Pro DNS and BIND

This page contains my supplementary notes (marked N) and any discovered errata (marked E) under each chapter and appendix. Unless otherwise noted if an error affects a file or a fragment, the latest copy of the files (on left hand menu) will include the correction - see Change Log in readme.txt for details.

Notes and Errata

Chapter 1, "An Introduction to DNS" (18 pages)

(E) First Note on Page 5. Those skilled in simple arithmetic who read this before the year 2013 will note that 'over a quarter of a century' is not correct. If you will allow a modest bit of hyperbole perhaps I could get away with 'almost a quarter of a century'. In any case the last sentence of this note holds true. A core, heavily used Internet technology, is still in every day use after all this time.

(N) Page 9. Root DNS Operations. The book was written before the most recent controversy over the US Dept. of Commerce's statements on ICANN oversight embodied in the MOU. The historic 'light rein' approach taken by the Dept. of Commerce, which has apparently now ended, probably requires a more thorough - but short - explanation of the relationship with the detail added to Appendix A

Chapter 2,"Zone Files and Resource Records" (18 pages)

Chapter 3,"DNS Operations" (20 pages)

(E) The PTR RR description on page 30 confuses good practice with functionality. The text incorrectly states that only one PTR RR may be defined for any IP address. As with most other RRs, multiple PTR RRs may be defined. However a number of tests were run during the writing of the book on a captive network and where multiple PTR RRs were defined, and the mail server PTR record was not the first, then the test SMTP system refused to accept mail. In this case multiple PTR RRs were returned and the SMTP server did not iterate through the RRset. It has been brought to the author's attention that not all SMTP systems would fail in this way. Nevertheless to be absolutely safe it is recommended that to ensure all SMTP servers will handle mail correctly that where a host provides multiple services, one of which is mail, then a single PTR RR defining the name of the mail host should appear in the reverse map zone file.

Chapter 4,"DNS Types" (14 pages)

Chapter 5, "DNS and IPv6" (13 pages)

Chapter 6, "Installing BIND" (21 pages)

Chapter 7,"BIND Type Samples" (32 pages)

Many thanks for the helpful comments received on this chapter from Florian Dazinger.

(N) General. A pid-file statement should be added to each general options clause in case the distribution/configure was incorrectly defined. All samples should show a Closed DNS (disallowing recursive queries from non-local sources unless required). The sample configuration files have been enhanced.

(E) Slave DNS Server Page 136 brackets () in masters statement in example.con zone clause should be braces {}:

 // shown as masters (192.168.254.2;); should be
 masters {192.168.254.2;};

(E) Fowarding DNS Server Page 140 missing semi-colon in allow-transfers statement in main options clause:

 // shown as allow-transfer {"none"}; should be
 allow-transfer {"none";};

(E) Authoritative-only DNS Server Page 146 missing semi-colon in allow-transfers statement in main options clause:

 // shown as allow-transfer {"none"}; should be
 allow-transfer {"none";};

Corrections added to downloadable files.

Chapter 8, "Common DNS Tasks" (25 pages)

(E) Define an SPF Record section, pages 173, 174 (macro-expansion) and page 177 (macro expansion example) all incorrectly use parenthesis as the enclosing method - this is incorrect and should be replaced with braces - curly brackets {}.

(E) Out-of-Sequence Serial Numbers section (page 179). In the sentence beginning "Assuming the changed serial number was set to 2004022900" the serial number is incorrect and should read "Assuming the changed serial number was set to 2003022900" but does not otherwise affect the described corrective solution.

Chapter 9, "DNS Diagnostics and Tools" (47 pages)

Chapter 10,"DNS Secure Configurations" (41 pages)

(E) Figure 10-2 incorrectly reproduces Figure 10-1. The author's original (highly non-professional) diagram is reproduced here to illustrate the use of shared-secret cryptography.

Figure 10-2 Symmetric, or shared-secret, cryptography

Chapter 11,"DNSSEC" (44 pages)

(E) Figure 11-7 Page 323. The diagram contains the text div.example.net in two locations. This should be dlv.example.net which is referenced in the text.

Chapter 12,"BIND Configuration Reference" (72 pages)

(E) Page 392. forward statement. The last sentence should read 'This statement may be used in a zone, view or global options clause.'

(E) Page 395. The sortlist statement example is missing a level of braces. The statement in the book is syntactically correct but will not give the desired results as described in the following text. The following is correct and contains further comments to assist readers. Many thanks to David Nolan for pointing this out.

options {
    ....
    sortlist {
    {// 1st preference block start
     192.168.4/24;  // 1st client IP selection matches any of these
     {10.2/16;   // return any of these response IPs as 1st preference
      172.17.4/24;  // 2nd preference
     };
    }; // end first block
    { // second preference block
     192.168.5/24;  // 1st client IP selection matches any of these
     {192.168.4/24;   // return any of these response IPs as 1st preference
      172.17.4/24;  // 2nd preference
      10.2/16;  // 3rd preference
     };
    }; // end second block
   }; // end sortlist
};

The text

Chapter 13,"Zone File Reference" (66 pages)

(N) DLV is described in RFC 4431 which has Informational status only.

Chapter 14,"BIND APIs and Resolver Libraries" (31 pages)

(E) Page 498. The second last line should read ".. , respectively getaddrinfo() and getnameinfo() should be used for all new"

Chapter 15,"DNS Messages and Records" (23 pages)

Appendix A,"Domain Name Registration" (8 pages)

(N) Additional FAQ about the ICANN/US Dept. of Commerce MOU.

Appendix B,"DNS RFCs" (3 pages)

Additional Material

In addition, the author maintains a web site about the book (www.netwidget.net/books/ apress/dns) that covers additional material, including links to alternative DNS software, resolver language bindings, and background reading on various topics covered in the book, which may be of use to the reader.

---

Problems, comments, suggestions, corrections (including broken links) or some thing to add? Please take the time from a busy life to 'mail me' (at top of screen), the webmaster (below) or info-support at netwidget. You will have a warm inner glow for the rest of the day.