To study Berkeley Internet Name Domain (BIND) in LINUX
BIND
AIM:
To study Berkeley Internet Name Domain (BIND) in LINUX
THEORY:
BIND (Berkeley Internet Name Domain, previously: Berkeley Internet Name Daemon) is the most commonly used DNS server on the Internet, especially on UNIX systems, where it is a de facto standard. Supported by Internet Systems Consortium. BIND was originally created by four graduate students with CSRG at the University of California, Berkeley and first released with 4.3BSD. Paul Vixie started maintaining it in 1988 while working for DEC.
A new version of BIND (BIND 9) was written from scratch in part to address the architectural difficulties with auditing the earlier BIND code bases, and also to support DNSSEC (DNS Security Extensions). Other important features of BIND 9 include: TSIG, DNS notify, nsupdate, IPv6, rndc flush, views, multiprocessor support, and improved portability architecture. It is commonly used on Linux systems.
History:
BIND was originally written in the early 1980s under a DARPA grant. In the mid-1980s, DEC employees took over BIND development. One of these employees was Paul Vixie, who continued to work on BIND after leaving DEC. He eventually helped start the ISC, which became the entity responsible for maintaining BIND.
The development of BIND 9 was done with a combination of commercial and military contracts. Most of the features of BIND 9 were funded by UNIX vendors who wanted to ensure that BIND stayed competitive with Microsoft’s DNS offerings; the DNSSEC features were funded by the US military who felt that DNS security was important.
Criticisms:
Like Sendmail, WU-FTPD, and other systems dating back to the earlier laissez-faire days of the Internet, BIND 4 and BIND 8 have had a large number of serious security vulnerabilities over the years. BIND 9, being a rewrite, has a much better security history.
GeoDNS:
GeoDNS is a 40-line patch to BIND to allow split horizon DNS, such that different requesters receive different responses, depending on proximity.
In this way if a website has, for example, a French server, a US server and a South Korean server, they can easily specify that people in Europe go to the French server, people in East Asia go to the Korean server and those in the rest of the world be served by the American server. This can give improved performance and potentially lower costs than a single hosting location or a round robin DNS setup.
As it is DNS based, it is much easier to deploy than BGP any cast. It does not require any support from the ISP and will not break existing connections when the server selected for a particular client changes. However, as it is not intimately tied into the network infrastructure it is likely to be less accurate at sending data to the nearest server.
CONCLUSION:
Thus we have successfully studied the application of BIND in Linux.
Leave a Reply