>Introduction </TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.61
+CONTENT="Modular DocBook HTML Stylesheet Version 1.73
"><LINK
REL="HOME"
TITLE="BIND 9 Administrator Reference Manual"
><DIV
CLASS="NAVHEADER"
><TABLE
+SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
VALIGN="bottom"
><A
HREF="Bv9ARM.html"
+ACCESSKEY="P"
>Prev</A
></TD
><TD
VALIGN="bottom"
><A
HREF="Bv9ARM.ch02.html"
+ACCESSKEY="N"
>Next</A
></TD
></TR
>1.2. Organization of This Document</A
></H1
><P
->In this document, <I
+>In this document, <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>Section 1</I
+></SPAN
> introduces
the basic <SPAN
CLASS="acronym"
> and <SPAN
CLASS="acronym"
>BIND</SPAN
-> concepts. <I
+> concepts. <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>Section 2</I
+></SPAN
>
describes resource requirements for running <SPAN
CLASS="acronym"
>BIND</SPAN
> in various
- environments. Information in <I
+ environments. Information in <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>Section 3</I
+></SPAN
> is
- <I
+ <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>task-oriented</I
+></SPAN
> in its presentation and is
organized functionally, to aid in the process of installing the
<SPAN
CLASS="acronym"
>BIND</SPAN
> 9 software. The task-oriented section is followed by
- <I
+ <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>Section 4</I
+></SPAN
>, which contains more advanced
concepts that the system administrator may need for implementing
- certain options. <I
+ certain options. <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>Section 5</I
+></SPAN
>
describes the <SPAN
CLASS="acronym"
>BIND</SPAN
> 9 lightweight
- resolver. The contents of <I
+ resolver. The contents of <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>Section 6</I
+></SPAN
> are
organized as in a reference manual to aid in the ongoing
- maintenance of the software. <I
+ maintenance of the software. <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>Section 7
</I
+></SPAN
>addresses security considerations, and
- <I
+ <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>Section 8</I
+></SPAN
> contains troubleshooting help. The
main body of the document is followed by several
- <I
+ <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>Appendices</I
+></SPAN
> which contain useful reference
- information, such as a <I
+ information, such as a <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>Bibliography</I
+></SPAN
> and
historic information related to <SPAN
CLASS="acronym"
ALIGN="LEFT"
VALIGN="MIDDLE"
> <P
+><SPAN
+CLASS="emphasis"
><I
CLASS="emphasis"
>To
describe:</I
+></SPAN
></P
></TD
><TD
ALIGN="LEFT"
VALIGN="MIDDLE"
> <P
+><SPAN
+CLASS="emphasis"
><I
CLASS="emphasis"
>We use the style:</I
+></SPAN
></P
></TD
></TR
ALIGN="LEFT"
VALIGN="MIDDLE"
><P
+><SPAN
+CLASS="emphasis"
><I
CLASS="emphasis"
>To
describe:</I
+></SPAN
></P
></TD
><TD
ALIGN="LEFT"
VALIGN="MIDDLE"
><P
+><SPAN
+CLASS="emphasis"
><I
CLASS="emphasis"
>We use the style:</I
+></SPAN
></P
></TD
></TR
used by Internet applications.</P
><P
>Clients look up information in the DNS by calling a
-<I
+<SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>resolver</I
+></SPAN
> library, which sends queries to one or
-more <I
+more <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>name servers</I
+></SPAN
> and interprets the responses.
The <SPAN
CLASS="acronym"
>1.4.2. Domains and Domain Names</A
></H2
><P
->The data stored in the DNS is identified by <I
+>The data stored in the DNS is identified by <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>domain
names</I
+></SPAN
> that are organized as a tree according to
organizational or administrative boundaries. Each node of the tree,
-called a <I
+called a <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>domain</I
+></SPAN
>, is given a label. The domain name of the
node is the concatenation of all the labels on the path from the
-node to the <I
+node to the <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>root</I
+></SPAN
> node. This is represented
in written form as a string of labels listed from right to left and
separated by dots. A label need only be unique within its parent
domain.</P
><P
>For example, a domain name for a host at the
-company <I
+company <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>Example, Inc.</I
+></SPAN
> could be
<TT
CLASS="literal"
name of the host.</P
><P
>For administrative purposes, the name space is partitioned into
-areas called <I
+areas called <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>zones</I
+></SPAN
>, each starting at a node and
extending down to the leaf nodes or to nodes where other zones start.
-The data for each zone is stored in a <I
+The data for each zone is stored in a <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>name
server</I
+></SPAN
>, which answers queries about the zone using the
-<I
+<SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>DNS protocol</I
+></SPAN
>.
</P
><P
>The data associated with each domain name is stored in the
-form of <I
+form of <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>resource records</I
+></SPAN
> (<SPAN
CLASS="acronym"
>RR</SPAN
></H2
><P
>To properly operate a name server, it is important to understand
-the difference between a <I
+the difference between a <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>zone</I
+></SPAN
>
-and a <I
+and a <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>domain</I
+></SPAN
>.</P
><P
>As we stated previously, a zone is a point of delegation in
it has authority. It contains all domain names from a certain point
downward in the domain tree except those which are delegated to
other zones. A delegation point is marked by one or more
-<I
+<SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>NS records</I
+></SPAN
> in the
parent zone, which should be matched by equivalent NS records at
the root of the delegated zone.</P
CLASS="acronym"
>DNS</SPAN
> tree is a
-<I
+<SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>domain</I
+></SPAN
>, even if it is
-<I
+<SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>terminal</I
+></SPAN
>, that is, has no
-<I
+<SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>subdomains</I
+></SPAN
>. Every subdomain is a domain and
every domain except the root is also a subdomain. The terminology is
not intuitive and we suggest that you read RFCs 1033, 1034 and 1035 to
>named.conf</TT
> file specify
zones, not domains. When you ask some other site if it is willing to
-be a slave server for your <I
+be a slave server for your <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>domain</I
+></SPAN
>, you are
actually asking for slave service for some collection of zones.</P
></DIV
></H2
><P
>Each zone is served by at least
-one <I
+one <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>authoritative name server</I
+></SPAN
>,
which contains the complete data for the zone.
To make the DNS tolerant of server and network failures,
></H3
><P
> The authoritative server where the master copy of the zone data is maintained is
-called the <I
+called the <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>primary master</I
+></SPAN
> server, or simply the
-<I
+<SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>primary</I
+></SPAN
>. It loads the zone contents from some
local file edited by humans or perhaps generated mechanically from
some other local file which is edited by humans. This file is called
-the <I
+the <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>zone file</I
-> or <I
+></SPAN
+> or <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>master file</I
+></SPAN
>.</P
></DIV
><DIV
>1.4.4.2. Slave Servers</A
></H3
><P
->The other authoritative servers, the <I
+>The other authoritative servers, the <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>slave</I
+></SPAN
>
-servers (also known as <I
+servers (also known as <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>secondary</I
+></SPAN
> servers) load
the zone contents from another server using a replication process
-known as a <I
+known as a <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>zone transfer</I
+></SPAN
>. Typically the data are
transferred directly from the primary master, but it is also possible
to transfer it from another slave. In other words, a slave server
><P
>Usually all of the zone's authoritative servers are listed in
NS records in the parent zone. These NS records constitute
-a <I
+a <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>delegation</I
+></SPAN
> of the zone from the parent.
The authoritative servers are also listed in the zone file itself,
-at the <I
+at the <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>top level</I
-> or <I
+></SPAN
+> or <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>apex</I
+></SPAN
>
of the zone. You can list servers in the zone's top-level NS
records that are not in the parent's NS delegation, but you cannot
list servers in the parent's delegation that are not present at
the zone's top level.</P
><P
->A <I
+>A <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>stealth server</I
+></SPAN
> is a server that is
authoritative for a zone but is not listed in that zone's NS
records. Stealth servers can be used for keeping a local copy of a
></H2
><P
>The resolver libraries provided by most operating systems are
-<I
+<SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>stub resolvers</I
+></SPAN
>, meaning that they are not capable of
performing the full DNS resolution process by themselves by talking
directly to the authoritative servers. Instead, they rely on a local
name server to perform the resolution on their behalf. Such a server
-is called a <I
+is called a <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>recursive</I
+></SPAN
> name server; it performs
-<I
+<SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>recursive lookups</I
+></SPAN
> for local clients.</P
><P
>To improve performance, recursive servers cache the results of
the lookups they perform. Since the processes of recursion and
caching are intimately connected, the terms
-<I
+<SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>recursive server</I
+></SPAN
> and
-<I
+<SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>caching server</I
+></SPAN
> are often used synonymously.</P
><P
>The length of time for which a record may be retained in
><P
>Even a caching name server does not necessarily perform
the complete recursive lookup itself. Instead, it can
-<I
+<SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>forward</I
+></SPAN
> some or all of the queries
that it cannot satisfy from its cache to another caching name server,
-commonly referred to as a <I
+commonly referred to as a <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>forwarder</I
+></SPAN
>.
</P
><P
often advantageous to run them on separate server machines.
A server that only provides authoritative name service
-(an <I
+(an <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>authoritative-only</I
+></SPAN
> server) can run with
recursion disabled, improving reliability and security.
A server that is not authoritative for any zones and only provides
recursive service to local
-clients (a <I
+clients (a <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>caching-only</I
+></SPAN
> server)
does not need to be reachable from the Internet at large and can
be placed inside a firewall.</P
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
VALIGN="top"
><A
HREF="Bv9ARM.html"
+ACCESSKEY="P"
>Prev</A
></TD
><TD
VALIGN="top"
><A
HREF="Bv9ARM.html"
+ACCESSKEY="H"
>Home</A
></TD
><TD
VALIGN="top"
><A
HREF="Bv9ARM.ch02.html"
+ACCESSKEY="N"
>Next</A
></TD
></TR
>BIND Resource Requirements</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.61
+CONTENT="Modular DocBook HTML Stylesheet Version 1.73
"><LINK
REL="HOME"
TITLE="BIND 9 Administrator Reference Manual"
><DIV
CLASS="NAVHEADER"
><TABLE
+SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
VALIGN="bottom"
><A
HREF="Bv9ARM.ch01.html"
+ACCESSKEY="P"
>Prev</A
></TD
><TD
VALIGN="bottom"
><A
HREF="Bv9ARM.ch03.html"
+ACCESSKEY="N"
>Next</A
></TD
></TR
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
VALIGN="top"
><A
HREF="Bv9ARM.ch01.html"
+ACCESSKEY="P"
>Prev</A
></TD
><TD
VALIGN="top"
><A
HREF="Bv9ARM.html"
+ACCESSKEY="H"
>Home</A
></TD
><TD
VALIGN="top"
><A
HREF="Bv9ARM.ch03.html"
+ACCESSKEY="N"
>Next</A
></TD
></TR
>Nameserver Configuration</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.61
+CONTENT="Modular DocBook HTML Stylesheet Version 1.73
"><LINK
REL="HOME"
TITLE="BIND 9 Administrator Reference Manual"
><DIV
CLASS="NAVHEADER"
><TABLE
+SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
VALIGN="bottom"
><A
HREF="Bv9ARM.ch02.html"
+ACCESSKEY="P"
>Prev</A
></TD
><TD
VALIGN="bottom"
><A
HREF="Bv9ARM.ch04.html"
+ACCESSKEY="N"
>Next</A
></TD
></TR
></DT
><DD
><P
->Display status of the server.</P
+>Display status of the server.
+Note the number of zones includes the internal <B
+CLASS="command"
+>bind/CH</B
+> zone
+and the default <B
+CLASS="command"
+>./IN</B
+> hint zone if there is not a
+explicit root zone configured.</P
></DD
></DL
></DIV
><H2
CLASS="sect2"
><A
-NAME="AEN661"
+NAME="AEN663"
>3.4.2. Signals</A
></H2
><P
><DIV
CLASS="informaltable"
><A
-NAME="AEN665"
+NAME="AEN667"
></A
><P
></P
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
VALIGN="top"
><A
HREF="Bv9ARM.ch02.html"
+ACCESSKEY="P"
>Prev</A
></TD
><TD
VALIGN="top"
><A
HREF="Bv9ARM.html"
+ACCESSKEY="H"
>Home</A
></TD
><TD
VALIGN="top"
><A
HREF="Bv9ARM.ch04.html"
+ACCESSKEY="N"
>Next</A
></TD
></TR
>Advanced Concepts</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.61
+CONTENT="Modular DocBook HTML Stylesheet Version 1.73
"><LINK
REL="HOME"
TITLE="BIND 9 Administrator Reference Manual"
><DIV
CLASS="NAVHEADER"
><TABLE
+SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
VALIGN="bottom"
><A
HREF="Bv9ARM.ch03.html"
+ACCESSKEY="P"
>Prev</A
></TD
><TD
VALIGN="bottom"
><A
HREF="Bv9ARM.ch05.html"
+ACCESSKEY="N"
>Next</A
></TD
></TR
></DT
><DT
>4.3. <A
-HREF="Bv9ARM.ch04.html#AEN725"
+HREF="Bv9ARM.ch04.html#AEN727"
>Split DNS</A
></DT
><DT
></DT
><DT
>4.5. <A
-HREF="Bv9ARM.ch04.html#AEN885"
+HREF="Bv9ARM.ch04.html#AEN887"
>TKEY</A
></DT
><DT
>4.6. <A
-HREF="Bv9ARM.ch04.html#AEN900"
+HREF="Bv9ARM.ch04.html#AEN902"
>SIG(0)</A
></DT
><DT
></DT
><DT
>4.8. <A
-HREF="Bv9ARM.ch04.html#AEN985"
+HREF="Bv9ARM.ch04.html#AEN987"
>IPv6 Support in <SPAN
CLASS="acronym"
>BIND</SPAN
or using <B
CLASS="command"
>rndc halt</B
-> is <I
+> is <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>not</I
+></SPAN
>
sufficient). Wait for the server to exit,
- then <I
+ then <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>remove</I
+></SPAN
> the zone's
<TT
CLASS="filename"
><H1
CLASS="sect1"
><A
-NAME="AEN725"
+NAME="AEN727"
>4.3. Split DNS</A
></H1
><P
>Setting up different views, or visibility, of DNS space to
-internal and external resolvers is usually referred to as a <I
+internal and external resolvers is usually referred to as a <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>Split
DNS</I
+></SPAN
> setup. There are several reasons an organization
would want to set up its DNS this way.</P
><P
><P
>Here is an example of a split DNS setup:</P
><P
->Let's say a company named <I
+>Let's say a company named <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>Example, Inc.</I
+></SPAN
> (example.com)
has several corporate sites that have an internal network with reserved
Internet Protocol (IP) space and an external demilitarized zone (DMZ),
or "outside" section of a network, that is available to the public.</P
><P
+><SPAN
+CLASS="emphasis"
><I
CLASS="emphasis"
>Example, Inc.</I
+></SPAN
> wants its internal clients
to be able to resolve external hostnames and to exchange mail with
people on the outside. The company also wants its internal resolvers
>, <TT
CLASS="filename"
>site2.example.com</TT
->,<I
+>,<SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
> </I
+></SPAN
><TT
CLASS="filename"
>site1.internal</TT
out to the DNS servers on the bastion hosts.</P
><P
>In order for all this to work properly, internal clients will
-need to be configured to query <I
+need to be configured to query <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>only</I
+></SPAN
> the internal
nameservers for DNS queries. This could also be enforced via selective
filtering on the network.</P
><P
->If everything has been set properly, <I
+>If everything has been set properly, <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>Example, Inc.</I
+></SPAN
>'s
internal clients will now be able to:</P
><P
><H2
CLASS="sect2"
><A
-NAME="AEN816"
+NAME="AEN818"
>4.4.1. Generate Shared Keys for Each Pair of Hosts</A
></H2
><P
->A shared secret is generated to be shared between <I
+>A shared secret is generated to be shared between <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>host1</I
-> and <I
+></SPAN
+> and <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>host2</I
+></SPAN
>.
An arbitrary key name is chosen: "host1-host2.". The key name must
be the same on both hosts.</P
><H3
CLASS="sect3"
><A
-NAME="AEN821"
+NAME="AEN823"
>4.4.1.1. Automatic Generation</A
></H3
><P
><H3
CLASS="sect3"
><A
-NAME="AEN832"
+NAME="AEN834"
>4.4.1.2. Manual Generation</A
></H3
><P
><H2
CLASS="sect2"
><A
-NAME="AEN837"
+NAME="AEN839"
>4.4.2. Copying the Shared Secret to Both Machines</A
></H2
><P
><H2
CLASS="sect2"
><A
-NAME="AEN840"
+NAME="AEN842"
>4.4.3. Informing the Servers of the Key's Existence</A
></H2
><P
->Imagine <I
+>Imagine <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>host1</I
-> and <I
+></SPAN
+> and <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>host 2</I
+></SPAN
> are
both servers. The following is added to each server's <TT
CLASS="filename"
><H2
CLASS="sect2"
><A
-NAME="AEN852"
+NAME="AEN854"
>4.4.4. Instructing the Server to Use the Key</A
></H2
><P
CLASS="filename"
>named.conf</TT
> file
-for <I
+for <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>host1</I
->, if the IP address of <I
+></SPAN
+>, if the IP address of <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>host2</I
+></SPAN
> is
10.1.2.3:</P
><PRE
This directive does not contain any secrets, so it may be in a world-readable
file.</P
><P
->If <I
+>If <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>host1</I
+></SPAN
> sends a message that is a request
-to that address, the message will be signed with the specified key. <I
+to that address, the message will be signed with the specified key. <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>host1</I
+></SPAN
> will
expect any responses to signed messages to be signed with the same
key.</P
><P
->A similar statement must be present in <I
+>A similar statement must be present in <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>host2</I
+></SPAN
>'s
-configuration file (with <I
+configuration file (with <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>host1</I
->'s address) for <I
+></SPAN
+>'s address) for <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>host2</I
+></SPAN
> to
-sign request messages to <I
+sign request messages to <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>host1</I
+></SPAN
>.</P
></DIV
><DIV
><H2
CLASS="sect2"
><A
-NAME="AEN868"
+NAME="AEN870"
>4.4.5. TSIG Key Based Access Control</A
></H2
><P
><H2
CLASS="sect2"
><A
-NAME="AEN881"
+NAME="AEN883"
>4.4.6. Errors</A
></H2
><P
><H1
CLASS="sect1"
><A
-NAME="AEN885"
+NAME="AEN887"
>4.5. TKEY</A
></H1
><P
><H1
CLASS="sect1"
><A
-NAME="AEN900"
+NAME="AEN902"
>4.6. SIG(0)</A
></H1
><P
></H1
><P
>Cryptographic authentication of DNS information is possible
- through the DNS Security (<I
+ through the DNS Security (<SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>DNSSEC</I
+></SPAN
>) extensions,
defined in RFC 2535. This section describes the creation and use
of DNSSEC signed zones.</P
><H2
CLASS="sect2"
><A
-NAME="AEN917"
+NAME="AEN919"
>4.7.1. Generating Keys</A
></H2
><P
><H2
CLASS="sect2"
><A
-NAME="AEN937"
+NAME="AEN939"
>4.7.2. Creating a Keyset</A
></H2
><P
><H2
CLASS="sect2"
><A
-NAME="AEN949"
+NAME="AEN951"
>4.7.3. Signing the Child's Keyset</A
></H2
><P
><H2
CLASS="sect2"
><A
-NAME="AEN962"
+NAME="AEN964"
>4.7.4. Signing the Zone</A
></H2
><P
><H2
CLASS="sect2"
><A
-NAME="AEN978"
+NAME="AEN980"
>4.7.5. Configuring Servers</A
></H2
><P
><H1
CLASS="sect1"
><A
-NAME="AEN985"
+NAME="AEN987"
>4.8. IPv6 Support in <SPAN
CLASS="acronym"
>BIND</SPAN
CLASS="acronym"
>BIND</SPAN
> 9 supports the new
- "bitstring" format used in the <I
+ "bitstring" format used in the <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>ip6.arpa</I
+></SPAN
>
domain, as well as the older, deprecated "nibble" format used in
- the <I
+ the <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>ip6.int</I
+></SPAN
> domain.</P
><P
><SPAN
><H2
CLASS="sect2"
><A
-NAME="AEN1001"
+NAME="AEN1003"
>4.8.1. Address Lookups Using AAAA Records</A
></H2
><P
><H2
CLASS="sect2"
><A
-NAME="AEN1006"
+NAME="AEN1008"
>4.8.2. Address Lookups Using A6 Records</A
></H2
><P
><H3
CLASS="sect3"
><A
-NAME="AEN1010"
+NAME="AEN1012"
>4.8.2.1. A6 Chains</A
></H3
><P
><H3
CLASS="sect3"
><A
-NAME="AEN1021"
+NAME="AEN1023"
>4.8.2.2. A6 Records for DNS Servers</A
></H3
><P
><H2
CLASS="sect2"
><A
-NAME="AEN1027"
+NAME="AEN1029"
>4.8.3. Address to Name Lookups Using Nibble Format</A
></H2
><P
><H2
CLASS="sect2"
><A
-NAME="AEN1034"
+NAME="AEN1036"
>4.8.4. Address to Name Lookups Using Bitstring Format</A
></H2
><P
>Bitstring labels can start and end on any bit boundary,
rather than on a multiple of 4 bits as in the nibble
- format. They also use <I
+ format. They also use <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>ip6.arpa</I
+></SPAN
> rather than
- <I
+ <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>ip6.int</I
+></SPAN
>.</P
><P
>To replicate the previous example using bitstrings:</P
><H2
CLASS="sect2"
><A
-NAME="AEN1041"
+NAME="AEN1043"
>4.8.5. Using DNAME for Delegation of IPv6 Reverse Addresses</A
></H2
><P
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
VALIGN="top"
><A
HREF="Bv9ARM.ch03.html"
+ACCESSKEY="P"
>Prev</A
></TD
><TD
VALIGN="top"
><A
HREF="Bv9ARM.html"
+ACCESSKEY="H"
>Home</A
></TD
><TD
VALIGN="top"
><A
HREF="Bv9ARM.ch05.html"
+ACCESSKEY="N"
>Next</A
></TD
></TR
>The BIND 9 Lightweight Resolver</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.61
+CONTENT="Modular DocBook HTML Stylesheet Version 1.73
"><LINK
REL="HOME"
TITLE="BIND 9 Administrator Reference Manual"
><DIV
CLASS="NAVHEADER"
><TABLE
+SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
VALIGN="bottom"
><A
HREF="Bv9ARM.ch04.html"
+ACCESSKEY="P"
>Prev</A
></TD
><TD
VALIGN="bottom"
><A
HREF="Bv9ARM.ch06.html"
+ACCESSKEY="N"
>Next</A
></TD
></TR
></DT
><DT
>5.1. <A
-HREF="Bv9ARM.ch05.html#AEN1061"
+HREF="Bv9ARM.ch05.html#AEN1063"
>The Lightweight Resolver Library</A
></DT
><DT
><H1
CLASS="sect1"
><A
-NAME="AEN1061"
+NAME="AEN1063"
>5.1. The Lightweight Resolver Library</A
></H1
><P
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
VALIGN="top"
><A
HREF="Bv9ARM.ch04.html"
+ACCESSKEY="P"
>Prev</A
></TD
><TD
VALIGN="top"
><A
HREF="Bv9ARM.html"
+ACCESSKEY="H"
>Home</A
></TD
><TD
VALIGN="top"
><A
HREF="Bv9ARM.ch06.html"
+ACCESSKEY="N"
>Next</A
></TD
></TR
>BIND 9 Configuration Reference</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.61
+CONTENT="Modular DocBook HTML Stylesheet Version 1.73
"><LINK
REL="HOME"
TITLE="BIND 9 Administrator Reference Manual"
><DIV
CLASS="NAVHEADER"
><TABLE
+SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
VALIGN="bottom"
><A
HREF="Bv9ARM.ch05.html"
+ACCESSKEY="P"
>Prev</A
></TD
><TD
VALIGN="bottom"
><A
HREF="Bv9ARM.ch07.html"
+ACCESSKEY="N"
>Next</A
></TD
></TR
></DT
><DT
>6.3. <A
-HREF="Bv9ARM.ch06.html#AEN3536"
+HREF="Bv9ARM.ch06.html#AEN3565"
>Zone File</A
></DT
></DL
><DIV
CLASS="informaltable"
><A
-NAME="AEN1103"
+NAME="AEN1105"
></A
><P
></P
><H3
CLASS="sect3"
><A
-NAME="AEN1265"
+NAME="AEN1267"
>6.1.1.1. Syntax</A
></H3
><PRE
><H3
CLASS="sect3"
><A
-NAME="AEN1273"
+NAME="AEN1275"
>6.1.1.2. Definition and Usage</A
></H3
><P
><H2
CLASS="sect2"
><A
-NAME="AEN1302"
+NAME="AEN1304"
>6.1.2. Comment Syntax</A
></H2
><P
><H3
CLASS="sect3"
><A
-NAME="AEN1307"
+NAME="AEN1309"
>6.1.2.1. Syntax</A
></H3
><P
><H3
CLASS="sect3"
><A
-NAME="AEN1316"
+NAME="AEN1318"
>6.1.2.2. Definition and Usage</A
></H3
><P
><DIV
CLASS="informaltable"
><A
-NAME="AEN1340"
+NAME="AEN1342"
></A
><P
></P
><H2
CLASS="sect2"
><A
-NAME="AEN1409"
+NAME="AEN1411"
>6.2.1. <B
CLASS="command"
>acl</B
><DIV
CLASS="informaltable"
><A
-NAME="AEN1422"
+NAME="AEN1424"
></A
><P
></P
><H2
CLASS="sect2"
><A
-NAME="AEN1456"
+NAME="AEN1458"
>6.2.3. <B
CLASS="command"
>controls</B
><H2
CLASS="sect2"
><A
-NAME="AEN1529"
+NAME="AEN1531"
>6.2.5. <B
CLASS="command"
>include</B
><H2
CLASS="sect2"
><A
-NAME="AEN1534"
+NAME="AEN1536"
>6.2.6. <B
CLASS="command"
>include</B
><H2
CLASS="sect2"
><A
-NAME="AEN1541"
+NAME="AEN1543"
>6.2.7. <B
CLASS="command"
>key</B
><H2
CLASS="sect2"
><A
-NAME="AEN1548"
+NAME="AEN1550"
>6.2.8. <B
CLASS="command"
>key</B
><H2
CLASS="sect2"
><A
-NAME="AEN1566"
+NAME="AEN1568"
>6.2.9. <B
CLASS="command"
>logging</B
><H2
CLASS="sect2"
><A
-NAME="AEN1606"
+NAME="AEN1608"
>6.2.10. <B
CLASS="command"
>logging</B
><H3
CLASS="sect3"
><A
-NAME="AEN1622"
+NAME="AEN1624"
>6.2.10.1. The <B
CLASS="command"
>channel</B
> Phrase</A
></H3
><P
->All log output goes to one or more <I
+>All log output goes to one or more <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>channels</I
+></SPAN
>;
you can make as many of them as you want.</P
><P
CLASS="command"
>syslog</B
> man
-page. How <B
+page. Known facilities are <B
+CLASS="command"
+>kern</B
+>, <B
+CLASS="command"
+>user</B
+>,
+<B
+CLASS="command"
+>mail</B
+>, <B
+CLASS="command"
+>daemon</B
+>, <B
+CLASS="command"
+>auth</B
+>,
+<B
+CLASS="command"
+>syslog</B
+>, <B
+CLASS="command"
+>lpr</B
+>, <B
+CLASS="command"
+>news</B
+>,
+<B
+CLASS="command"
+>uucp</B
+>, <B
+CLASS="command"
+>cron</B
+>, <B
+CLASS="command"
+>authpriv</B
+>,
+<B
+CLASS="command"
+>ftp</B
+>, <B
+CLASS="command"
+>local0</B
+>, <B
+CLASS="command"
+>local1</B
+>,
+<B
+CLASS="command"
+>local2</B
+>, <B
+CLASS="command"
+>local3</B
+>, <B
+CLASS="command"
+>local4</B
+>,
+<B
+CLASS="command"
+>local5</B
+>, <B
+CLASS="command"
+>local6</B
+> and
+<B
+CLASS="command"
+>local7</B
+>, however not all facilities are supported on
+all operating systems.
+How <B
CLASS="command"
>syslog</B
> will handle messages sent to
><DIV
CLASS="informaltable"
><A
-NAME="AEN1726"
+NAME="AEN1748"
></A
><P
></P
><H2
CLASS="sect2"
><A
-NAME="AEN1837"
+NAME="AEN1859"
>6.2.11. <B
CLASS="command"
>lwres</B
><H2
CLASS="sect2"
><A
-NAME="AEN1861"
+NAME="AEN1883"
>6.2.12. <B
CLASS="command"
>lwres</B
><H2
CLASS="sect2"
><A
-NAME="AEN1880"
+NAME="AEN1902"
>6.2.13. <B
CLASS="command"
>options</B
>]
[<SPAN
CLASS="optional"
+> query-source-v6 [<SPAN
+CLASS="optional"
+> address ( <TT
+CLASS="replaceable"
+><I
+>ip_addr</I
+></TT
+> | <TT
+CLASS="replaceable"
+><I
+>*</I
+></TT
+> ) </SPAN
+>] [<SPAN
+CLASS="optional"
+> port ( <TT
+CLASS="replaceable"
+><I
+>ip_port</I
+></TT
+> | <TT
+CLASS="replaceable"
+><I
+>*</I
+></TT
+> ) </SPAN
+>]; </SPAN
+>]
+ [<SPAN
+CLASS="optional"
> max-transfer-time-in <TT
CLASS="replaceable"
><I
><H2
CLASS="sect2"
><A
-NAME="AEN2098"
+NAME="AEN2127"
>6.2.14. <B
CLASS="command"
>options</B
></DT
><DD
><P
+><SPAN
+CLASS="emphasis"
><I
CLASS="emphasis"
>This option is obsolete.</I
+></SPAN
>
It was used in <SPAN
CLASS="acronym"
></DT
><DD
><P
+><SPAN
+CLASS="emphasis"
><I
CLASS="emphasis"
>This option is obsolete</I
+></SPAN
>.
It was used in <SPAN
CLASS="acronym"
></DT
><DD
><P
+><SPAN
+CLASS="emphasis"
><I
CLASS="emphasis"
>This option is obsolete</I
+></SPAN
>.
<SPAN
CLASS="acronym"
></DT
><DD
><P
+><SPAN
+CLASS="emphasis"
><I
CLASS="emphasis"
>This option is obsolete</I
+></SPAN
>.
If you need to disable IXFR to a particular server or servers see
the information on the <B
><H3
CLASS="sect3"
><A
-NAME="AEN2398"
+NAME="AEN2427"
>6.2.14.2. Forwarding</A
></H3
><P
><H3
CLASS="sect3"
><A
-NAME="AEN2463"
+NAME="AEN2492"
>6.2.14.4. Interfaces</A
></H3
><P
><H3
CLASS="sect3"
><A
-NAME="AEN2489"
+NAME="AEN2518"
>6.2.14.5. Query Address</A
></H3
><P
><PRE
CLASS="programlisting"
>query-source address * port *;
-query-source-v6 address * port *
+query-source-v6 address * port *;
</PRE
><DIV
CLASS="note"
><H3
CLASS="sect3"
><A
-NAME="AEN2628"
+NAME="AEN2657"
>6.2.14.7. Operating System Resource Limits</A
></H3
><P
><H3
CLASS="sect3"
><A
-NAME="AEN2665"
+NAME="AEN2694"
>6.2.14.8. Server Resource Limits</A
></H3
><P
><H3
CLASS="sect3"
><A
-NAME="AEN2693"
+NAME="AEN2722"
>6.2.14.9. Periodic Task Intervals</A
></H3
><P
><DIV
CLASS="informaltable"
><A
-NAME="AEN2781"
+NAME="AEN2810"
></A
><P
></P
><P
>Sets the number of seconds to cache a
lame server indication. 0 disables caching. (This is
-<I
+<SPAN
+CLASS="bold"
+><B
CLASS="emphasis"
->NOT</I
+>NOT</B
+></SPAN
> recommended.)
Default is <TT
CLASS="literal"
><DIV
CLASS="informaltable"
><A
-NAME="AEN2896"
+NAME="AEN2925"
></A
><P
></P
><H2
CLASS="sect2"
><A
-NAME="AEN3011"
+NAME="AEN3040"
>6.2.17. <B
CLASS="command"
>trusted-keys</B
><H2
CLASS="sect2"
><A
-NAME="AEN3027"
+NAME="AEN3056"
>6.2.18. <B
CLASS="command"
>trusted-keys</B
><H2
CLASS="sect2"
><A
-NAME="AEN3035"
+NAME="AEN3064"
>6.2.19. <B
CLASS="command"
>view</B
>address_match_list</I
></TT
> } ;
- match-recursive-only { <TT
+ match-recursive-only <TT
CLASS="replaceable"
><I
>yes_or_no</I
></TT
-> } ;
+> ;
[<SPAN
CLASS="optional"
> <TT
><H2
CLASS="sect2"
><A
-NAME="AEN3051"
+NAME="AEN3080"
>6.2.20. <B
CLASS="command"
>view</B
><H2
CLASS="sect2"
><A
-NAME="AEN3202"
+NAME="AEN3231"
>6.2.22. <B
CLASS="command"
>zone</B
><H3
CLASS="sect3"
><A
-NAME="AEN3205"
+NAME="AEN3234"
>6.2.22.1. Zone Types</A
></H3
><DIV
CLASS="informaltable"
><A
-NAME="AEN3207"
+NAME="AEN3236"
></A
><P
></P
><H3
CLASS="sect3"
><A
-NAME="AEN3262"
+NAME="AEN3291"
>6.2.22.2. Class</A
></H3
><P
><H3
CLASS="sect3"
><A
-NAME="AEN3272"
+NAME="AEN3301"
>6.2.22.3. Zone Options</A
></H3
><P
><DIV
CLASS="informaltable"
><A
-NAME="AEN3506"
+NAME="AEN3535"
></A
><P
></P
><H1
CLASS="sect1"
><A
-NAME="AEN3536"
+NAME="AEN3565"
>6.3. Zone File</A
></H1
><DIV
><H3
CLASS="sect3"
><A
-NAME="AEN3541"
+NAME="AEN3570"
>6.3.1.1. Resource Records</A
></H3
><P
><DIV
CLASS="informaltable"
><A
-NAME="AEN3547"
+NAME="AEN3576"
></A
><P
></P
></P
></DIV
><P
->The following are <I
+>The following are <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>types</I
+></SPAN
> of valid RRs
(some of these listed, although not obsolete, are experimental (x)
or historical (h) and no longer in general use):</P
><DIV
CLASS="informaltable"
><A
-NAME="AEN3579"
+NAME="AEN3608"
></A
><P
></P
></P
></DIV
><P
->The following <I
+>The following <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>classes</I
+></SPAN
> of resource records
are currently valid in the DNS:</P
><DIV
CLASS="informaltable"
><A
-NAME="AEN3726"
+NAME="AEN3755"
></A
><P
></P
></P
></DIV
><P
+><SPAN
+CLASS="emphasis"
><I
CLASS="emphasis"
>RDATA</I
+></SPAN
> is the type-dependent or class-dependent
data that describes the resource:</P
><DIV
CLASS="informaltable"
><A
-NAME="AEN3742"
+NAME="AEN3771"
></A
><P
></P
><H3
CLASS="sect3"
><A
-NAME="AEN3790"
+NAME="AEN3819"
>6.3.1.2. Textual expression of RRs</A
></H3
><P
><DIV
CLASS="informaltable"
><A
-NAME="AEN3797"
+NAME="AEN3826"
></A
><P
></P
><DIV
CLASS="informaltable"
><A
-NAME="AEN3863"
+NAME="AEN3892"
></A
><P
></P
><H2
CLASS="sect2"
><A
-NAME="AEN3891"
+NAME="AEN3920"
>6.3.2. Discussion of MX Records</A
></H2
><P
the mail transport agent will fall back to the next largest priority.
Priority numbers do not have any absolute meaning — they are relevant
only respective to other MX records for that domain name. The domain
-name given is the machine to which the mail will be delivered. It <I
+name given is the machine to which the mail will be delivered. It <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>must</I
+></SPAN
> have
an associated A record — CNAME is not sufficient.</P
><P
><DIV
CLASS="informaltable"
><A
-NAME="AEN3897"
+NAME="AEN3926"
></A
><P
></P
><DIV
CLASS="informaltable"
><A
-NAME="AEN3989"
+NAME="AEN4018"
></A
><P
></P
><H2
CLASS="sect2"
><A
-NAME="AEN4012"
+NAME="AEN4041"
>6.3.4. Inverse Mapping in IPv4</A
></H2
><P
>Reverse name resolution (that is, translation from IP address
-to name) is achieved by means of the <I
+to name) is achieved by means of the <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>in-addr.arpa</I
+></SPAN
> domain
and PTR records. Entries in the in-addr.arpa domain are made in
least-to-most significant order, read left to right. This is the
><DIV
CLASS="informaltable"
><A
-NAME="AEN4017"
+NAME="AEN4046"
></A
><P
></P
><H2
CLASS="sect2"
><A
-NAME="AEN4039"
+NAME="AEN4068"
>6.3.5. Other Zone File Directives</A
></H2
><P
><H3
CLASS="sect3"
><A
-NAME="AEN4046"
+NAME="AEN4075"
>6.3.5.1. The <B
CLASS="command"
>$ORIGIN</B
><H3
CLASS="sect3"
><A
-NAME="AEN4066"
+NAME="AEN4095"
>6.3.5.2. The <B
CLASS="command"
>$INCLUDE</B
><H3
CLASS="sect3"
><A
-NAME="AEN4086"
+NAME="AEN4115"
>6.3.5.3. The <B
CLASS="command"
>$TTL</B
><H2
CLASS="sect2"
><A
-NAME="AEN4097"
+NAME="AEN4126"
>6.3.6. <SPAN
CLASS="acronym"
>BIND</SPAN
><DIV
CLASS="informaltable"
><A
-NAME="AEN4117"
+NAME="AEN4146"
></A
><P
></P
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
VALIGN="top"
><A
HREF="Bv9ARM.ch05.html"
+ACCESSKEY="P"
>Prev</A
></TD
><TD
VALIGN="top"
><A
HREF="Bv9ARM.html"
+ACCESSKEY="H"
>Home</A
></TD
><TD
VALIGN="top"
><A
HREF="Bv9ARM.ch07.html"
+ACCESSKEY="N"
>Next</A
></TD
></TR
>BIND 9 Security Considerations</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.61
+CONTENT="Modular DocBook HTML Stylesheet Version 1.73
"><LINK
REL="HOME"
TITLE="BIND 9 Administrator Reference Manual"
><DIV
CLASS="NAVHEADER"
><TABLE
+SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
VALIGN="bottom"
><A
HREF="Bv9ARM.ch06.html"
+ACCESSKEY="P"
>Prev</A
></TD
><TD
VALIGN="bottom"
><A
HREF="Bv9ARM.ch08.html"
+ACCESSKEY="N"
>Next</A
></TD
></TR
></DT
><DT
>7.2. <A
-HREF="Bv9ARM.ch07.html#AEN4189"
+HREF="Bv9ARM.ch07.html#AEN4218"
><B
CLASS="command"
>chroot</B
your nameserver, without cluttering up your config files with huge
lists of IP addresses.</P
><P
->It is a <I
+>It is a <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>good idea</I
+></SPAN
> to use ACLs, and to
control access to your server. Limiting access to your server by
outside parties can help prevent spoofing and DoS attacks against
unless recursion has been previously disabled.</P
><P
>For more information on how to use ACLs to protect your server,
-see the <I
+see the <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>AUSCERT</I
+></SPAN
> advisory at
<A
HREF="ftp://ftp.auscert.org.au/pub/auscert/advisory/AL-1999.004.dns_dos"
><H1
CLASS="sect1"
><A
-NAME="AEN4189"
+NAME="AEN4218"
>7.2. <B
CLASS="command"
>chroot</B
>On UNIX servers, it is possible to run <SPAN
CLASS="acronym"
>BIND</SPAN
-> in a <I
+> in a <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>chrooted</I
+></SPAN
> environment
(<B
CLASS="command"
><H2
CLASS="sect2"
><A
-NAME="AEN4212"
+NAME="AEN4241"
>7.2.1. The <B
CLASS="command"
>chroot</B
</P
><P
> Unlike with earlier versions of BIND, you will typically
-<I
+<SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>not</I
+></SPAN
> need to compile <B
CLASS="command"
>named</B
><H2
CLASS="sect2"
><A
-NAME="AEN4230"
+NAME="AEN4259"
>7.2.2. Using the <B
CLASS="command"
>setuid</B
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
VALIGN="top"
><A
HREF="Bv9ARM.ch06.html"
+ACCESSKEY="P"
>Prev</A
></TD
><TD
VALIGN="top"
><A
HREF="Bv9ARM.html"
+ACCESSKEY="H"
>Home</A
></TD
><TD
VALIGN="top"
><A
HREF="Bv9ARM.ch08.html"
+ACCESSKEY="N"
>Next</A
></TD
></TR
>Troubleshooting</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.61
+CONTENT="Modular DocBook HTML Stylesheet Version 1.73
"><LINK
REL="HOME"
TITLE="BIND 9 Administrator Reference Manual"
><DIV
CLASS="NAVHEADER"
><TABLE
+SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
VALIGN="bottom"
><A
HREF="Bv9ARM.ch07.html"
+ACCESSKEY="P"
>Prev</A
></TD
><TD
VALIGN="bottom"
><A
HREF="Bv9ARM.ch09.html"
+ACCESSKEY="N"
>Next</A
></TD
></TR
></DT
><DT
>8.1. <A
-HREF="Bv9ARM.ch08.html#AEN4251"
+HREF="Bv9ARM.ch08.html#AEN4280"
>Common Problems</A
></DT
><DT
>8.2. <A
-HREF="Bv9ARM.ch08.html#AEN4256"
+HREF="Bv9ARM.ch08.html#AEN4285"
>Incrementing and Changing the Serial Number</A
></DT
><DT
>8.3. <A
-HREF="Bv9ARM.ch08.html#AEN4261"
+HREF="Bv9ARM.ch08.html#AEN4290"
>Where Can I Get Help?</A
></DT
></DL
><H1
CLASS="sect1"
><A
-NAME="AEN4251"
+NAME="AEN4280"
>8.1. Common Problems</A
></H1
><DIV
><H2
CLASS="sect2"
><A
-NAME="AEN4253"
+NAME="AEN4282"
>8.1.1. It's not working; how can I figure out what's wrong?</A
></H2
><P
><H1
CLASS="sect1"
><A
-NAME="AEN4256"
+NAME="AEN4285"
>8.2. Incrementing and Changing the Serial Number</A
></H1
><P
><H1
CLASS="sect1"
><A
-NAME="AEN4261"
+NAME="AEN4290"
>8.3. Where Can I Get Help?</A
></H1
><P
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
VALIGN="top"
><A
HREF="Bv9ARM.ch07.html"
+ACCESSKEY="P"
>Prev</A
></TD
><TD
VALIGN="top"
><A
HREF="Bv9ARM.html"
+ACCESSKEY="H"
>Home</A
></TD
><TD
VALIGN="top"
><A
HREF="Bv9ARM.ch09.html"
+ACCESSKEY="N"
>Next</A
></TD
></TR
>Appendices</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.61
+CONTENT="Modular DocBook HTML Stylesheet Version 1.73
"><LINK
REL="HOME"
TITLE="BIND 9 Administrator Reference Manual"
><DIV
CLASS="NAVHEADER"
><TABLE
+SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
VALIGN="bottom"
><A
HREF="Bv9ARM.ch08.html"
+ACCESSKEY="P"
>Prev</A
></TD
><TD
></DT
><DT
>A.1. <A
-HREF="Bv9ARM.ch09.html#AEN4277"
+HREF="Bv9ARM.ch09.html#AEN4306"
>Acknowledgements</A
></DT
><DT
></DT
><DT
>A.3. <A
-HREF="Bv9ARM.ch09.html#AEN4318"
+HREF="Bv9ARM.ch09.html#AEN4347"
>General <SPAN
CLASS="acronym"
>DNS</SPAN
><H1
CLASS="sect1"
><A
-NAME="AEN4277"
+NAME="AEN4306"
>A.1. Acknowledgements</A
></H1
><DIV
><H2
CLASS="sect2"
><A
-NAME="AEN4279"
+NAME="AEN4308"
>A.1.1. A Brief History of the <SPAN
CLASS="acronym"
>DNS</SPAN
><H3
CLASS="sect3"
><A
-NAME="AEN4309"
+NAME="AEN4338"
>A.2.1.1. HS = hesiod</A
></H3
><P
><H3
CLASS="sect3"
><A
-NAME="AEN4314"
+NAME="AEN4343"
>A.2.1.2. CH = chaos</A
></H3
><P
><H1
CLASS="sect1"
><A
-NAME="AEN4318"
+NAME="AEN4347"
>A.3. General <SPAN
CLASS="acronym"
>DNS</SPAN
CLASS="acronym"
>DNS</SPAN
> to facilitate
-scalable Internet routing. There are three types of addresses: <I
+scalable Internet routing. There are three types of addresses: <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>Unicast</I
+></SPAN
>,
-an identifier for a single interface; <I
+an identifier for a single interface; <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>Anycast</I
+></SPAN
>,
-an identifier for a set of interfaces; and <I
+an identifier for a set of interfaces; and <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>Multicast</I
+></SPAN
>,
an identifier for a set of interfaces. Here we describe the global
Unicast address scheme. For more information, see RFC 2374.</P
><DIV
CLASS="informaltable"
><A
-NAME="AEN4329"
+NAME="AEN4358"
></A
><P
></P
<DIV
CLASS="informaltable"
><A
-NAME="AEN4398"
+NAME="AEN4427"
></A
><P
></P
></DIV
></P
><P
->The <I
+>The <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>Public Topology</I
+></SPAN
> is provided by the
-upstream provider or ISP, and (roughly) corresponds to the IPv4 <I
+upstream provider or ISP, and (roughly) corresponds to the IPv4 <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>network</I
+></SPAN
> section
-of the address range. The <I
+of the address range. The <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>Site Topology</I
+></SPAN
> is
where you can subnet this space, much the same as subnetting an
-IPv4 /16 network into /24 subnets. The <I
+IPv4 /16 network into /24 subnets. The <SPAN
+CLASS="emphasis"
+><I
CLASS="emphasis"
>Interface Identifier</I
+></SPAN
> is
the address of an individual interface on a given network. (With
IPv6, addresses belong to interfaces rather than machines.)</P
><DIV
CLASS="informaltable"
><A
-NAME="AEN4453"
+NAME="AEN4482"
></A
><P
></P
</P
><H3
><A
-NAME="AEN4497"
+NAME="AEN4526"
>Bibliography</A
></H3
-><H1
+><H2
CLASS="bibliodiv"
><A
-NAME="AEN4498"
+NAME="AEN4527"
>Standards</A
-></H1
+></H2
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4500"
+NAME="AEN4529"
></A
><P
>[RFC974] <SPAN
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4507"
+NAME="AEN4536"
></A
><P
>[RFC1034] <SPAN
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4514"
+NAME="AEN4543"
></A
><P
>[RFC1035] <SPAN
STYLE="margin-left=0.5in"
></DIV
></DIV
-><H1
+><H2
CLASS="bibliodiv"
><A
NAME="proposed_standards"
>Proposed Standards</A
-></H1
+></H2
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4523"
+NAME="AEN4552"
></A
><P
>[RFC2181] <SPAN
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4531"
+NAME="AEN4560"
></A
><P
>[RFC2308] <SPAN
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4539"
+NAME="AEN4568"
></A
><P
>[RFC1995] <SPAN
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4547"
+NAME="AEN4576"
></A
><P
>[RFC1996] <SPAN
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4554"
+NAME="AEN4583"
></A
><P
>[RFC2136] <SPAN
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4571"
+NAME="AEN4600"
></A
><P
>[RFC2845] <SPAN
STYLE="margin-left=0.5in"
></DIV
></DIV
-><H1
+><H2
CLASS="bibliodiv"
><A
-NAME="AEN4590"
+NAME="AEN4619"
>Proposed Standards Still Under Development</A
-></H1
+></H2
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4595"
+NAME="AEN4624"
></A
><P
>[RFC1886] <SPAN
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4607"
+NAME="AEN4636"
></A
><P
>[RFC2065] <SPAN
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4619"
+NAME="AEN4648"
></A
><P
>[RFC2137] <SPAN
STYLE="margin-left=0.5in"
></DIV
></DIV
-><H1
+><H2
CLASS="bibliodiv"
><A
-NAME="AEN4627"
+NAME="AEN4656"
>Other Important RFCs About <SPAN
CLASS="acronym"
>DNS</SPAN
> Implementation</A
-></H1
+></H2
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4630"
+NAME="AEN4659"
></A
><P
>[RFC1535] <SPAN
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4638"
+NAME="AEN4667"
></A
><P
>[RFC1536] <SPAN
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4659"
+NAME="AEN4688"
></A
><P
>[RFC1982] <SPAN
STYLE="margin-left=0.5in"
></DIV
></DIV
-><H1
+><H2
CLASS="bibliodiv"
><A
-NAME="AEN4670"
+NAME="AEN4699"
>Resource Record Types</A
-></H1
+></H2
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4672"
+NAME="AEN4701"
></A
><P
>[RFC1183] <SPAN
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4690"
+NAME="AEN4719"
></A
><P
>[RFC1706] <SPAN
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4702"
+NAME="AEN4731"
></A
><P
>[RFC2168] <SPAN
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4713"
+NAME="AEN4742"
></A
><P
>[RFC1876] <SPAN
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4730"
+NAME="AEN4759"
></A
><P
>[RFC2052] <SPAN
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4742"
+NAME="AEN4771"
></A
><P
>[RFC2163] <SPAN
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4750"
+NAME="AEN4779"
></A
><P
>[RFC2230] <SPAN
STYLE="margin-left=0.5in"
></DIV
></DIV
-><H1
+><H2
CLASS="bibliodiv"
><A
-NAME="AEN4758"
+NAME="AEN4787"
><SPAN
CLASS="acronym"
>DNS</SPAN
> and the Internet</A
-></H1
+></H2
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4761"
+NAME="AEN4790"
></A
><P
>[RFC1101] <SPAN
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4769"
+NAME="AEN4798"
></A
><P
>[RFC1123] <SPAN
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4776"
+NAME="AEN4805"
></A
><P
>[RFC1591] <SPAN
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4783"
+NAME="AEN4812"
></A
><P
>[RFC2317] <SPAN
STYLE="margin-left=0.5in"
></DIV
></DIV
-><H1
+><H2
CLASS="bibliodiv"
><A
-NAME="AEN4797"
+NAME="AEN4826"
><SPAN
CLASS="acronym"
>DNS</SPAN
> Operations</A
-></H1
+></H2
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4800"
+NAME="AEN4829"
></A
><P
>[RFC1537] <SPAN
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4808"
+NAME="AEN4837"
></A
><P
>[RFC1912] <SPAN
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4816"
+NAME="AEN4845"
></A
><P
>[RFC1912] <SPAN
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4824"
+NAME="AEN4853"
></A
><P
>[RFC2010] <SPAN
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4835"
+NAME="AEN4864"
></A
><P
>[RFC2219] <SPAN
STYLE="margin-left=0.5in"
></DIV
></DIV
-><H1
+><H2
CLASS="bibliodiv"
><A
-NAME="AEN4847"
+NAME="AEN4876"
>Other <SPAN
CLASS="acronym"
>DNS</SPAN
>-related RFCs</A
-></H1
+></H2
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4853"
+NAME="AEN4882"
></A
><P
>[RFC1464] <SPAN
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4860"
+NAME="AEN4889"
></A
><P
>[RFC1713] <SPAN
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4868"
+NAME="AEN4897"
></A
><P
>[RFC1794] <SPAN
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4876"
+NAME="AEN4905"
></A
><P
>[RFC2240] <SPAN
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4883"
+NAME="AEN4912"
></A
><P
>[RFC2345] <SPAN
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4897"
+NAME="AEN4926"
></A
><P
>[RFC2352] <SPAN
STYLE="margin-left=0.5in"
></DIV
></DIV
-><H1
+><H2
CLASS="bibliodiv"
><A
-NAME="AEN4904"
+NAME="AEN4933"
>Obsolete and Unimplemented Experimental RRs</A
-></H1
+></H2
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4906"
+NAME="AEN4935"
></A
><P
>[RFC1712] <SPAN
><H2
CLASS="sect2"
><A
-NAME="AEN4927"
+NAME="AEN4956"
>A.4.3. Other Documents About <SPAN
CLASS="acronym"
>BIND</SPAN
></P
><H3
><A
-NAME="AEN4931"
+NAME="AEN4960"
>Bibliography</A
></H3
><DIV
CLASS="biblioentry"
><A
-NAME="AEN4932"
+NAME="AEN4961"
></A
><P
><SPAN
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
VALIGN="top"
><A
HREF="Bv9ARM.ch08.html"
+ACCESSKEY="P"
>Prev</A
></TD
><TD
VALIGN="top"
><A
HREF="Bv9ARM.html"
+ACCESSKEY="H"
>Home</A
></TD
><TD
>BIND 9 Administrator Reference Manual</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.61
+CONTENT="Modular DocBook HTML Stylesheet Version 1.73
"><LINK
REL="NEXT"
TITLE="Introduction "
></DT
><DT
>3.4.2. <A
-HREF="Bv9ARM.ch03.html#AEN661"
+HREF="Bv9ARM.ch03.html#AEN663"
>Signals</A
></DT
></DL
></DT
><DT
>4.3. <A
-HREF="Bv9ARM.ch04.html#AEN725"
+HREF="Bv9ARM.ch04.html#AEN727"
>Split DNS</A
></DT
><DT
><DL
><DT
>4.4.1. <A
-HREF="Bv9ARM.ch04.html#AEN816"
+HREF="Bv9ARM.ch04.html#AEN818"
>Generate Shared Keys for Each Pair of Hosts</A
></DT
><DT
>4.4.2. <A
-HREF="Bv9ARM.ch04.html#AEN837"
+HREF="Bv9ARM.ch04.html#AEN839"
>Copying the Shared Secret to Both Machines</A
></DT
><DT
>4.4.3. <A
-HREF="Bv9ARM.ch04.html#AEN840"
+HREF="Bv9ARM.ch04.html#AEN842"
>Informing the Servers of the Key's Existence</A
></DT
><DT
>4.4.4. <A
-HREF="Bv9ARM.ch04.html#AEN852"
+HREF="Bv9ARM.ch04.html#AEN854"
>Instructing the Server to Use the Key</A
></DT
><DT
>4.4.5. <A
-HREF="Bv9ARM.ch04.html#AEN868"
+HREF="Bv9ARM.ch04.html#AEN870"
>TSIG Key Based Access Control</A
></DT
><DT
>4.4.6. <A
-HREF="Bv9ARM.ch04.html#AEN881"
+HREF="Bv9ARM.ch04.html#AEN883"
>Errors</A
></DT
></DL
></DD
><DT
>4.5. <A
-HREF="Bv9ARM.ch04.html#AEN885"
+HREF="Bv9ARM.ch04.html#AEN887"
>TKEY</A
></DT
><DT
>4.6. <A
-HREF="Bv9ARM.ch04.html#AEN900"
+HREF="Bv9ARM.ch04.html#AEN902"
>SIG(0)</A
></DT
><DT
><DL
><DT
>4.7.1. <A
-HREF="Bv9ARM.ch04.html#AEN917"
+HREF="Bv9ARM.ch04.html#AEN919"
>Generating Keys</A
></DT
><DT
>4.7.2. <A
-HREF="Bv9ARM.ch04.html#AEN937"
+HREF="Bv9ARM.ch04.html#AEN939"
>Creating a Keyset</A
></DT
><DT
>4.7.3. <A
-HREF="Bv9ARM.ch04.html#AEN949"
+HREF="Bv9ARM.ch04.html#AEN951"
>Signing the Child's Keyset</A
></DT
><DT
>4.7.4. <A
-HREF="Bv9ARM.ch04.html#AEN962"
+HREF="Bv9ARM.ch04.html#AEN964"
>Signing the Zone</A
></DT
><DT
>4.7.5. <A
-HREF="Bv9ARM.ch04.html#AEN978"
+HREF="Bv9ARM.ch04.html#AEN980"
>Configuring Servers</A
></DT
></DL
></DD
><DT
>4.8. <A
-HREF="Bv9ARM.ch04.html#AEN985"
+HREF="Bv9ARM.ch04.html#AEN987"
>IPv6 Support in <SPAN
CLASS="acronym"
>BIND</SPAN
><DL
><DT
>4.8.1. <A
-HREF="Bv9ARM.ch04.html#AEN1001"
+HREF="Bv9ARM.ch04.html#AEN1003"
>Address Lookups Using AAAA Records</A
></DT
><DT
>4.8.2. <A
-HREF="Bv9ARM.ch04.html#AEN1006"
+HREF="Bv9ARM.ch04.html#AEN1008"
>Address Lookups Using A6 Records</A
></DT
><DT
>4.8.3. <A
-HREF="Bv9ARM.ch04.html#AEN1027"
+HREF="Bv9ARM.ch04.html#AEN1029"
>Address to Name Lookups Using Nibble Format</A
></DT
><DT
>4.8.4. <A
-HREF="Bv9ARM.ch04.html#AEN1034"
+HREF="Bv9ARM.ch04.html#AEN1036"
>Address to Name Lookups Using Bitstring Format</A
></DT
><DT
>4.8.5. <A
-HREF="Bv9ARM.ch04.html#AEN1041"
+HREF="Bv9ARM.ch04.html#AEN1043"
>Using DNAME for Delegation of IPv6 Reverse Addresses</A
></DT
></DL
><DL
><DT
>5.1. <A
-HREF="Bv9ARM.ch05.html#AEN1061"
+HREF="Bv9ARM.ch05.html#AEN1063"
>The Lightweight Resolver Library</A
></DT
><DT
></DT
><DT
>6.1.2. <A
-HREF="Bv9ARM.ch06.html#AEN1302"
+HREF="Bv9ARM.ch06.html#AEN1304"
>Comment Syntax</A
></DT
></DL
><DL
><DT
>6.2.1. <A
-HREF="Bv9ARM.ch06.html#AEN1409"
+HREF="Bv9ARM.ch06.html#AEN1411"
><B
CLASS="command"
>acl</B
></DT
><DT
>6.2.3. <A
-HREF="Bv9ARM.ch06.html#AEN1456"
+HREF="Bv9ARM.ch06.html#AEN1458"
><B
CLASS="command"
>controls</B
></DT
><DT
>6.2.5. <A
-HREF="Bv9ARM.ch06.html#AEN1529"
+HREF="Bv9ARM.ch06.html#AEN1531"
><B
CLASS="command"
>include</B
></DT
><DT
>6.2.6. <A
-HREF="Bv9ARM.ch06.html#AEN1534"
+HREF="Bv9ARM.ch06.html#AEN1536"
><B
CLASS="command"
>include</B
></DT
><DT
>6.2.7. <A
-HREF="Bv9ARM.ch06.html#AEN1541"
+HREF="Bv9ARM.ch06.html#AEN1543"
><B
CLASS="command"
>key</B
></DT
><DT
>6.2.8. <A
-HREF="Bv9ARM.ch06.html#AEN1548"
+HREF="Bv9ARM.ch06.html#AEN1550"
><B
CLASS="command"
>key</B
></DT
><DT
>6.2.9. <A
-HREF="Bv9ARM.ch06.html#AEN1566"
+HREF="Bv9ARM.ch06.html#AEN1568"
><B
CLASS="command"
>logging</B
></DT
><DT
>6.2.10. <A
-HREF="Bv9ARM.ch06.html#AEN1606"
+HREF="Bv9ARM.ch06.html#AEN1608"
><B
CLASS="command"
>logging</B
></DT
><DT
>6.2.11. <A
-HREF="Bv9ARM.ch06.html#AEN1837"
+HREF="Bv9ARM.ch06.html#AEN1859"
><B
CLASS="command"
>lwres</B
></DT
><DT
>6.2.12. <A
-HREF="Bv9ARM.ch06.html#AEN1861"
+HREF="Bv9ARM.ch06.html#AEN1883"
><B
CLASS="command"
>lwres</B
></DT
><DT
>6.2.13. <A
-HREF="Bv9ARM.ch06.html#AEN1880"
+HREF="Bv9ARM.ch06.html#AEN1902"
><B
CLASS="command"
>options</B
></DT
><DT
>6.2.14. <A
-HREF="Bv9ARM.ch06.html#AEN2098"
+HREF="Bv9ARM.ch06.html#AEN2127"
><B
CLASS="command"
>options</B
></DT
><DT
>6.2.17. <A
-HREF="Bv9ARM.ch06.html#AEN3011"
+HREF="Bv9ARM.ch06.html#AEN3040"
><B
CLASS="command"
>trusted-keys</B
></DT
><DT
>6.2.18. <A
-HREF="Bv9ARM.ch06.html#AEN3027"
+HREF="Bv9ARM.ch06.html#AEN3056"
><B
CLASS="command"
>trusted-keys</B
></DT
><DT
>6.2.19. <A
-HREF="Bv9ARM.ch06.html#AEN3035"
+HREF="Bv9ARM.ch06.html#AEN3064"
><B
CLASS="command"
>view</B
></DT
><DT
>6.2.20. <A
-HREF="Bv9ARM.ch06.html#AEN3051"
+HREF="Bv9ARM.ch06.html#AEN3080"
><B
CLASS="command"
>view</B
></DT
><DT
>6.2.22. <A
-HREF="Bv9ARM.ch06.html#AEN3202"
+HREF="Bv9ARM.ch06.html#AEN3231"
><B
CLASS="command"
>zone</B
></DD
><DT
>6.3. <A
-HREF="Bv9ARM.ch06.html#AEN3536"
+HREF="Bv9ARM.ch06.html#AEN3565"
>Zone File</A
></DT
><DD
></DT
><DT
>6.3.2. <A
-HREF="Bv9ARM.ch06.html#AEN3891"
+HREF="Bv9ARM.ch06.html#AEN3920"
>Discussion of MX Records</A
></DT
><DT
></DT
><DT
>6.3.4. <A
-HREF="Bv9ARM.ch06.html#AEN4012"
+HREF="Bv9ARM.ch06.html#AEN4041"
>Inverse Mapping in IPv4</A
></DT
><DT
>6.3.5. <A
-HREF="Bv9ARM.ch06.html#AEN4039"
+HREF="Bv9ARM.ch06.html#AEN4068"
>Other Zone File Directives</A
></DT
><DT
>6.3.6. <A
-HREF="Bv9ARM.ch06.html#AEN4097"
+HREF="Bv9ARM.ch06.html#AEN4126"
><SPAN
CLASS="acronym"
>BIND</SPAN
></DT
><DT
>7.2. <A
-HREF="Bv9ARM.ch07.html#AEN4189"
+HREF="Bv9ARM.ch07.html#AEN4218"
><B
CLASS="command"
>chroot</B
><DL
><DT
>7.2.1. <A
-HREF="Bv9ARM.ch07.html#AEN4212"
+HREF="Bv9ARM.ch07.html#AEN4241"
>The <B
CLASS="command"
>chroot</B
></DT
><DT
>7.2.2. <A
-HREF="Bv9ARM.ch07.html#AEN4230"
+HREF="Bv9ARM.ch07.html#AEN4259"
>Using the <B
CLASS="command"
>setuid</B
><DL
><DT
>8.1. <A
-HREF="Bv9ARM.ch08.html#AEN4251"
+HREF="Bv9ARM.ch08.html#AEN4280"
>Common Problems</A
></DT
><DD
><DL
><DT
>8.1.1. <A
-HREF="Bv9ARM.ch08.html#AEN4253"
+HREF="Bv9ARM.ch08.html#AEN4282"
>It's not working; how can I figure out what's wrong?</A
></DT
></DL
></DD
><DT
>8.2. <A
-HREF="Bv9ARM.ch08.html#AEN4256"
+HREF="Bv9ARM.ch08.html#AEN4285"
>Incrementing and Changing the Serial Number</A
></DT
><DT
>8.3. <A
-HREF="Bv9ARM.ch08.html#AEN4261"
+HREF="Bv9ARM.ch08.html#AEN4290"
>Where Can I Get Help?</A
></DT
></DL
><DL
><DT
>A.1. <A
-HREF="Bv9ARM.ch09.html#AEN4277"
+HREF="Bv9ARM.ch09.html#AEN4306"
>Acknowledgements</A
></DT
><DD
><DL
><DT
>A.1.1. <A
-HREF="Bv9ARM.ch09.html#AEN4279"
+HREF="Bv9ARM.ch09.html#AEN4308"
>A Brief History of the <SPAN
CLASS="acronym"
>DNS</SPAN
></DD
><DT
>A.3. <A
-HREF="Bv9ARM.ch09.html#AEN4318"
+HREF="Bv9ARM.ch09.html#AEN4347"
>General <SPAN
CLASS="acronym"
>DNS</SPAN
></DT
><DT
>A.4.3. <A
-HREF="Bv9ARM.ch09.html#AEN4927"
+HREF="Bv9ARM.ch09.html#AEN4956"
>Other Documents About <SPAN
CLASS="acronym"
>BIND</SPAN
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
VALIGN="top"
><A
HREF="Bv9ARM.ch01.html"
+ACCESSKEY="N"
>Next</A
></TD
></TR
projects / thirdparty / bind9.git / commitdiff
