. !


, . . , ,
zardoz.movie.edu:

zardoz.movie.edu movie.edu . , zardoz.movie.edu fx.movie.edu?


movie.edu, zardoz.movie.edu NS-, fx.movie.edu . zardoz.movie.edu , ,
, terminator.vie.edu wormhole.movie.edu. DNS-?

DNS

397

, zardoz.movie.edu terminator.movie.edu. , terminator.movie.edu


DNS- zardoz.movie.edu fx.movie.edu. , zardoz.movie.edu
.
: , , , DNS-.
DNS-, , , -
. ?

, DNS- ,
,
.

. -, DNS-, , , .

DNS-,
west.acmebw.com east.acmebw.com ; , -, . , , . DNS- west.acmebw.com
east.acmebw.com . -,
DNS- east.acmebw.com, , . DNS- east.acmebw.com ,
-.
, DNS-, DNS- west.acmebw.com ,
DNS- east.acmebw.com ,
(- ).
.
:
, . -

398

11.


,
BIND 8.2. zardoz.movie.edu :

, zardoz.movie.edu ,
movie.edu, vie.edu (, fx.movie.edu),
.
zardoz.movie.edu -
.
, zone
named.conf:

DNS

399

zone: , -. , DNS-
NS-, DNS- .
forwarders
. ,
PTR- 2.254.253.192.inaddr.arpa, doz.movie.edu 254.253.192.inaddr.arpa.
zone
DNS-, , DNS- BIND , 8.2.1
,
: , -

. , , .


, DNS-. DNS- .
, .
? ,
DNS-, ( ) , , .
DNS- ,
- 13 - . , DNS- . DNS- ,
1

BIND 9, , BIND 9.1.0.

400

11.

NS-
. , , DNS-.
: DNS-,
,
, .

DNS-
DNS- ,
,
DNS- .
, ,
DNS- .
,
DNS-.


. . , movie.edu :


edu. , movie.edu DNS-
edu, movie.edu .
, fx.movie.edu movie.edu. DNS- vie.edu , DNS-
movie.edu, , , DNS- movie.edu, ( ) .

DNS

401

in-addr.arpa
in-addr.arpa, :

,
254.253.192.in-addr.arpa 20.254.192.in-addr.arpa, ,
fx.movie.edu.
fx.movie.edu , , movie.edu. movie.edu
fx.movie.edu, , ,
fx.movie.edu.
in-addr.arpa 254..253.192.inaddr.arpa 20.254.192.in-addr.arpa, , . , DNS- Special Effects, bladerunner.fx.movie.edu, outland.fx.movie.edu
alien.fx.movie.edu, DNS-
, movie.edu.

db.root
SOA- NS-
DNS-:

402

11.

DNS- rainman.movie.edu awakenlngs.movie.edu.


-, DNS-
, , DNS- - !
db.root ( ,
db.root) :

named.conf rainman.movie.edu awakenings.movie.edu


:

DNS

403

BIND 4 named.boot:

zone hint cache - DNS- ,


, db.root. , DNS ? ,
BIND. BIND,
, 4.9, DNS-
, BIND 4.8.3 , DNS-
.
, DNS-, !
DNS- (DNS- ,
-)
DNS-, DNS- . , DNS-
, .

DNS-
DNS-, DNS, , . , ( ),
:

DNS-,
, vie.edu in-addr.arpa ,
.


404

11.


DNS-
,
DNS-,
DNS-. DNS- vie.edu, gump.fx.movie.edu. DNS- ,
DNS-. DNS-, . gump.fx.movie.edu.
DNS- movie.edu terminator.movie.edu, wormhole.movie.edu zardoz.movie.edu. DNS- , gump.fx.movie.edu DNS- vie.edu. DNS- movie.edu DNS-
fx.movie.edu. DNS- gump.fx.movie.edu DNS- fx.movie.edu , , .
. ,
DNS-, ,
DNS-,
terminator.movie.edu, wormhole.movie.edu.
gump.fx.movie.edu
, , terminator.movie.edu. terminator.movie.edu DNS-
fx.movie.edu DNS- . DNS-
fx.movie.edu, , , ( gump.fx.movie.edu)
DNS- fx.movie.edu.


! ,
DNS-.
,
sendmail .
,
-. , , ,
, postmanrings2x.movie.edu, - , -

DNS

405

. , db.root:

- *.edu * , 16 .
, movie.edu , movie.edu
edu. , edu, edu movie.edu.
,
movie.edu, ,
, postmanrings2x.movie.edu .
, , nic.ddn.mil, -, :

, vangogh.cs.berkeley.edu,
-:

postmanrings2x.movie.edu, -, postmanrings2x.movie.edu - . postmanrings2x.movie.edu ,


,
, -,
. sendmail.

406

11.



, DNS-,
: ,
, -
, . ,
, uk, -, , . ,
, , , .

-, , . , , , , ,
.
db.root:

, uk
holygrail.movie.ac.uk,
-, - -
.

DNS-
, :
DNS- .
-
. , .
, ,
DNS- DNS- -. , , - (proxy), .
. , DNS-,
.

DNS

407



,
. ,
, .
, , IP-
IP-, . , , .
BIND .
,
. , ,
, , - .

,
.
.
,
, , - .

,
, . movie.edu, movie.edu (SOA-
NS-), - (postmanrings2x.movie.edu)
DNS- ns.movie.edu, - www.movie.edu.
- - 200.1.4.2, -/
DNS- - 200.1.4.3. movie.edu
:

408

11.

,
movie.edu, DNS-
. ,
, , ,
.
db.200.1.4, IP , , :

, DNS- DNS- ns.movie.edu.


movie.edu , ,
postmanrings2x.movie.edu
.

DNS

409

-
- . :
, -
. : - , ? , -
, DNS- edu,
DNS- movie.edu, . - , , , , . ,
DNS-,
,
, -. ?
DNS-,
, - , - DNS- -
DNS-. , -. DNS, DNS-,
DNS- -. DNS- , .
DNS- , DNS- - movie.edu in-addr.arpa,
. ,
- movie.edu,
.
( DNS- ,
DNS- -
movie.edu.)
movie.edu, DNS- NS- DNS-. - movie.edu (, fx.movie.edu),
(. 11.6).

410

11.

. 11.6. DNS
named.conf - :

DNS

411

-
, - , , .
DNS- BIND 4.9 , - secure_zone
allow-query ( ). allow-query . options
named.conf:

BIND 4.9 secure_zone,


, -
:

loopback-
, -
DNS-!

412

11.


, , DNS- -.
, :
.
use-id-pool (BIND 8.2
, BIND 9).
() BIND chroot-
.
, named.conf :

DNS

413

-
- DNS- BIND 9, -
movie.edu , . DNS- ,
-, www.movie.edu. DNS- movie.edu.

10:

414

11.

,
movie.edu:
db.movie.edu, - db.movie.edu.external.
, , , , .

DNS
(TSIG), , DNS- , . ,
DNS- : ,
, DNS-, TSIG-. , TSIG ,
DNS-. TSIG -

DNS

415

DNS-
DNS- ,
.
, , - . DNS,
RFC 2535,
, .
: DNS (DNSSEC) , RFC 2535.
DNSEXT IETF
DNSSEC, ,
.
: , BIND 8 DNSSEC BIND 8.21,

BIND 9.
BIND 9. DNSSEC, .




.
, . - - .
, (
): . (
, RSA, .)
. ( , ),
. ,
, , 1

, BIND 8 . SIG- , trusted-keys.

416

11

. ( , -.)
, .
,
. ,
, . - ,
, .
,
(, ), . .
, - ,
.
, (
),
. -. -, . -,
, , . , -. - , . . 11.7.

KEY
DNSSEC, DNS,
. - DNS-.
RR- , . KEY.
KEY , . ,
, DNSSEC. , KEY, .
KEY :

DN5

417

. 11.7.

, . ,
256. - :

418

11.

- ,
. , , , DNSSEC;
.
- ,
. DNSSEC ,
,
.
KEY, , . ,
.
. - .
. ,
KEY ( ( ). ,
. , , .
:
00 . , . DNSSEC.
01 . DNSSEC .
10 . IPSEC
IP-, . DNSSEC .
11 .

. ,
.
KEY ( ) , KEY- movie.edu .
, 3, . KEY- , . :

DNS

419

0 .
1 TLS (Transport Layer Security,
), RFC 2246.
2 , , S/MIME.
3 DNSSEC. , DNSSEC 3.
4 IPSEC.
255
,
KEY-.
4 255
.
() KEY, 1, . DNSSEC , , . :
0 .
1 RSA/MD5. RFC 2535 , , RSA/MD5. RSA , ,
, RSA .
2 - (Diffie-Hellman). RFC 2535
.
3 DSA. RFC 2535
( ) DSA. , ,
.
4 .
RSA, ,
, .
KEY-
Base 64. DNSSEC ,
movie.edu.
, ,
.
, .

420

11.

SIG
KEY, ? , SIG. SIG- RRset. RRset - RR- , ; ,
wormhole.movie.edu RRset.
- movie.edu.
(RRset), ?
. wormhole.movie.edu; DNS-
. ,
?
SIG- wormhole.movie.edu:

wormhole.movie.edu,
, .
( ). wormhole.movie.edu ; . wormhole.movie.edu SIG-.
, 1, .
KEY, 1
RSA/MD5. RSA , ,
, RSA/MD5. , , RSA DSA,
RRset- SIG-, 1 (RSA/MD5),
3 (DSA).1
.
. wormhole.movie.edu,
, , 3. SIG-? SIG- .
1

,
,
DSA, , ,
RSA, RSA.

DNS

421

( , ), BIND .
TTL RRset. (,
.) TTL , DNS-cep, RRset-,
SIG-, TTL .
TTL,
- .

. ,
Unix,
1970 , SIG YYYYMMDDHHMMSS - . ( SIG- 11:54 2
2001 .) , . .
, SIG- RRset-. :
, , . : , .
() SIG-, 27791, - . - , , , .
( ),
DNSSEC , ,
.
, movie.edu, - .
, , . KEY-,
. , . - - .
- . SIG-,
. KEY-, Base 64.

422

11.

NXT
DNSSEC - NXT. .
, ? , DNS-
no such domain name (
). ? , .
NXT- .

, ,
-
(next - ).

,
? , .
, , , . .
,
() , , - ( , movie.edu
0.movie.edu). , vie.edu :

, movie.edu bigt.movie.edu,
fx.movie.edu bladerunner.fx.movie.edu.

DNS

423

, NXT . NXT- ( - ) movie.edu:


, movie.edu
- bigt.movie.edu, . ,
, movie.edu NS-, SOA-,
-, SIG- NXT-.
NXT- . , NXT-
:

, , wormhole.movie.edu
, , movie.edu, .
NXT- ? www.movie.edu, NXT-
wormhole.movie.edu, , www.movie.edu ,
wormhole.movie.edu. , -
movie.edu, NXT-, , , movie.edu -, NS, SOA, MX, SIG NXT.
SIG- NXT- , .
, NXT- ,
. , , , , ,
.

(--, , NXT-...) - BIND , NXT- SIG-.
, NXT- . , , NXT-, , . , , .
: , .

424

11.


DNSSEC, , . ( , !)
RRset- SIG-. SIG-, , KEY-. ,
DNS--. ? ,
, KEY-.
,
. , movie.edu KEY- , , - . , , , ,
, movie.edu.
edu. ,
edu, , movie.edu.1
KEY- edu ,
. KEY- SIG-:

, SIG-
edu, movie.edu; , KEY , .
- DNS--
edu? KEY- edu
1


KEY- , , , .

DNS

425

. ? , DNS-, DNSSEC.1
DNS, DNSSEC .
, edu ,
. DNSSEC
.


, DNSSEC , . movle.edu, edu
KEY-,
. DNS-
? ,
DNS- ?
DNS- BIND 9 ,
named.conf , . trusted-keys. trusted-keys
movie.edu:

- KEY . - . , . movie.edu
- , DSA,
:

, - ,
. ,
. , . :
. , , ? - !

426

11

trusted-keys DNS- BIND 9 movie.edu. DNS


fx.moie.edu, KEY- movie.edu, movie.edu,
,
movie.edu. , movie.edu , DNS- .


DNS- ,
: DNS-, ,
, . , fx.movie.edu .
movie.edu, BIND 9, ,
movie.edu - fx.movie.edu:

,
Base 64. ( ), ,
, ,
; - . DNS-, DNSSEC, : fx.movie.edu , .
BIND 9, , , KEY- fx.movie.edu, , , fx.movie.edu .


, DNS-, DNSSEC, movie.edu. , , wormhole.movie.edu. -, DNS- :

DNS

427

, +dnssec. DNS- BIND 9.1.0


DNSSEC (SIG, NXT KEY) ,
, DNSSEC. ? -

428

11.

.
. , ,
DNS. - .
, SIG-:
, , terminator.movie.edu , KEY- movie.edu .
SIG- outland.fx.movie.edu, wormhole.movie.edu, SIG- - ,
, UDP-.
SIG-, DNS-
KEY- movie.edu, .
, DNS- SIG .
: DNS- edu,
- , ,
movie.edu trusted-keys.

DNSSEC
dig , DNSSEC DNS,
DNS-,
,
( - ). ,
:

DNS , TCP.
TCP, , , UDP.
.

named.
, DNSSEC ,
BIND 8 .
DNSSEC BIND 9, .
, , DNS-
. DNS-
, ,

DNS

429

, . , BIND 9
, .


, ,
. vie.edu. , BIND 9,
, BIND 8, , ,
DNSSEC BIND 9 , BIND 8.


, - movle.edu:

dnssec-keygen DNS-cep. :
,
. , DNSSEC, DNS-.
dnssec-keygen TSIG
( ):
- , RSA.
DSA, RSA .
-b , . RSA 512 2000 . DSA - 512 1024 ,
64.
- . DNSSEC .
-
, movie.edu. dnssec-keygen
, .
TSIG, (001 27791) DNSSEC, KEY-
(001 RSA/MD5), , , .
. (Kmovie.edu.+001
+27791.key). ocoa.private
(Kmovie.edu.+001+27791.private). , -

430

11.

, , , , dnssec-keygen
, .private
, .


KEY- - . BIND 9 , , dnssec-makekeyset:
dnssec-makekeyset keyset-movie.edu1, :

-t TTL .
TTL ( ),
. , ,
. SIG- , KEY- ,
. ,
, KEY-,
- KEY-, .
30 . ,
. -s (start, ) - (end, ) . YYYYMMDDHHMMSS, . -s 1

dnssec-makekeyset, BIND 9.0.1 , : movie.edu.keyset. -


.keyset, Unix
.

DNS

431

. - (start).
(keysets) . , , , , .
.
1 , dnssec-signkey:

, movie.edu.signed.key:

KEY- , . DNS trusted-keys, movie.edu,


.


, KEY- :

, , , . movie.edu.signedkey .
dnssec-signzone:

, . .

432

11.

-
, dnssec-signzone med.conf , .
- .
, db.movie.edu.signed, :

DNS

433

, ,
movie.edu.
. !
, zone named.conf, :

syslog.
dnssec-signzone, :
-s, -
, SIG-;

dnssec-makekeyset.
-i (
). BIND 9.1.0 -.
-f , .
.signed.

, .
dnssec-signzone
, .
, , ,
.
, , -
, , ,
KEY- .
, dnssec-signzone :

, NXT-, ,
, . dnssec-signzone ,

434

11.

7,5 ( ). ,
dnssec-signzone .
-i ( - -).

DNSSEC
dnssec-signzone -
. DNS- BIND 9 .1 !
DNS- ( .private- ), DNS- BIND 9 , .
DNS- ( ) NXT-.
. , movie.edu:

( .) NXT-
misery.movie.edu, , 1

DNSSEC, BIND 8.

DNS

435

. nsupdate perfectstorm.movie.edu:

perfectstorm.movie.edu:

( .) , SIG-, movie.edu. 30 - , sig-validity-interval,


:1

BIND 9.1.0 sig-validity-interval


, .

436

11.

, ,
, .
perfectstorm2.mouie.edu ( , 1), :

NXT-:
perfectstorm.mouie.edu, perfectstorm.movie.edu . !
, , .
(, TSIG)
, .
, , , NXT- ,
, (
SIG-). , DNS- .
1

,
. , . - ..

DNS

437


,
, , , ,
, - - .

. , ,
, - - , . , , ,
:
, . , .
, .
.
, , , . ,
,
.
,
. ,
.
movie.edu ,
, . , . , .
, .
, DNS-, ,
KEY-
. :
1. .
2. , KEY-
KEY-, .
3. , KEY-,
.

438

11.

4. trusted-keys KEY.
, trusted-keys.
5. , KEY.
6. , KEY .
7. , ,
, KEY- .
8. , KEY.
9.
.
. :

, KEY, :

, KEY, :

( , , ,
- .)
KEY- SIG- :

DNS

439

, SIG-
27791 ( ),
47703 ( ). , .
,
/var/named movie.edu.signe.dkey,
, $INCLUDE db.movie.edu.signed. movie.edu.signedkey:

SIG- edu KEY-, .


, :

dnssec-signzone ,
, movie.edu.
, db.movie.edu.signed:

440

11.

KEY-, SIG- edu,


, .
- 47703.
KEY: SIG-, edu,
KEY-, .
, KEY, .
, , , , ,
.

DNS

441

?
, DNSSEC , , . ( , .) :
DNS.

, , , .
, , DNSSEC
, , . - ,
.

nslookup?
?




nslookup

dig

nslookup dig
- ? - ,
. - -
, .
- , ...
- , -
-. - ?
- - ? -
.
- , , - -
.

, DNS-, , DNS-, . nslookup,


BIND . , , nslookup -
. nslookup , , BIND 9
(deprecated, -
). , nslookup, . dig,
,
nslookup.
, , nslookup dig ( ), .
.

nslookup?

443

nslookup?
nslookup
, DNS-. nslookup DNS-,
, DNS-.
, . : nslookup DNS-
DNS-? BIND? ,
nslookup DNS, . nslookup ,
. .
DNS-, nslookup
DNS- ,
DNS-,
. , DNS-, nslookup . , nslookup
, DNS-,
, .
, .


nslookup DNS- .
DNS-. nameserver resolv.conf.
resolv.conf nameserver,
, , ,
, , ,
. .
, nslookup , resolv.conf, ,
. , .
, DNS-, ,
. nslookup DNS-,
. ,
.


nslookup
DNS-. -

444

12. nslookup dig

DNS-, , ,
DNS- , . nslookup
DNS-,
. DNS nslookup ,
, .


nslookup , , .
nslookup, BIND 4.9, :
, . nslookup,
BIND 4.9 ,
, . , nslookup , .
DNS-,
DNS- nslookup ( ).


nslookup , DNS-. DNS- nslookup SOA ; , , .

NIS /etc/hosts
nslookup
DNS-, . , ISC, nslookup
DNS; NIS /etc/hosts. DNS, NIS /etc/hosts,
. , nslookup ,
DNS-.1

, nslookup
NIS /etc/hosts; HP-UX.

445

?
nslookup , nslookup .
, .
, DNS- , .
,
nslookup:

? help.1 ^D (Ctrl-D), exit. nslookup ^ ( ,


), .
nslookup ,
(, ) >.
:

nslookup ,
. .
, .

nslookup BIND 9 ( 9.1.0).

446

12. nslookup dig


i

,
. DNS- - bladerunner.fx.movie.edu.
, nslookup bladerunner,
DNS-. 0.0.0.0
. nslookup DNS-
0.0.0.0 127.0.0.1, DNS-, , - bladerunner.
:
.
.
. , , ... . , , ? , . , nodebug ,
. , search
.
,
nslookup .
set (set debug set
domain=classics.movie.edu).
set (nslookup -debug nslookup -domain=classics.movie.edu). , . , nodeb
nodebug. , querytype type.
:
[no]debug
. DNS .
. ([no]d2).
[no]defname
nslookup , . ,
BIND , , ;
, nslookup (se-

447

arch , defname )
(search ).
[no]search
search
(defname). To defname ,
search . nslookup (srchlist) , .
[no]recurse
nslookup . . BIND . DNS- DNS- .
[no]d2
.
, -. d2 debug. d2
d2; debug . debug
debug, d2.
[no]vc
nslookup UDP-,
TCP-. BIND
UDP, nslookup . TCP, nslookup.
[no]ignoretc
nslookup .
- ,
DNS-
UDP- - nslookup , TCP-. BIND.
TCP- , TCP-
UDP-.
port=53

DNS- 53. DNS- , nslookup .


querytype=A
nslookup () RR-. , IP- (

448

12. nslookup dig


PTR), nslookup , in-addr.arpa PTR-.
class=IN
, - , - (IN).
, Hesiod (HS), Ultrix.
timeout=5
DNS- 5 , nslookup
( 10, 20,
40 ). BIND
DNS-.
retry=4
. . BIND.
root=a.root-servers.net.
root,
DNS- . root
nslookup server a.root-servers.net.
DNS- nic.ddn.mil ( ) sri-nic.arpa ( ). set root=server.
domain=fx.movie.edu
, defname.
srchlist=fx.movie.edu
search , , .
, . ( nslookup BIND 4.8.3
fx.movie.edu/movie.edu.
4.9 nslookup .1
/etc/resolv.conf, fx.movie.edu movie.edu.)

, nslookup : set all ,


(BIND 4.9 )
(BIND 4.8.3 ).

449

.nslookuprc
nslookup .nslookuprc. nslookup
.nslookuprc ,
, . .nslookuprc
set, .
, , , nslookup sri-nic.arpa DNS-. DNS-, , .nslookuprc:
set root=a. root-servers.net.

.nslookuprc , , nslookup .


nslookup ,
. .

(set nosearch) , . ,
.


, nslookup: IP-
-
DNS-. ,
, .


nslookup ,
. ,
querytype, :

450

12. nslookup dig

, DNS.
DNS
RR-.


, nslookup , , , - . :

451

. , DNS slate.mines.colorado.edu, DNS- mines.colorado.edu, mines.colorado.edu . ,


DNS- nslookup. , . slate.mines.colorado.edu DNS- .1
,
. , .
, .
, , , , ,
, , , , .

DNS-

DNS- , ,
. DNS- nslookup
lserver. server lserver ,
lserver DNS- - ,
- , ; server DNS- . , ,
:

DNS-, relay.hp.com,
lserver. .

, BIND 9
.

452

12. nslookup dig

,
DNS-. galt.cs.purdue.edu DNS-,
relay.hp.com:

, lserver,
DNS- relay.hp.com:

DNS- galt.cs.purdue.edu ( DNS ),


relay.hp.com, DNS relay. lserver: DNS-, relay, - ,
. lserver, IP-
relay - server 15.255.152.2.
DNS-
. nslookup, DNS, DNS- ,
, :

, , nslookup
. , , , :

453

nslookup DNS terminator.movie.edu -


fisherking.movie.edu.
, DNS- , nslookup
:


, , . DNS BIND;
, , DNS- BIND, ,
.

-
-
nslookup .
debug. - d2.
set nodebug, set nod2 .
.
RFC 1035, 25
.

454

12. nslookup dig

455

- -.
, , . DNS : (Header), (Question), (Answer), (Authority) (Additional).

. , nslookup,
QUERY. : (NOTIFY) (UPDATE), nslookup , .
ID . , , , . want recursion
, .
. auth. answer
. ,
DNS-, . , rcode,
: error ( ), server failure ( ), name error ( , nxdomain
nonexistent domain - ), not implemented
( ) refused (). server failure,
name error, not implemented refused nslookup Server failed, Nonexistent domain,
Not implemented Query refused, .
,
, RR- .

DNS ;
, .
DNS
. ,
. ,
, , .

RR-,
. RR-. -

456

12. nslookup dig

, , .

DNS-
(NS-).
DNS-, DNS- .

, . , DNS- ,
. , DNS-, .
, , DNS :
. , . DNS-
. ,
.

DNS- BIND
nslookup , DNS-. , DNS-
- . , , DNS- . ,
nslookup, .
DNS- , , DNS- .
nslookup ,
. ,
.
nslookup , .
DNS-, set norecurse set nosearch. :
nslookup -norecurse -nosearch.
DNS- BIND , ,
, . , , DNS- , -

457

. DNS-
, , NS-.
NS-, . DNS- NS- .
DNS- NS-. , , DNS- DNS-,
NS-. DNS- DNS-,
, , .
DNS-, .
, NS-
gov. , DNS- relay.hp.com www.whitehouse.gov; NS-, gov. DNS- DNS- gov
. DNS- whitehouse.gov. DNS- DNS- whitehouse.gov :

458

12. nslookup dig

DNS- gov (,
, DNS-
DNS- gov):

DNS- gov. DNS, :

DNS- whitehouse.gov - :

459

, , DNS . , . 2.12 2.13.


,
, DNS- :
www.whitehouse.gov? ,
, DNS- gov
www.whitehouse.gov? DNS- , DNS- whitehouse.gov. ? , - .
, . DNS-
, DNS- , .
DNS-, , DNS-, ;
, ,
DNS-.
,
, ,
, - , DNS-. ,
? , , DNS .
, named . , DNS- , , , , .


nsloohup
ls. , ,
.
, nslookup .
,
.
: DNS-
, . - , .
movie.edu. , - SOA- , ,

460

12. nslookup dig

. nslookup
NS-,
-d :

, ,
, nslookup :

nslookup

461

nslookup view, . BIND 8 view ,


BIND 9 - 9.1.0 - .

nslookup
, , ,
. , nslookup . nslookup ( ) , , .
nslookup
, DNS-. .


, , . nslookup
, , - , :

? ,
set type=any:

462

12. nslookupn dig


, ?

no response from server : . , nslookup


- . , DNS- - 0.0.0.0, , nslookup
( hostname) Default Server ( ),
. -
, . ,
DNS- - DNS-
.
, DNS- ,
, nslookup
. DNS-, , DNS-, , ? ls:

DNS- .1
, timed out (
1

- , -
TCP- - (
response) (timeout) . - . . .

nslookup

463

). , DNS- , :

,
foo.

PTR- DNS-
nslookup: -
, nslookup :

nonexistent domain ( ) ,
3.249.249.192.in-addr.arpa . , nslookup 192.249.249.3,
DNS-, . ,
nslookup ? nslookup . . resolv.conf,
nameserver, nslookup , DNS-. DNS-
192.249.249.3, , PTR-
192.249.249.3. ,
, , 3.49.249.192.in-addr.arpa.
default servers are not available (DNS- ) . , DNS-, , . , , , no response
from server ( ). default servers are not available .


, .

464

12. nslookup dig

nslookup :

. DNS-
( nslookup)
.
nslookup ( 4.8.3)
. - nslookup , . BIND 4.9
, nslookup. .
BIND 4 :

BIND 8:
(BIND 9 fake-iquery
9.1.0.)
DNS- , ,
1
nslookup .
.
nslookup DNS- ( , PTR-), .
, , , , , DNS-. - securezone allow-query, IP- , loopback-, nslookup , DNS-.
nslookup. , nslookup DNS-. :

, ,
192.249.249.3 - , [192.249.249.3].

nslookup

465

DNS- resolv.conf
:

, resolv.conf, .
resolv.conf nameserver,
DNS- . nslookup wormhole.movie.edu; 192.249.249.3.

,
, , nslookup DNS-, . . , nslookup d2 . nslookup ,
:

466

12. nslookup dig

( timeout), nslookup 75 , .
75 ; , .


, . . ,

( nslookup,
, 14 DNS BIND):

, UDP-. DNS- , . , nslookup


TCP-; , DNS-
, .
. NS- ,
. (,
,
.) - , , ,
, , DNS-, . DNS- -

467

root-servers.net -
(13). -
NS-. , , 14. , 9 , .


. , , . , ,

. , , , ,
. , nslookup:

dig
nslookup. - nslookup dig, Domain Information Groper - (
, ).
, dig , nslookup, , . dig
tools (BIND 4), src/bin/dig (BIND 8)
bin/dig (BIND 9) BIND. , dig.
dig ,

468

12 nslookup dig

dig . , ,
, (,
, -) - ;
. DNS-, , @,
IP-. DNS- solv.conf.
dig .
, a dig , - , , , , . 1
nslookup dig ,
dig , -
. :
plan9.fx.movie.edu;
DNS- resolv.conf.
:
- acmebw.com DNS-, :
DNS- wormhole.movie.edu SOA- vie.edu.

dig
dig DNS, (, , , ), RR- . ,
,
. , ,
:
:
1

BIND 9 ( 9.1.0) dig, , . DNS-, , .

dig

469

.
<<>> DiG 8.3 <<>> , ,
NS- DNS- a.root-servers.net.
, (1 server found), , dig,
, , -

470

12. nslookup dig

@, a.root-servers.net, . ( dig1 , , ,
DNS-.)
, ->> HEADER <<-,
,
DNS-. QUERY,
nslookup. NOERROR;
, - -, .
ID - , 16- , .
(flags) , qr
, , , dig , , qr .
rd. ,
a rd - , , (DNS ).
, rd ,
r, , DNS-
. a.root-servers.net
DNS-, ,
11 , , . rd
, , r.
, dig 13 , 13 .
QUERY SECTION: : NS- IN .
ANSWER SECTION: 13 NS-
DNS-, ADDITIONAL SECTION: - 13 -,
13 DNS-.
,
AUTHORITY SECTION:.
dig
. , DNS- . ,
DNS-.
. - .

dig

471

dig:
nslookup, dig
. nslookup dig ,
. axfr ( ) . ,
DNS-, .
movie.edu DNS- wormhole.movie.edu :

472

12. nslookup dig

, , nslookup, SOA- , .
, dig, -,
.1

dig
dig ,
, , dig.
-
nslookup ,
IP- in-addr.arpa.
dig . -, dig ,
IP-, in-addr.arpa. - ,
, ANY,
IP- dig -x 10.0.0.1.
-
,
53.
+norec[urse]
( ).
+vc
TCP- ( UDP-).

SOA-.

DNS-

(BIND 8)
DNS-

(BIND 9)

13
^

^
J^m

^
,^^^
^ ^ ^
^^^^r

BIND
-, , - ,
, .
- , !
- - , - .
- !

DNS-. DNS-
DEBUG,
. ;
, . . ,
, DNS-;
.
, .
DNS-.


, DNS-, . ,
.
,

474

13. BIND

. ,
, . , , 1 , . -
- , .

,
BIND 8
BIND 9. : 2 1. : ,
, .
,
. ,
14 DNS BIND, , DNS-
.
BIND 8 9 99 , log- , .

BIND 8
1
. DNS , .
,
. 1 . ,
DNS, log-
. (referrals).
2
2 : IP- DNS-, ,
RTT-; ;
- SYSTEM (sysquery) USER.
DNS-,
: , , -

475

, -
DNS- , .
3
3 , , DNS-.
.
, (sysquery), DNS-, , , .
4
4
, DNS-. .
5
5 ,
. , ,
malloc() DNS- .
6
6 , .
7
7 ,
.
8
.
9
.
10
10 , DNS-.
, 4. , DNS-
nsloohup dig.
11

, ,
.

476

13. BIND

BIND 9
1
1 DNS-: , ( SOA-, ,
), NOTIFY-, ( DNS-).
2
2 .
3
3
. ,
( requestmgr_detach?), . 3
, log ; , ,
DNS- log-
log- .
DNSSEC TSIG-
.
4
4 DNS-
AXFR , .
5
5 , .
6
6 , DNS-, .
7

( ,
, ).
8
, , 8: , . , , ,
RR-,
.

477

10
10 , .
20
20 .
90

BIND 9.
BIND 8 9 DNS- , . print-severity (.
log- BIND 8 9 7 BIND).
, -
BIND , , , , , , .
, , DNS- , , ,
DNS-;
.


DNS-
. , , .
. DNS- med.run. DNS- BIND 4 named.run /usr/tmp
( /var/tmp), a DNS- BIND 8 9 - DNS.



sortlist, , , , DNS-
( , , syslog, ). , ;

. , ,

478

13. BIND

: -d . DNS- BIND 4
, ; , & . DNS-
BIND 4 1:

DNS- BIND 8 9
-d, & .



DNS-, .
, ndc

DNS-. 3, :

,
, ndc
.
rndc BIND 9.1.0 trace notrace
( named 9.1.0), . , BIND 9
-d.


. DNS-. . - DNS-, .
DNS-, DNS-,
. ( )
DNS- , .
, , ,
- . , ,
, . , ( , . .).

479

DNS- (BIND 8, 1)
DNS-. DNS- BIND 8.
-d 1, ,
named.run:

480

13. BIND

, ,
. BIND .
8.2.3- 7 ISC (Internet Software Consortium) 2000 .
, ./named.conf.
7 23
BIND. DNS- , , db.127.0.0 ( 9 16)
db.cache ( 17-23). 9 (0.0.127.IN-ADDRARPA), 10 - , (db.127.0.0). 11 ,
. 12 , , ,
. 13 15. 16 23 z_time - , z_refresh - .
, DNS- .
25 39 . (
.) 20 21 ( 27-29)
loopback-, 127.0.0.1. 20 -
, 21 - . 22
23 ( 32-34) 192.249.249.3.
; ,
. 5 ( 36-39) , 0.0.0.0. - , , . , . , named
, , ,
.
named , DNS, , . named ,
, , . named ,

481

, .
named ? ,
, , . ,
.
, , - , . DNS- IP-, , , named
-, ,
,
. named , IP-.
43 47 DNS-
, DNS- . . DNS- , 13 DNS-.
, DNS- .

DNS- (BIND 9, 1)
, DNS- BIND 9:

, , BIND 8 9. BIND 9
. , BIND 8

482

13. BIND

, , . BIND 9 ,
.
, BIND 9
, , .
1 2 BIND
(9.1.0) . ,
named.conf, . 3 , ,
.
auth-nxdomain ( 10 ). 5 , IP 6;
BIND 9 .
6 7 , : 1, loopback-, eth0,
Ethernet-. BIND 9 #, BIND 8 []..
8 , named ,
953.
10-12 0.0.12 7.in-addr.arpa.
start () loaded ( ) . journal . (,
10, , .)
, 13 14
0.0.127.in-addr.arpa version.bind. (version.bind
CHAOSNET-, , version.bind.) - , , SOA- -, NOTIFY-.

(BIND 8, 1)
,
. . ndc,
, , , :

named.run:

483

484

13. BIND

-, , IP-, , DNS-.
. , ,
, . IP- .
, .
.
. , ,
. , , , , , ;
, .
IP- 192.249.249.3 (terminator. movie.edu). 127.0.0.1 , ,
DNS-. , ,
1162. DNS- (fd) 20. DNS-, , , 20. (len) 36 .
req,
, . ,
, - galt.cs.purdue.edu. - 29574. type=1 , .
class=1 - IN. /usr/include/arpa/nameser.h.
DNS- . DNS-cepBep>
; ( ). =0 ,
DNS- CNAME-. CNAME-,
, .

485

( 53) DNS- 198.41.0.10


(j.root-servers.net). DNS-
4 ( ). DNS- 40070 (nsid=40070),
.
29574 (id=29574),
nlookup. DNS-
DNS-.

DNS- j.root-servers.net. ,
.

, , ,
. , qtype=1 , .

edu.
192.36.148.17 (Lroot-servers.net), edu. Lroot-servers.net purdue.edu.

cs.purdue.edu.

DNS- 128.46.199.76 (harbor.ecn.purdue.edu) . , , 40072.

DNS- harbor.ecn.purdue.edu .
, .

, , , DNS- (
1162,
). UDP- ( -) 20.

486

13. BIND

DNS-
; . log- DNS-
.
, , .
. ,
nlookup, .
nsid-. BIND 8 ,
nsid-.

(BIND 9, 1)
DNS- BIND 9 1, . , , ,
. :

, IP- 192.249.249.3 (
), 1090, galt.cs.purdue.edu.
DNS-, ; , , .


(BIND 8, 1)
, -
. ,
,
, . , .
IP- . , !

487

, ( 1
11): DNS- ucunix.san.uc.edu, DNS- edu (i.root-servers.net), , DNS- uc.edu,
(uceng.uc.edu).
resend ( 12, 17 18).
Forw 11 resend(addr=O n=0) - , , .
uceng.uc.edu , DNS- ucbeh.san.uc.edu
( 12), uccba.uc.edu ( 17) mail.cis.ohiostate.edu ( 18).
, DNS- mail.cis.ohio state.edu ( 20). ,
nsid=3; ,
.
, terminator.movie.edu ( 14). , ,
, ,
3. , . DNS-
,
. DNS-
, .
, forw: req:,
, .
, , DNS ? , DNS-
( nsid=). , ,
DNS-. DNS , , ,
.

488

13. BIND

DNS- BIND 9.1.0, ,


BIND 9. , 3 BIND 9.1.0
, DNS- .

DNS-
(BIND 8, 1)
, ,
DNS-.

SOA- , , nslookup dig, 14.
, . ,
.

DNS- - - , . , DNS-
BIND 4 8 . DNS- med.run, xfer.ddt.PID.
PID - ,
.
- DNS- xfer.ddt.PID,
,
. 1,
log- print-time (BIND 8). 3 , , , , .
RR-
xfer.ddt.PID .

489

, . .
DNS- , vie.edu. , 00:13:18.026, ,
.
SOA- . 00:13:18.059 00:13:18.131
(26739), , , (pid 390) . 00:13:18.132 7200 . , . 00:14:02.089 .
1 , . (time 00:14:02.094), .

490

13. BIND

( 00:14:30.058) 1846 . 3600 ,


1846? DNS- .
, 3600 , , (1800), (3600).
00:45:16.046 , .
, ,
00:42:44.817, - . :
, ,
.
DNS- - BIND 4.
BIND 8, , .
, , NOTIFY:

DNS-
(BIND 9, 1)
DNS- BIND 9.1.0 1,
, . :

DNS- (BIND 8)

491

, 15:05:00.059, , DNS- ( ). -, DNS-


SOA- IN - movie.edu
(queue_soa_query ) . 15:05:00.062
, DNS-
, (2000010923 2000010922), {queue_xfrin). (15:05:00.070) , 15:05:01.089
DNS- (zone_timer).

movie.edu. , DNS-
movie.edu movie.edu, DNS- ( -, 6- -!), . DNS- NOTIFY-co - , - , - DNS-,
NS- movie.edu.

DNS-
(BIND 8)
, BIND 4.9
DNS- BIND 8.
galt.cs.purdue.edu, ,
.
foo.bar. :

492

13. BIND
foo.bar:

. ,
( 2),
, . , . ,
horror.movie.edu, . ( BIND 4.9 horror.movie.edu movie.edu.)

(ncache). ( 19), ,
,
. ( , 3 19. 3: foo.bar, 19 .)

DNS-
(BIND 9)
DNS- BIND 9.1.0
foo.bar:

, BIND 8, . ,
15:45:42.944, foo.bar,
cujo.horror.movie.edu (,
, IP- ,
). ,

493

DNS- (createfetch)
foo.bar: -, foo.bar,
- - NS- ,
foo.bar. NS- , DNS-
DNS- foo.bar , bar .
, , .
, 15:45:43.425, cujo.horror.movie.edu foo.bar.horror.movie.edu. DNS- (createfetch)
.
foo.bar :

createfetch? DNS-
.

. , IP .
Perl:

named.run
,
DNS-.

NIS?




TSIG

DNS BIND
- !
! - .
- ?
- , , - .
- ...
- ! - .
-
!


nslookup dig, , , DNS-. , Unix, ping,
DNS BIND.
- , . . ,
, , , , ,
.
, , .

NIS?

495

NIS?
DNS BIND, ,
, , NIS, ,
DNS. NIS , . , BSD-nslookup NIS. nslookup Sun, DNS-, NIS.
, ? nslookup
NIS , NIS. , nslookup HP-UX , NIS - :

nslookup
ypmatch, , - DNS NIS.
match ,
DNS-. NIS:

- DNS-:

, SunOS 4.1.1,
SunOS. ,
/,
.
, NIS, - ypcat
hosts. , , andrew.cmu.edu
NIS, :
NIS ( ,
), .

496

14. DNS BIND

, Unix, nsswitch.conf, ,
hosts. , NIS:

-
:
nsswitch.conf 6 .

. DNS .


nslookup, dig DNS-. , , : named-xfer, .

named-xfer
named-xfer - , DNS- BIND 4 8
. (, , , DNS-cep BIND 9 - ,
:
.) named-xfer , , ,
. ( 4.9 8 named
, .)
13 BIND DNS- BIND 8,
. (named-xfer)
. , named-xfer , , named,
( named).
, , , , named i

497

. ,
:

named-xfer BIND 8.2.3.


named-xfer .
named named-xfer - ( ,
), -f (
, named.boot med.conf), -s ( SOA-),
, (IP masters zone named.conf
secondary named.boot). named
, -d
named-xfer. , , TSIG .
named-xfer
-d. ( ,
!)
-l. /var
/tmp/xfer.ddt.XXXXXX, - , , /usr/tmp. , , IP-.
, , terminator.movie.edu:

498

14. DNS BIND

(serial),
named-xfer,
. - ,
named-xfer , .
, named-xfer
/tmp, .
? , named-xfer. BIND 8.1.2 :
0 , .
1 .
2

( ), named-xfer , , , , log- syslog.

3 , log syslog.
BIND 8.2 :
4 AXFR- () .
5 IXFR- () .
6 DNS- AXFR named-xfer IXFR.
DNS-, IXFR,
. , -
, .
, BIND 8.2 named-xfer
1. 4
6.

named-xfer?
BIND 9 named-xfer , - nsloohup
dig . , '
, , named-xfer.
dig
:

499

nslookup DNS-
ls -d .
, dig, nslookup
, named-xfer. nslookup ,
:

allow-transfer, , terminator.movie.edu movie.edu .


,
DNS--, log- syslog.


DNS-,
,
. ndc dumpdb rndc dumpdb
named , named_dump.db
BIND ( /usr/tmp/named_dump.db,
/var/tmp/named_dump.db, BIND 4).'
named_dump.db.

, :

BIND 9.1.0 BIND 9, () .

500

14 DNS BIND

501

DNS-, ,
0.0.127.in-addr.arpa.
: galt.cs.purdue.edu cujo.movie.edu.
galt.cs.purdue.edu galt,
DNS- purdue.edu . jo.movie.edu ( movie.edu,
),
. ( ), (NXDOMAIN). , TTL (593).
BIND 8.2 DNS- , SOA-, , TTL .

502

14. DNS BIND


- -
db.cache. TTL , .
RR-
NT=. DNS-. DNS-, DNS-cep ;
RTT.
-
(credibility, Cr=) - IP , . 1 l=,
(count of level) (
0, foo 1, foo.foo - 2 . .). .
4.8.3 4.9 . DNS- , , .
4.8.3 - - . - - DNS-
, ,
. , DNS-, .
4.8.3 . , DNS- terminator.movie.edu DNS-
movie.edu. ( - .)
, foo.oreilly.com, DNS terminator.vie.edu, -
oreilly.com (terminator.movie.edu 1

DNS- IP- , .
BIND 8.2 DNS- IP-
, - host-statistics, 8 .
DNS- BIND 4.9 BIND 8 , host-statistics DNS-
, - DNS-,
(, , DNS- ),
.

503

DNS-). DNS- 4.8.3 terminator.movie.edu, ,


DNS- ,
DNS- movie.edu. DNS- movie.edu terminator.movie.edu,
? -, .
DNS- 4.9 . 4.8.3, - .
, DNS-.
, :
auth
DNS- ( ).
answer
( ).
addtnl
- . NS-,
DNS-. ,
, ,
(, , NS-
).
: DNS- DNS-, ,
addtnl answer,
. ,
DNS-
answer, DNS-
purdue.edu addtnl.
DNS- 4.9
( auth) terminator.movie.edu ( addtnl), .


BIND 4.9 (query logging),
. , DNS- -

504

14. DNS BIND

log- syslog. , , , , , .
, LOG__INFO syslog daemon.
: BIND 4.9
options query-log DNS-cep; BIND 4.9 BIND 8 DNS- -q ndc querylog DNS. BIND 9.1.0 (
BIND 9 ) rndc querylog. log- syslog :

, BIND 9, :

IP- , , . DNS-
BIND 8.2.3, , +.
XX. (DNS- 8.2.1 .)
( - ). ndc querylog rndc
querylog.
DNS-
BIND 9, named 1.


, ,
, . .

505

, . ,
. .

1.
DNS- , -. , , .
, ? , . , , ,
, .1 DNS-
, ,
. , ,
. , , - nslookup
, . , , , . ,
, .

DNS-,
diff .
. , , - , . ,
DNS--,
.
, NOTIFY. ,
, named-xfer (
- ):

named xfer 1 4, . ,
1

, , (, 2001010500 -
2001 ), .

506

14. DNS BIND

- , ,
. ( . ,
named-xfer.)
. , h2n .

- . , ,
.
, , , h2n 1.
DNS-- ( , , 598), DNS ( 4.8.3 ) , ,
. 4.9
log- syslog:

DNS-- , , , :

507

wormhole.movie.edu, DNS- movie.edu,


, DNS-, - .
, , 15 .

2.
DNS--
, , DNS--.
DNS- , , , . , DNS-: .
, DNS-, log- syslog
(DNS- BIND 9):

BIND 4.9 BIND 8 :

, DNS-. DNS-
() , ,
BIND 9 :

DNS- BIND 8 :

508

14. DNS BIND

, 4.9:


, DNS. ,
. ,
, ls -l.

3.

DNS-
, log- syslog
(BIND 9):

BIND 8:

BIND 4:
,
. DNS-
BIND 9 :

BIND 4.9 BIND 8:

, DNS-
SERVFAIL:

: - , IP- -

509


DNS-.
, IP- :

BIND 4 :
, IP- DNS-. ,
IP-:

DNS- , , , ,
( . .),
. , , named
, :

2 , . log syslog . :

- .
, , nslookup:

510

14. DNS BIND

: named . allow-transfer, secure zone xfrnets


.
,
, DNS- BIND 9 :

DNS-cep BIND 8:

- , . -, , -
. log- syslog
(. 5,
).

4. ,
PTR-
DNS IP- IP- ,
PTR- . - - , , , , ,
. - PTR- .
PTR- . ,
rlogin
, a rsh r . , , IP'
,
.rhosts hosts.equiv. log- syslog
:

511

, FTP-, ftp.uu.net, , IP-


. ftp.uu.net ,
:

FTP- . FTP-
,
.
, PTR-, nslookup:

DNS-- 249.249.192.in-addr.arpa db.192.249.249 , PTR-


, DNS-
. DNS-, ,
, ,
DNS-- .

5.

( , ,
) DNS-
.
, DNS- . options ,

512

14. DNS BIND

DNS- , log syslog (BIND 9):

DNS- BIND 8:

, named
, , named .

- , zone -
. , DNS- (, masters
,
). BIND 9
log- syslog:

BIND 8:

, DNS , ,
SERVFAIL :

syslog- DNS- BIND 9,


, :

513

BIND 8:

, ,
:

- , .
, , log- syslog,
, ( ).
BIND 4.9.4, :

BIND 9 ( 9.1.0) , .

.

.
( , resolv.conf, - $ORIGIN...),
. RR-:

514

14. DNS BIND

, , , , . db.movie.edu :

.
RR- RR- ( ,
RR-), NS -:

nslookup.

( NS- movie.edu),
.
nslookup, . DNS- :

$ORIGIN ,
.

7.
-
DNS- , DNS-
,
.
nslookup, ,
:

515

DNS-
:

,
, log- syslog :
, 1 - IN, . , DNS- .
, BIND 9,

.

8.
,
ARPAnet,
. , :

DNS-, ,
. , . . BIND 8:
nslookup DNS-
IP- nisc.sri.com. DNS-, - -
:

516

14. DNS BIND

nslookup DNS-. , . DNS-


:

nslookup DNS-,
:

DNS- BIND 9
. , DNS- nisc.sri.com:

, BIND 9.1.0 -
DNS-, .
DNS- BIND 8
IP- DNS-
. , ping
, DNS-:

517

, , . ,
- DNS-.
BIND 8 BIND 9,
BIND 8/9
11 ; ,
.
ping , . ( , , ) traceroute
ping .

. DNS-
. ( PTR- - ,
.) , ,
DNS-, , , .
, , , -
- .

9.
, , DNS-
. -
, . , .
- .
DNS- , DNS-
, ( ) ,
.

518

14. DNS BIND

, , . ,
telnet, ftp ping- .
, in-addr.arpa,
.
DNS-, DNS- .
, DNS , NS- .
DNS-, :

, .
,
,
, , , .

10.
-
.
- DNS. , , , . , - , , ,
.

519

DNS-,
, IP- , . DNS- .
, , DNS- . , DNS-
, , ,
.

,
,
nslookup:

520

14. DNS BIND

, , hpsdlo.sdd.hp.com
. hpsdlo.sdd.hp.com hp.com
(, SOA- hp.com) :

hpsdlo.sdd.hp.com
hp.com, .
hp.com , hpsdlo.sdd.hp.com
hp.com, .
:
lame server.

: DNS- 128.63.2.53 DNS- 198.41.0.5 210.in-addr.arpa, 40.234.23.210.in-addr.arpa. DNS- 198.41.0.5


, 210.in-addr.arpa.
128.63.2.53 ,
198.41.0.5 .

521

11. resolv.conf
resolv.conf,
. ,
, resolv.conf . :
, DNS-cep. , ,
, DNS- .
, resolv.conf
, - nslookup. nslookup
, resolv.conf, DNS- - set all, 12
nslookup dig:

set all , resolv.conf. , resolv.conf search fx.movie.edu movie.edu, :

resolv.conf. ,
(, set list vi).
;
. , ,

522

14. DNS BIND

,
.

12.
.
hostname (
) resolv.conf.
- :

, nslookup,
resolv.conf:

, .
, DNS-cep. (, DNS-,
, .)
DNS- BIND 9
telnet:

523

DNS- BIND 8
:

, 13. , , . ,
.

13.
,
DNS, response from unexpected source. : IP, ,
. BIND ,
, IP-
. . BIND
: DNS- BIND
, .

524

14. DNS BIND

,
() :

: -
spoof- DNS-, - DNS- , ,
, .


BIND 8 9 Unix- DNS- DNS-. BIND .
DNS DNS, .


, ,
6, .
, fx.movie.edu
movie.edu. , , telnet
db.personnel
db.personnel.movie.edu, , . , search , .
.

DNS-
4.9 DNS- BIND , .
movie.edu , movie.edu
db.movie.edu,
hp.com db.movie.edu, DNS- RR-
hp.com .
inaddr.arpa . .
DNS- BIND 4.9 RR- .
PTR- inaddr.arpa

525

zone primary, DNS , .


- PTR-
gethostbyaddr(), .
BIND log- syslog. BIND 9 :

- BIND 8:

: PI
zone primary .


BIND 9 Microsoft DNS , DNS-.
, BIND
.
,
, .


- WINS-
Microsoft DNS WINS-
, ,
. :

, WINS IN.
, BIND
, WINS-, :

Microsoft DNS . DNS Manager -

526

14. DNS BIND

, , Properties. Zone Properties WINS Lookup (. 14.1).

. 14.1.

Settings only affect local server WINS- . Microsoft DNS, ,


.

DNS-
No NS Record for SOA MNAME
BIND 8.1:

8.1 SOA-.
? 4 BIND ,
DNS- . BIND 8.1, , NS-,
MNAME. NS- , BIND
. NOTIFY. MNAME
DNS-, NS-,
BIND BIND 8. , -

527

BIND 8.1 .
8.1.1.

DNS- Too Many Open Files


IP-
, BIND
:

.
BIND bind() , . ,

-. :
, , IP-.
DNS- BIND 8 9 - listen-on. terminator.movie.edu, :

named terminator.movie.edu,
bind() IP- 192.249.249.3.
, .

Looked for PTR, Found CNAME


, BIND. log- :

: DNS-
IP- 204.74.103.37 . , , 37.103.74.204.in-addr.arpa
37.32/27.103.74.204.inaddr.arpa. , ,

528

14. DNS BIND

103.74.204.in-addr.arpa
,
9 . BIND 4.9.3-
, , ( ) . , - ,
DNS- BIND 4.9.3- .
-
.

DNS- :
UDP
, SunOS 4.1.x, :

named ,
UDP , ,
. - UDP named, , UDP- .
UDP
. BIND shres/sunos/INSTALL shres/sunos/ISSUES (
BIND 4) src/port/sunos/shres/ISSUES ( BIND 8).

SunOS , DNS
, . SunOS 4
resolv.conf , ping, telnet . 6 , SunOS 4
DNS- ( ypserv, ). NIS,
.
hosts, DNS-. SunOS 4.x Sun ( 6).

DNS-

, , BIND 8, ,
. BIND 9 -

529

. , BIND 8 9
DNS- DNS- . , auth-nxdomain .
auth-nxdomain - options,
DNS- BIND 8 9, , .
DNS- , titanic.movie.edu
, DNS- movie.edu,
auth-nxdomain
DNS- ,
movie.edu.
, , , DNS- ( NXDOMAIN NOERROR ) .
, DNS-, .
-
. , DNS-
,
BIND 8 9
. , BIND 8
, ,
, auth-nxdomain. BIND 9, , auth-nxdomain , , .


4, RFC 2308 BIND 8.2.
SOA- (
TTL) , $TTL,
TTL .
BIND 8 ,
8.2, $TTL ,
log- syslog DNS:

BIND 8 , RFC
2308, SOA-

530

14. DNS BIND

TTL , . BIND 9 :

BIND 9
$TTL.

TSIG
11, (

). , ,
( ).
, DNS- BIND 8,
TSIG, DNS-:

DNS- movie.edu, terminator.movie.edu (192.249.249.3).


terminator.movie.edu , wormhole.movie.edu , . Err/ -
TSIG-.
,
DNS- BIND 8
:

TSIG-
,
TSIG- .
, ,
.

531

, BIND 9 .
:


, ,
. ,
,
.
.


telnet ftp ,
,
nslookup dig - .
- - , .
DNS-, .
, , ,
-
.
:
resolv.conf ( 11
, . ).
( 12).
set all nslookup.
nslookup DNS-, , , DNS-cep. DNS- ,
:

, ,
, DNS- ( 2).
, , .

( 5). log- syslog.

532

14. DNS BIND

, , ( 6).

DNS- ,
DNS--.
, :
, DNS-
( 1).
, ( 3).
,
.
DNS-, , :
,
( 7).
( 9 10). , ,
. ,
DNS-
, DNS .



, , :
DNS- ? , ( 7).
ping, DNS- ? , DNS- - ( 8).
? , ( 9). ,
( 10).
DNS- ( 2)? ,
( 1 3).

533



,
DNS- ,
DNS-:
DNS-? - ( 1)? , , ,
.
( 1)? DNS-- .
- ( 2)?
(, nslookup dig)
, .
DNS- , ( 3)?
, log- syslog .
round robin , ?
, ,
DNS- . , , ,
nslookup dig. DNS- , ,
. DNS- , DNS-, ,
. ,
DNS-- , MNAME ( ) SOA-.
, , , .
,
. , , DNS- , () ,
. .

534

14. DNS BIND

, DNS-
, ,
, , . ,
, ,
DNS-.
, , ,
, bogus gusns, DNS-, - .


:
( 8),
DNS-cep ping.
( 10), DNS-
IP-.
ping : DNS- , DNS- .
, . , DNS- DNS-, ping , (
traceroute -
). , , DNS- - . , . ,
. , , . (, whois !)

rlogin rsh -
DNS-. , , , .rhosts.
( 6.) , rlogin rsh .

535

- , in-addr.arpa ( 9 10), PTR- ( 4).


BIND 4.9 , PTR- in-addr.arpa - ,
DNS-, , ,
. , - :

, ,
, - .rhosts
hosts.equiv. log- syslog ( - wormhole.movie.edu), , , :

, .
inaddr.arpa NS- in-addr.arpa.
, PTR-, IP- rlogin rsh. ,
PRT-,
.
( 1 3).


rlogin rsh. BIND
, , , .
, ,
BIND, ,
. , NIS NIS , DNS-
.
,
/etc/bootparams /etc/exports.

536

14. DNS BIND


DNS- IP-
, . DNS . , . ? . .


( ) , , , DNS- .
edu ()
movie.edu:

DNS- edu
wormhole.movie.edu.
, , DNS- : .
,
, , , DNS-cep. DNS- ,
( ), , , .

DNS-
gTLD- com, net org.
, DNS- ,
DNS-! DNS- gTLD- ?
: gTLD- , DNS-, , -. , www.foo.com,

537

cow-, DNS-
. ,
. , . DNS-- foo.com, .

?
, ? , DNS- :
DNS- gTLD-? , , .
DNS- , gTLD? , .
, . , , ,
,
DNS, ,
, . ,
, !



nslookup


DNS-
Perl
Net::DNS


DNS-
- , , - , ! !
- , , -
. - ,
, , ,
, !
!

, , - . ! . DNS
1
- ASN.1 , SNMP.
, , DNS. RFC 1035 DNS RR-. RFC 1035
, DNS.

ASN.l (Abstract Syntax Notation) - ,


ISO (International Organization for Standardization,
).
JL.

nslookup 539



nslookup
, , DNS,
,
nslookup dig. :
, .
DNS,
, . -,
, .
, ,
. , ,
.
, Perl,
. Perl Net::DNS, (Michael Fuhr).


,
, . ,
, DNS-.
: DNS- ( ), DNS-, ,
(, ) DNS-
( DNS--
).
.
DNS- , ICMP- (port unreachable).
, , . , DNS- -

540

15. DNS-

, : SOA- .
SOA- ,
, . SOA- , DNS-
DNS-. SOA-, .


,
, DNS-
DNS- SOA- .
, DNS- , .
, ,
DNS-. , . DNS- ( NS- ), , DNS-
. , DNS- .
, , nslook. , nslookup, Unix-. NS , DNS-
,
, :

, , DNS- NS-:

nslookup 541

DNS-:

, DNS- ,
server. ,
NS-, ,
.
SOA- , , SOA-, ,
, , . , DNS- SOA-
, :

, , DNS-
SOA-:

542

15. DNS-

, , DNS- :

DNS- , . DNS- SOA- ,


SOA-. .
DNS- SOA- , , serial.
, nslookup
, DNS- . SOA- , ,
DNS-:

, , nslookup . , DNS- :

nslookup 543


1
, stderr . . . check_soa:

nslookup
. , .

544

15. DNS-

DNS-

545

, , . ,
, -. , , nslookup, .
.


DNS-
,
DNS DNS-.

DNS nslookup. .
DNS.

DNS
DNS , 12
nslookup dig. :





RFC 1035,
26 28, . :

546

15. DNS-

, ,
arpa/nameser.h, . , DNS-.
28 29 RFC 1035.
:

,
29 30 RFC 1035. RR-, :

RR- .


, , DNS,
. DNS ,
, .
/, .
. venera.isi.edu :

, DNS . DNS .


, , .

DNS-

547

. . ,
venera.isi.edu.
vaxa.isi.edu, vaxa,
isi.edu. ?
, - - .
, . , , ,
2 DNS ,
63 . , 6 -
0 63. - , , .
, 14 . DNS. , vaxa.isi.edu , venera.isi.edu, :

0xC0 , , . , ,
. - , , 7.
, vaxa, isi.edu.

, DNS.
DNS, , .
, . : , ,
, .
, DNS
, .
, ,
. , v - .

DNS-
,
. . -

548

15. DNS-

DNS-cepeepa
.
: BIND 9 . , , . BIND 9
,
DNS,
DNS- BIND 9 ,
. ,
,
BIND 8. ,
BIND 8,
DNS- BIND 9.

, :

res_search - ,
gethostbyname. res_search . (dname) ( , )
,
res_query, . .
res_search , HOSTALIASES. ( HOSTALIASES
6 .) ,
, res_search , h_errno -1 - , . ( h_errno
rr, DNS.)

DNS-

549

, , res_search, dname; res_query . :


class
, .
C_IN,
. r/meser.h.
type
, .
, arpa/nameser.h. T_NS, DNS-,
_, -.
answer
, res_search . - PACKETSZ ( arpa/nameser.h).
anslen
answer ( , PACKETSZ).
res_search -1
.

res_query - .
: -
res_mkquery,
res_send ,
, .
res_query res_search,
. , . res_query
h_errno -1 , .

550

15. DNS-

res_mkquery -.
,
, .
dname, class type , res_search res_query. :

, . ,
QUERY, IQUERY ( ). , , IQUERY
. BIND 4.9.4 IQUERY.
data
, .
NULL- , QUERY.
datalen
data. data NULL-,
datalen .
newrr
,
( 10 ). ,
NULL-.
buf
, res_mkquery -.
PACKETSZ , res_search res_query.
buflen
buf (, PACKETSZ).
res_mkquery - -1
.

DNS-

551

res_send . -, msg, UDP- -. answer. , ( , - connected datagramm sockets).


:
msg
, - DNS.
msglen
.
answer
, DNS.
anslen
.
res_send - 1 , . - 1 , rr ECONNREFUSED, ,
DNS-.
ECONNREFUSED
res_search res_query. (res_search res_query, a res_query res_send.)
rr res_query, rr . , ,
res_send rr.
res_search , res_search res_query.

res_init resolv.conf _res ( ). res_init,


, .
. , DNS-.

552

15. DNS-

resolv.conf , res_init ,
. res_init ,
- 1 .

herror - , perror, ,
, h_errno, rr. :
s

,
. s, :.

h_errno:
HOST_NOT_FOUND
. DNS- NXDOMAIN.
TRY_AGAIN
DNS- DNS- SERVFAIL.
NO_RECOVERY
, (, , .movie.edu),
DNS- FORMERR, NOTIMP REFUSED.
NO_DATA
, .
NETDB_INTERNAL
, DNS.
rr.

res
(
res_) , _res.
DNS- ,
_res.
res_send,
retry. ,
RES_DNSRCH options.
_res resolv.h.

DNS-

553

options .
, options. resolv.h; :
RES_INIT
, res_init.
RES_DEBUG

, DEBUG.
.
RES_AAONLY
DNS-, . ,
, . DNS- BIND,
, ( ) DNS-.
RES_PRIMARY
DNS-- ( ).
RES_USEVC
,
(TCP), UDP-. , TCP-

554

15. DNS-

.
.
RES_STAYOPEN
TCP-
, , DNS-.
. .
RES_IGNTC
DNS- ,
TCP-.
RES_IGNTC
TCP.
.
RES_RECURSE
BIND .
-. .
RES_DEFNAMES
BIND
, . .
.
RES_DNSRCH
BIND
, .
.
.
RES_INSECURE1
BIND 4.9.3 DNS-, . .
( ).
RES_INSECURE2
BIND 4.9.3 , . . ( ).

DNS-

555

RES__NOALIASES
BIND , , HOSTALIASES. HOSTALIASES
BIND 4.9.3 . . .
RES_USE_INET6
IPv6 ( IPv4) gethostbyname.
RES_ROTATE

DNS- resolv.conf.
RES_ROTATE , BIND 8.2 DNS- resolv.conf, - DNS- . . 6, options rotate. DNS-
.
RES_NOCHECKNAME
BIND 4.9.4, ,
4 BIND. BIND 8.2 .
( ).
RES_KEEPTSIG
BIND 8.2
TSIG- DNS.
, , .
RES_BLAST
. .
RES_DEFAULT
, RES_RECURSE, RES_DEFNAMES RES_DNSRCH, .
RES_DEFAULT; res_init.

556

15. DNS-

DNS-
DNS- ,
. :

DNS-.

ns_initparse - , ,

DNS-. ns_initparse , handle , . :
msg
.
msglen
.
handle
, ns_initparse.
ns_initparse -1
.

,
.
, ns_initparse.
:
handle
, ns_initparse.

DNS-

557

ns_msg_id ( )
. :
handle.
, ns_initparse.

ns_msg_get_flag - . :
handle
, ns_initparse.
flag

, :

ns_msg_count . :
handle
, ns_initparse.
section
, :

558

15. DNS-

ns_parserr
rr, DNS-. :
handle
,
ns_initparse.
section
section ns_msg count,
rr
RR- . . ns_msg_count RR-
.
rr , .
ns_parserr - 1 ,
.

. :
rr , ns_parserr.

DNS-

559

ns_name_compress .
-
res_mkquery.
, . :
exp_dn
; ,
, .
comp_dn
, .
length
comp_dn.
dnptrs
, dnptrs[0] ;
NULL-. dnptrsf0] , a dnptrs[1] - NULL-, dncomp .
lastdnptr
dnptrs.
ns_name_compress, .
, BIND: src/lib/resolv/
res_mkquery.c (BIND 8) res/res_mkquery.c (BIND 4).
,
, . ns_name_compress -1 , .

560

15. DNS-

ns_name_uncompress .
DNS-, check_soa,
, . :
msg
.
eomorig
, . , ns_name_uncompress
.
comp_dn
.
exp_dn
, ns_name uncompress . MAXDNAME .
length
exp_dn.
ns_name_uncompress
- 1 , . , ns_name_uncompress ,
! , ns_name_uncompress DNS, ,
,
.

ns_name_skip ns_name_uncompress, . :
ptrptr
, . .
e
. ,
ns_name_skip .
ns_name_skip
- 1 , .

DNS-

561

DNS ,
(, , , ). ns_getl6 16- , , a ns_putl6 16- s .

, 16- , 32 . TTL ( )
32- .

DNS
DNS -
, . , BIND,
, src/lib/resolv/res_debug.c (BIND 8) res/res_debug.c (BIND 4). ( BIND 9,
3000 lib/dns/message..) res_debug.c
fp_query (res_pquery BIND 8.2
), DNS DNS. - .
DNS.
p_query, fp_query
DNS. Perl awk . , .

: check_soa
-, , .
, , . , h_errno ( ), rr.
20 DNS-.

562

15. DNS-

,
DNS-, 20
:

. , nsList, DNS- . res_init _res.


res_init ,
,
_res. , _res , res_init.

DNS-

563

findNameServers, DNS- , argv[1];


nsList. , queryNServers, DNS- nsList
SOA- :

findNameServers. DNS- NS-


. addNameServers DNS-cep. arpa/nameser.h resolv.h , :

564

15 DNS-

DNS-

565

566

15. DNS-

,
DNS-. , res_query ; -1
herrno NO_DATA. res query
1, nsError,
h_errno,
herror. herror ,
, ( h_errno NO_DATA,
: No address associated with name - , ).
DNS-
SOA-. res. nsaddr_list, ,
DNS- (res_send) . options , ,
:

DNS-

567

568

15. DNS-

DNS-

569

570

15. DNS-

DNS-

571

, , gethostbyname, SOA-. gethostbyname


DNS- . , DNS-cep , SOA- , ,
. DNS- SOA-
, .
:

572

15. DNS-

,
DNS- libc, :
BIND (
BIND Linux-),
:

, , , , .
, ,
.

Perl Net::DNS

573

Perl
Net::DNS
nslookup , -
, Perl,
Net::DNS.
http://www.perl.com/CPAN-local/modules/by-module/Net/NetDNS-0.12.tar.gz.
Net::DNS , DNS RR ,
.
, Perl check_soa.


- ,
:

rsolv.conf, . ,
Net::DNS::Resolver,
_res, . ,
,
$res->retry:
, :

res_search, res_query res_send,


, .
,
( - IN).
Net::DNS::Packet, . :

574

15. DNS-


Net::DNS::Packet, , , ,
, DNS:


DNS
Net::DNS::Header. ,
Net::DNS::Header, , RFC 1035 HEADER, -.
, ,
DNS-, $header->aa:


DNS
Net::DNS::Question objects. , :

RR-
, , Net::DNS::RR. , , TTL RR-
:

Net::DNS::RR
. -

Perl Net::DNS

575

,
-:

Perl- checksoa
, , Net::DNS, ,
. check_soa Perl:

576

15. DNS-

, DNS- , Perl , , , .

CNAME-


-


RR-
DNSuWINS
DNS Windows 2000


: :
,
, ,
, ,
.

. DNS
BIND, , .
(, , Windows 2000
BIND), - . , !

CNAME-
CNAME- 4 BIND.
CNAME- , - . DNS-
, CNAME. ,
, , , ,
. , , - , .

CNAME-

, , , CNAME-,

578

16.

. ,
fx.movie.edu magic.movie.edu,
CNAME- :
, empire.fx.movie.edu
empire.magic.movie.edu. ,
: CNAME- , fx.movie.edu, .
, fx.movie.edu SOA- NS-,
CNAME- , ,
, .
BIND 9, DNAME ( 10 ) :
DNAME
fx.movie.edu - SOA NS, , , fx.movie.edu. CNAME- fx.movie.edu, magic.movie.edu
fx.movie.edu.
BIND 9 ,
- CNAME- :

, SOA- NS-,
fx.movie.edu.
fx.movie.edu,
fx.movie.edu.
,
, CNAME-: ( h2n,
4, .)

CNAME- CNAME-
(CNAME-),
? ,
,
. ,
.

CNAME-

579

,
?
CNAME-?
: , CNAME- .
CNAME- BIND, RFC-.
,
. RFC o DNS - CNAME-, . , , - , . ,
, CNAME-
( BIND) DNS-.1

RR-
, CNAME, . DNS- . ,
5 DNS , sendmail - , . , sendmail - ,
, .
, DNS- BIND 8 log- :

CNAME-
, , , -
- CNAME . round robin
RR-. , :
1

, Microsoft DNS, Windows NT Windows 2000. CNAME- .

580

16.


fullmonty1,
fullmonty2,
fullmonty3 DNS-,
, ( , CNAME ).
BIND 4 , BIND 8 9.1.0,
. BIND 8
:

BIND 9 . , , CNAME- .

CNAME-
CNAME-, , . nslookup dig. , any, :

CNAME-

581


, DNS: .
, : ,
, :

DNS , . DNS- ,
:

nsloohup dig ,
.
nslookup dig
.
:

582

16.

CNAME-
- , CNAME-
:

, ; , .

, , -
DNS. , RR- , , , .
DNS , (*), . ,
DNS-.
. ,
, ,
. movie.edu - , , -. :
* , RR- terminator.-

583

uie.edu, empire.fx.movie.edu casablanca.bogart.classics.movie.edu. , .


cujo.movie.edu.movie.edu, . ,
sendmail -:

?
, . , ,
db.movie.edu:

terminator.movie.edu mail-hub.movie.edu, et.movie.edu . - jaws.movie.edu , - . , .


fx.movie.edu, . movie.edu,
,
, movie.edu.

-
MX, ,
, ,
. -
, . ,

584

16.

.
. , , , -.
, - . .
, - - , - . , (,
). , ,
- , .


, DNS, - .
, DNS, . -, , ,
.
DNS - ,
. (, ,
). (dial-on-demand), - :
, , .
: (, ) ( - , , , Linux
- , ). . - ,

585

, , -
, . , , .


- ,
ISDN- -
dial-on-demand ( ).
, , . , , - .
, , DNS- BIND
.
DNS-, . ,
DNS-. , - tinyoffice.megacorp.com, DNS-,
.
, , :

, FTP-
, deadbeef.tinyoffice.megacorp.com,
deadbeef deadbeer:

, deadbeer.tinyoffice.megacorp.com. DNS-, tinyoffice.megacorp.com, , . deadbeer.megacorp.com. ,


, DNS- DNS-
megacorp.com, .



. , , -
BIND,
( , 4.9.5, , -

586

16.

, BIND 8 9). , deadbeer


, DNS-
deadbeer.megacorp.com ,
, , , megacorp.com.
: .
- tinyoffice.megacorp.com, , .
.
. BIND
, 4.9,
( ). , ,
, , .
, ,
/etc/hosts,
DNS , /etc/
hosts. /etc/
hosts, .
.

,
- DNS, -. DNS-
. ,
DNS-,
- , .
, Windows 95, 98 NT,
- DNS-.
DNS- UUNet - .
, .
.
, , ,
.

587

, ,
DNS- . DNS-
, , . Unix-
(, Linux) :
ifup ifdown
. , , ifuppost ifdown-post, ifup ifdown . named
ndc start ifup-post ndc stop rndc stop ifdown-post. , , -
resolv.conf.
, DNS-, ,
DNS-, .

,
, , ,
. DNS- -, /etc/hosts ( NIS, ) DNS-. , /etc/hosts .
DNS-, : , DNS- . , ( /etc/hosts) , . DNS- - ifup-post ifdown-post.
, DNS
, /etc/hosts DNS-. ,
DNS-.

,

, - DNS- -

588

16.

, , , DNS- (
). ,

, , localhost 1.0.0.127.in-addr.arpa, /etc/hosts
DNS-.
DNS-, ,
localhost 1.0.0.127.in-addr.arpa
127.0.0.1 localhost , .
DNS- , , ( options query-log DNS- BIND 4.9, ndc querylog DNS- BIND 4.9 8 rndc querylog DNS- BIND 9.1.0)
, .
, DNS- .
,
, .

,

, : -
/etc/hosts DNS-. ,
.
, :
DNS- /etc/
hosts DNS-.

DNS-

- DNS-
? ,
, .
, BIND DNS-.
DNS- ,

589

. DNS-cep ,
, SOA-
.
BIND 8.2 DNS- (heartbeat interval).
, ( )
:

60 ;
, .
, DNS- ,
, . DNS- ( , ,
) SOA- - . - NOTIFY-, , ,
DNS.
DNS- , dialup options:

, dialup zone:

, ,
, : DNS, .

590

16.

-
DNS- , . SOA- .
, .


DNS
, , HOSTS.TXT.
RFC 1101 ;
,
,
HOSTS.TXT. , ; PTR- -.
, IP- DNS IP- , in-addr.arpa,
PTR- .
, , 15/8 HP Internet.
,
, PTR-, IP- .
, ARPAnet, 10/8, PTR- 0.0.0.10.inaddr.arpa. ARPAnet.ARPA.
ARPAnet , 0.0.0.10.in-addr.arpa
. , 255.255.0.0. , , IP- .

. , . ,
PTR-. PTR-, ( in-addr.arpa).
, HP (HP Internet 15/8),
.

591

db.hp.com:

db.corp.hp.com:

db.15:
db.15.1:

IP-
15.1.0.1:
1. .
15.1.0.1 , 255.0.0.0.
IP- - 15.
2. (type=A type=ANY) 0.0.0.15addr.arpa.
3. . 0.0.0.15.in-addr.arpa ( , 255.255.248.0), IP-.
15.1.0.0.
4. (type type=ANY) 0.0.1.15.inaddr.arpa.
5. , ,
15.1.0.0 .
6. PTR- 0.0.1.15.in-addr.arpa.
7. 15.1.0.1: corp-subnet.corp.hp.com.

592

16.

, PTR-:

: , RFC 1101
, , ,
,
. , DNS,
.
.

RR-
RR-,
. , HINFO,
DNS, . RFC 1183
RFC-. ,
. , .


HINFO - Host INFOrmation ( ). ,
. ,
MACHINE NAMES OPERATING SYSTEM NAMES,
RFC Assigned Numbers ( RFC 1700),
, . RFC , , . - FTP
, . , , . ,
- HINFO- . HINFO, ,
. HINFO; ,

RR-

593

, :

HINFO , , , , HINFO .
, .

AFSDB
AFSDB -, NS-. AFSDB AFS DNS DCE-. ,
, , ,
.
AFS? AFS,
. AFS (Andrew File System) -
, - Andrew Project. ( IBM.) AFS -
, NFS, , NFS, .
AFS , ( )
AFS ( ). ,
AFS .
(authenticated) DNS-? DNS-,
, DCE-. DCE-? ,
, (Distributed Computing Environment, DCE) Open
Group.
. AFS- DCE , , DNS-cep. . , , , -

594

16.

. ,
DNS, .
, AFSDB
-. 1
AFS 2 DNS- DCE-.
- ,
. !
, fx.movie.edu DCE ( AFS-), . AFS , DNS-
DCE bladerunner.fx.movie.edu,
empire.fx.movie.edu,
DNS- DCT aliens.fx.movie.edu. AFSDB-:

25, ISDN RT
- . , 25 ISDN,
, .25 ISDN-. . 25 .121
(.121 - ITU-T, , .25). ISDN ISDN.
ISDN Integrated Services Digital Network ( ). ISDN

. ISDN ,
. ISDN , ISDN -
, , , ,
, . ,
. . DNS- .
25- ISDN-:

RR-

595


- Route Through ( RT-).
RT- -: , ( ) -.
, , IP-
, .
Telnet FTP DNS!
RT- , , . ,
:

, housesitter.movie.edu relay.pink.com ( ) delay.hp.com ( ).


25-, ISDN- - RT :
1. - , .
2. RT- .
(, 25 ISDN)
.
3.
. , . sendmail .
4. ( ) . ,
,
.
, relay.pink.com, .25.
5. , ,
RT-. ,
.25, ISDN - de
lay.hp.com.

596

16.

, . , , (, 25
ISDN) -.

RFC 1876 LOC,



, . , .
, .
LOC- ,
( ). :

.
, , RFC 1876 Resources ( RFC 1876), http://www.ckdhr.com/dns-loc. ,
(Christopher Davis), RFC 1876, , LOC-.
(Global Positioning System, GPS), , - , , - : Etak's Eagle Geocoder http://
www.geocode.com/eagle.html-ssi, , AirNav's Airport Information no http://www.airnav.com/airports,
.
, ,
, , !
LOC- :

,
, - ( , LOC
), . ( ), - , - -

RR-

597

.
ZIP- . , , ZIP-.
LOC- .

, RFC 1101
( ), LOC- :

SRV
- , , . , . ,
ftp.movie.edu,
,
FTP-:

, FTP-, , ,
, ,
FTP.
CNAME-.
SRV-, RFC
2052, . SRV
, ;
-.
SRV- ,
.
, , SRV-, , , , .
, , , . ,

598

16.

SRV-,
FTP- movie.edu, :

SRV-,
URL- http://www.movie.edu - -
www.movie.edu.

RFC Assigned Numbers (
RFC 1700) , .
, .
SRV- : , , . ,
- 16- ( 0 65535).
.
-:
,
. , , ,
.

. . , , - 2,
( , , ), .
: , . , , , .
, . . , SRV-,
-, 8000,
- (80).
, ,
( ). ( ),
.
, FTP- movie.edu
db.movie.edu:

RR-

599

FTP-, SRV-, FTP- plan9.fx.movie.edu 21 , FTP- thing.fx.movie.edu 21 , FTP-


plan9.fx.movie.edu .
:

- www.movie.edu 80
www.movie.edu www2.movie.edu, www.movie.edu , www2.movie.edu.
, postmanrings2x.movie.edu 8000.
, , :
, SRV- , ,
; Windows 2000. ( - .) ,
, SRV-.
SRV- , . ,
SRV-, , . SRV-
, IP-. ,
, , -.
, www.movie.edu :

, SRV-,
www.movie.edu , www2.movie.edu,
postmanrings2x.movie.edu ,
- . (round robin)
www.movie.edu www2.movie.edu.

600

16.

DNS WINS
- , -
NetBIOS , , , , DNS DNS- NetBIOS. ,
DNS- NetBIOS, DNS-
.
, BIND 8 9 . , DHCP- Windows NT 4.0 DNS-
. WINS-
Microsoft. WINS- , , NetBIOS. , WINS DNS.
Microsoft Windows NT 4.0 DNS-, WINS-. Microsoft
DNS ,
Microsoft,
WINS: DNS-
WINS- , DNS.
WINS . WINS-,
SOA-, .
, Microsoft DNS
WINS-, - .
:
Microsoft DNS WINS 192.249.249.39 192.253.253.39 ( ). TTL ( ) - , .
WINS-R, Microsoft DNS IP- NetBIOS- NBSTAT. inaddr.arpa WINS-R- :
IP- , DNS- NBSTAT IP-.
, ?
, , .movie.edu.

. , . , - .

DNS WINS

601

, ,
Microsoft DNS WINS WINS-R.1
, , fx.movie.edu WINS- , DNS-
fx.movie.edu Microsoft DNS. ?
, DNS- fx.movie.edu
Microsoft DNS BIND. ,
DNS- NetBIOS- fx.movie.edu, . Microsoft DNS, .
BIND, .
DNS WINS
. WINS-
, wins.movie.edu. DNS- wins.movie.edu Microsoft DNS,
wins.movie.edu SOA-, NS- WINS, WINS wins.movie.edu.

DNS-, .
, ,
, BIND
Microsoft DNS. , , PTR-, WINS-R,
Microsoft DNS.
, WINS WINS-R
. DNS- BIND , , DNS-, WINS-
DNS-- Microsoft DNS, , WINS . (
14 DNS BIND.)
BIND,
DNS.
BIND 8 10; Windows 2000.
DNS- BIND,
Microsoft , DNS NetBIOS.
...
1

, , Meta IP
DNS Metalnfo ( BIND 8 WINS).
BIND WINS-.

602

16.

DNS Windows 2000


Windows 2000 DNS. Windows
2000
, , Windows- WINS-.
Windows 2000
, , . , Windows 2000 SRV-, Windows 2000, Kerberos Windows 2000.


Windows 2000
? Windows 2000 Special Effects - .
mummy.fx.movie.edu.
IP- 192.253.254.13 ( DHCP-).
:
1. SOA- mummy.fx.movie.edu DNS-cep. SOA- , SOA- , mummy.fx.movie.edu, - fx.movie.edu.
2. DNS-, MNAME SOA-, bladerunner.fx.movie.edu.
3. bladerunner.fx.movie.edu
: mummy.fx.movie.edu
( CNAME-) ,
192.253.254.13. , .
4. mummy.fx.movie.edu , .
bladerunner.fx.movie.edu
: mummy.fx.movie.edu . , ,
mummy.fx.movie.edu 192.253.254.13.
mummy.fx.movie.edu , , , .

DNS Windows 2000

603

5. SOA- 254.253.192.in-addr.arpa.
6. DNS-, MNAME SOA-
( MNAME bladerunner.fx.movie.edu,
, Windows 2000 , ).
7. bladerunner.fx.movie.edu
, 13.254.253.192.inaddr.arpa . ,
PTR- 192.253.254.13 mummy.fx.movie.edu.
13.254.253.192.in-addr.arpa , .
Microsoft DHCP Server
Windows 2000, DHCP- PTR- .
- DHCP-
DHCP- PTR-,
-. DHCP -,
.
, Windows 2000, DNS, , ,
. (, netlogon
SRV- !)
, , .
Windows 2000 fx.movie.edu, , ,
matrix.fx.movie.edu:

! !

604

16.

Windows 2000 ,
, Kerberos LDAP.1
SRV- , matrix.fx.movie.edu, .
, SRV- .
SRV-
Windows 2000, fx.movie.edu. Windows 2000
effects.movie.edu,
, effects.movie.edu, vie.edu. , vie.edu, ,
Windows 2000. Windows 2000
, .


Windows 2000 BIND
Microsoft WINS DNS ,
, DNS- BIND. -, Windows 2000 DHCP ,
, .
,
,
, ,
, ( ) . , , .
, .
, , 4. (
, .) , Q246804
Microsoft (Microsoft Knowledge Base), , . ?
, '
, , ,
, .
DHCP- ,
. DHCP-
1


Q178169 Microsoft.

DNS Windows 2000

605

,
.
,
DHCP-, ?
,
,
IP-, .

- DNS-.


Microsoft ?
, Microsoft DNS. Microsoft DNS GSS-TSIG, TSIG (
11 ). , GSS-TSIG, TSIG- Kerberos, . GSS (Generic Security
Service, ) , .
TSIG-, , , DNS- , , , - TSIG-, .
, TSIG- .
Windows 2000 , GSS-TSIG-, , .
, .
,
Q246804 Microsoft, .

BIND GSS-TSIG
, DNS- BIND GSS-TSIG, Windows 2000 BIND. GSS-TSIG. ,
,
10, , . :

606

16.

,
Windows 2000 fx.movie.edu.

?
, Windows 2000? Microsoft DNS- Microsoft DNS
Windows 2000. BIND - , , , .

Windows 2000
(, , )
Windows 2000 - , . win.fx.movie.edu.
win.fx.movie.edu :
,

. ,
( , ),
. , , .
Windows 2000
, , Windows
2000, . , , win.fx.movie.edu, fx.movie.edu. ,
, My Computer->Properties->Network Identification->Properties->More,
Change primary DNS suffix when domain membership changes,
win.fx.movie.edu , Primary DNS suffix of
this computer. .
- (
fx.movie.edu), DHCP-.
DHCP - PTR-. ( ,
DHCP, - PTR- .)

DNS Windows 2000

607

, IP-. ,
,
, - .

Windows 2000
, , -
( , ). ,
, SRV-.
, -
System32\Config\netlogon.dns .
-, , .
, Windows 2000. Windows 2000 , , , , .
Windows 2000 , .
, , , . , ,
allow-update zone, . , netlogon.dns.
$INCLUDE
:

, ,
,
, SRV-.
.
SRV- ( ) _udp.fx.movie.edu, _tcp.fx.movie.edu, _sites.fx.movie.edu _msdcs.fx.movie.edu.
_msdcs.fx.movie.edu,
, SRV-.
, :

608

16.

, :
.


DNS
RR-
DNS,
RR-. RR- ,
, ,
, DNS.
, , .
RFC 1035 , -
(, )
DNS ( , DNS-).

-
( RFC 1035, . 33-35)
.
-,

, CRLF.
, .
.
(;).
:

610

, ,
.
: $ORIGIN $INCLUDE. $RIGIN
(domain-name). $INCLUDE
, .
$INCLUDE . , $INCLUDE
() ,
, .
(RR-,
RRs). RR- ,
. RR- (domain-name), .
RR- :

RR- TTL , RDATA, .


, TTL
.
TTL TTL.
, .
-.
.
. , ,
. , , ;
, -

DNS RR-

611

$ORIGIN $INCLUDE
-. ,
.
(character-string)
: ,
, ,
" ". , , , ",
(\).
,
, . :
.
@ @ .
\
X - ( 0 9), \
. , \.
.1

\DDD
D , , DDD. .2
() , . , 3
.
;

, .


( RFC 1035, . 9)
DNS, , (, , 1
2
3

BIND 4.8.3 .
BIND 4.8.3 .
BIND 4.8.3 SOA-
WKS-.

612

. .) . DNS, - .
, 7- ASCII-,
.

RR-. -.
DNS- DNS-. RR- . 13-21
RFC 1035.

( RFC 1035, . 20)


:
:

( RFC 1035, . 14)


:
:

DNS RR-

( RFC 1035, . 14)


:
:

( RFC 1035, . 14)


:
:
:

613

614

MD- -.

MF- -.
I

( RFC 1035, . 16)


:
:

( RFC 1035, . 16)


:
:

DNS RR-

( RFC 1035, . 17)


:

:
:

( RFC 1035, . 17)


:

615

616

( RFC 1035, . 18)


:
:
:

( RFC 1035, . 17)


:

DNS RR-

NULL- BIND.

( RFC 1035, . 18)


:
:

SOA start of authority


( RFC 1035, . 19-20)
:

617

618

( RFC 1035, . 20)


:

DNS RR-
:

( RFC 1035, . 21)


:
:

RFC 1183

619

620

:
:

DNS RR-

:
:

621

622

RFC 1664

DNS RR-

623

( RFC 1035, . 13)


CLASS .
:
IN

1:

CS

2: CSNET ( ,
RFC)

3: CHAOS

HS

4: Hesiod

DNS
, DNS, . DNS UDP-.
UDP-. TCP,
, , .
DNS .


( RFC 1035, . 25)

, . (
):

624

. , , ,
- , . .
, ,
. , DNS-. :
(QTYPE), (QCLASS) (QNAME).
:
RR-, , . , ; ,
DNS-; ,
, .


( RFC 1035, . 26-28)

DNS RR-

625

626


( RFC 1035, . 28-29)
, , , , . QDCOUNT ( 1) , :

( RFC 1035, . 13)


QCLASS .
QCLASS CLASS;
CLASS QCLASS.
CLASS QCLASS:
* 255

( RFC 1035, . 12-13)


QTYPE .
QTYPE TYPE,

DNS RR-

627

, TYPE- QTYPE.
QTYPE:
AXFR
252
MAILB
253 , (MB, MG
MR)
MAILA
254 RR- ( , . MX)
* 255

,

( RFC 1035, . 29-30)
,
: RR-, - . RR-
:

628


( RFC 1035, . 8-9)
, , . , -
. , , .

, . . ,
170 ().

, , .
.

DNS RR-

629

RR-

, , RR- .

( RFC 1035, . 10)


. ,
.
, .
,
6.3 .

( RFC 1035, . 30)


, , .
.
:

,
; ,
63 . ( 10 01 .) OFFSET
( ID ). ID.

( RFC 1035, . 13)


- , . , 256 ,
.


BIND
. .1
BIND.
.1. BIND

BIND

631

B.1 ()


BIND
Linux-
BIND, Linux, ,
Linux - , , BIND 8.2.2.
8.2.3, ISC BIND 9. , Linux-.

BIND 8.2.3
BIND 8.2.3 - .
.


-, .
ftp.isc.org, FTP-:

BIND Linux-

633


tar-, BIND. tar :
(, tar,
, gzip; tar FTP
ftp.gnu.org ( /gnu/tar/tar-1.13.tar.)). src, , bin, include, lib, port. :
bin
BIND,
named.
include
, BIND. , .
lib
, BIND.
port

, BIND .

634


, . Linux gcc,
GNU, .
gcc,

http://www.fsf.org/software/gcc/gcc.html.

BIND , GNU ,
GNU-, flex b. Linux. Linux
, port/li/Makefile.set. BIND , , .


. , :
:

,
,
(Makefile). :
.
named named-xfer /usr/sbin.
, (root).

BIND 9.1.0
BIND 9.1.0
Linux-.


BIND 8.2.3, , , . , FTP ftp.isc.org:

BIND Linux-

635


tar:
BIND 8.2.3 , BIND (bind-9.1.0). BIND 8 .
bind-9.1.0 :
bin
BIND,
named.
contrib
.
doc
BIND,
(Administrator Resource Manual).
lib
, BIND.

636

make
.

configure
9 , configure,
. README , configure ,
threads,
, .
configure:

, , threads:

BIND:
. BIND,
root:
!

D


, .
, .

638

UK .

639

640

641

642


DNS-
BIND

BIND

DNS- BIND,
DNS- BIND. , , , .

BIND, ( , 8.2+). , , .

BIND4
directory
:
DNS-
:
:
. :
options 8.. 9.., directory

644


4 BIND.

primary
:
DNS-
:
:
. :
zone 8.. .., master
4 BIND.

secondary
:
DNS-
:
:
. :
zone 8.. .., slave
4 BIND.

cache
:
,
( ) DNS-
:

. :
zone 8.. .., hint
4 BIND.

DNS- BIND

645

forwarders
:
DNS-,
:

. :
options 8.. .., forwarders
10 .

sortlist
:

:
. :
options 8.2+ 9.1.0+, sortlist
10 .

slave

options forward-only 4.9.x forward options 8.. ...

include (4.9+)
:
named.boot
:
:
. :
include 8.. 9..
7 BIND.

646

stub (4.9+)
:
,
DNS-
:

. :
zone 8.. .., stub
9 .

options (4.9+)
options forward-only
:
DNS-

. :
option 8.. .., forward
:
10 .

options no-recursion
:
DNS-

. :
options 8.. .., recursion
10 11
.

options no-fetch-glue
:
DNS-

. :
options 8.., fetch-glue
10 11
.

DNS- BIND

647

options query-log
:
log- , DNS-
. :
logging 8.. 9.1.0+, queries
7 BIND, 14 DNS BIND.

options fake-iquery
:
DNS-
,
. :
options 8.., fake-iquery
12 nslookup dig.

limit (4.9+)
limit transfers-in
:
,
DNS-
. :
options 8.. 9.., transfers-in

limit transfers-per-ns
:

DNS-
. :
options 8.. 9.., transfersper-ns

limit datasize
:
, named ( )
. :
options 8.. 9.1.0+, datasize
10 .

648

xfrnets (4.9+)
:
IP-

:

. :
options zone 8.. 9.., allow-transfer
11 .

bogusns (4.9+)
:
DNS- , ,
-

. :
server 8.. 9.1.0+, bogus
10 .

check-names (4.9.4+)
:

:
. :
options zone 8.., check-names
4 BIND.

DNS- BIND

649

BIND 8
acl
:

:

10 11
.

controls (8.2+)
:
, ndc DNS-
:

7 BIND.

include
:
, include
:
7 BIND.

key (8.2+)
:
,
server, TSIG- DNS-
:

650

10 11
.

logging
:
, log-
:

7 BIND.

options
:

:

DNS- BIND

651

4 BIND, 10 , 11 16
.

652

server
:
, DNS-
:

10 11
.

trusted-keys (8.2+)
:
DNSSEC
:

11 .

zone
:
, DNS-
:

DNS- BIND

653

4 BIND 10 .

654

BIND 9
acl
:

:

10 11
.

controls
:
, rndc DNS-
:

7 BIND.

include
:
, include
:
7 BIND.

key
:
,
server, TSIG- DNS-
:

DNS- BIND

655

10 11
>>.

logging
:
, log-
:

7 BIND.

options
:

:

656

4 BIND, 10 , 11 16
.

DNS- BIND

657

server
:
, DNS-
:

10 11
.

trusted-keys
:
DNSSEC
:

11 .

view
:

:

658

10 11
.

zone
:
, DNS-
:

DNS- BIND

659

660

4 BIND 10 .

DNS- BIND
, /etc/resolv.conf.

domain
:

:
6 .

search
:

-

6 .

nameserver
:
DNS-
:

DNS- BIND

661

6 .

; # (4.9+)
:

:

:
6 .

sortlist (4.9+)
:

:
6 .

options ndots (4.9+)


:
, ,
,

:
:
6 .

662

options debug (4.9+)


:

:
6 .

options no-check-names (8.2+)


:

:
:
6 .

options attempts (8.2+)


:
, DNS-
:
:
6 .

options timeout (8.2+)


:
DNS-
:
:
6 .

DNS- BIND

663

options rotate (8.2+)


:
, DNS-
:
:
6 .