1. Module 4 DNS Installation

2. DNS Software BIND (80+ %) www.isc.org Berkeley Internet Name Domain NSD (Name Server Daemon) www.nlnetlabs.nl/projects/nsd Authoritative DNS Only UNBOUND unbound.net Caching DNS only

3. DNS Software - BIND Bind runs on: Linux BSD (Free/Open/NetBSD) Windows (Server 2000, 2003, XP, Vista, 7) Lots of *nix systems Out-of-the-box installs on most Linux distributions and RPMs BSD – Ports system Windows – zipped.exe (runs as a service) Daemon name is named

4. BIND chroot/jail/sandbox Most distributions default to chroot install /var/named /var/named/chroot Chroot is a matter of taste but important in secure environments Chroot limits all daemon access to a defined path (adds base to all paths) Invoked with –t option when bind loads -u named limits access to named account

5. Exercise Install BIND on your PC Uses latest BIND9 Default path: %systemroot%\system32\dns %systemroot%\sysWOW64\dns

6. BIND – run time Starting BIND /etc/rc.d/init.d/named start named –u named [-t /path/] Stopping BIND /etc/rc.d/init.d/named stop ps ax |grep named, Kill PID Windows Control uses: Administrative tools->Services

7. BIND Control - rndc rndc tool with bind installation Allows remote access to bind Default install enables rndc Disable with empty controls clause controls {}; Before use must run to set up default key: rndc-confgen -a

8. BIND – rndc commands Flush – flush cache(s) Freeze zone – stop DDNS activity Thaw zone – restart DDNS activity Halt – immediate stop (no restart) Status – BIND status Reload – reload config file and all zones (keeps cache) Refresh zone – force zone transfer Stop – graceful stop (no restart)

9. Quick Quiz Name 2 Open Source DNS implementations? What is the name of BIND's daemon (process)? What is the name of the remote control tool? Did your installation work?