host [-aCdlrTwv] [-c class] [-N ndots] [-t type] [-W timeout] [-R retries] hostname [server]
host [-aCdlrTwv] [-c class] [-N ndots] [-t type] [-W timeout] [-R retries] [-4] [-6] hostname [server]
For more information and a list of available commands and options, see the host man page.
@@ -478,7 +478,7 @@ arndc.key file and not modify
Certain UNIX signals cause the name server to take specific actions, as described in the following table. These signals can be sent using the kill command.
diff --git a/doc/arm/Bv9ARM.ch04.html b/doc/arm/Bv9ARM.ch04.html index 2ce753e0f3..3e004cb7ac 100644 --- a/doc/arm/Bv9ARM.ch04.html +++ b/doc/arm/Bv9ARM.ch04.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -49,29 +49,29 @@Setting up different views, or visibility, of the DNS space to internal and external resolvers is usually referred to as a Split DNS setup. There are several reasons an organization @@ -187,7 +187,7 @@ on the Internet. Split DNS can also be used to allow mail from outside back in to the internal network.
Let's say a company named Example, Inc.
(example.com)
has several corporate sites that have an internal network with reserved
@@ -376,13 +376,13 @@ for TSIG.
-y command line options.
A shared secret is generated to be shared between host1 and host2. An arbitrary key name is chosen: "host1-host2.". The key name must be the same on both hosts.
The following command will generate a 128-bit (16 byte) HMAC-MD5 key as described above. Longer keys are better, but shorter keys are easier to read. Note that the maximum key length is 512 bits; @@ -399,7 +399,7 @@ be used as the shared secret.
The shared secret is simply a random sequence of bits, encoded in base-64. Most ASCII strings are valid base-64 strings (assuming the length is a multiple of 4 and only valid characters are used), @@ -410,13 +410,13 @@ a similar program to generate base-64 encoded data.
This is beyond the scope of DNS. A secure transport mechanism should be used. This could be secure FTP, ssh, telephone, etc.
Imagine host1 and host 2 are
both servers. The following is added to each server's named.conf file:
@@ -437,7 +437,7 @@ response is signed by the same key.Since keys are shared between two hosts only, the server must be told when keys are to be used. The following is added to the
named.conffile for host1, if the IP address of host2 is @@ -460,7 +460,7 @@ sign request messages to host1.BIND allows IP addresses and ranges to be specified in ACL definitions and allow-{ query | transfer | update } directives. @@ -478,7 +478,7 @@ allow-update { key host1-host2. ;};
The processing of TSIG signed messages can result in several errors. If a signed message is sent to a non-TSIG aware server, a FORMERR (format error) will be returned, since @@ -501,7 +501,7 @@ allow-update { key host1-host2. ;};
TKEY is a mechanism for automatically generating a shared secret between two hosts. There are several "modes" of TKEY that specify how the key is @@ -528,7 +528,7 @@ allow-update { key host1-host2. ;};
BIND 9 partially supports DNSSEC SIG(0) transaction signatures as specified in RFC 2535 and RFC2931. SIG(0) uses public/private keys to authenticate messages. Access control @@ -571,7 +571,7 @@ allow-update { key host1-host2. ;}; zone key of another zone above this one in the DNS tree.
The dnssec-keygen program is used to generate keys.
A secure zone must contain one or more zone keys. The @@ -604,7 +604,7 @@ allow-update { key host1-host2. ;};
The dnssec-signzone program is used to sign a zone.
Any
keysetfiles corresponding @@ -625,13 +625,13 @@ allow-update { key host1-host2. ;}; input file for the zone.dnssec-signzone will also produce a keyset and dsset files and optionally a dlvset file. These - are used to provide the parent zone administators with the + are used to provide the parent zone administrators with the
DNSKEYs(or their correspondingDSrecords) that are the secure entry point to the zone.To enable named to respond appropriately to DNS requests from DNSSEC aware clients, @@ -717,7 +717,7 @@ options {
BIND 9 fully supports all currently defined forms of IPv6 name to address and address to name lookups. It will also use IPv6 addresses to make queries when running on an IPv6 capable @@ -746,7 +746,7 @@ options { see the section called “IPv6 addresses (AAAA)”.
The AAAA record is a parallel to the IPv4 A record. It specifies the entire address in a single record. For example,
@@ -761,7 +761,7 @@ host 3600 IN AAAA 2001:db8::1When looking up an address in nibble format, the address components are simply reversed, just as in IPv4, and
@@ -45,13 +45,13 @@ip6.arpa.is appended to the resulting name. diff --git a/doc/arm/Bv9ARM.ch05.html b/doc/arm/Bv9ARM.ch05.html index 0030db14db..8e90a45d9a 100644 --- a/doc/arm/Bv9ARM.ch05.html +++ b/doc/arm/Bv9ARM.ch05.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - +Table of Contents
Traditionally applications have been linked with a stub resolver library that sends recursive DNS queries to a local caching name server.
diff --git a/doc/arm/Bv9ARM.ch06.html b/doc/arm/Bv9ARM.ch06.html index 087159ce89..e32ece1800 100644 --- a/doc/arm/Bv9ARM.ch06.html +++ b/doc/arm/Bv9ARM.ch06.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -48,46 +48,46 @@
address_match_list= address_match_list_element ; [ address_match_list_element; ... ]address_match_list_element= [ ! ] (ip_address [/length] | @@ -253,7 +253,7 @@ are restricted to slave and stub zones.Address match lists are primarily used to determine access control for various server operations. They are also used in the listen-on and sortlist @@ -303,14 +303,14 @@ other 1.2.3.* hosts fall through.
The BIND 9 comment syntax allows for comments to appear anywhere that whitespace may appear in a BIND configuration file. To appeal to programmers of all kinds, they can be written in the C, C++, or shell/perl style.
/* This is a BIND comment as in C */@@ -323,7 +323,7 @@ in the C, C++, or shell/perl style.
Comments may appear anywhere that whitespace may appear in a BIND configuration file.
C-style comments start with the two characters /* (slash, @@ -444,7 +444,7 @@ a per-server basis.
configuration.acl acl-name { address_match_list }; @@ -495,7 +495,7 @@ IPv6 addresses, just like localhostcontrols { inet ( ip_addr | * ) [ port ip_port ] allow {address_match_list} keys {key_list}; @@ -600,12 +600,12 @@ statement: controls { };.includefilename;The include statement inserts the specified file at the point where the include statement is encountered. The include @@ -616,7 +616,7 @@ statement: controls { };.
keykey_id{ algorithmstring; secretstring; @@ -625,7 +625,7 @@ statement: controls { };.The key statement defines a shared secret key for use with TSIG (see the section called “TSIG”) or the command channel @@ -657,7 +657,7 @@ string.
logging { [ channelchannel_name{ ( filepath name@@ -681,7 +681,7 @@ string.The logging statement configures a wide variety of logging options for the name server. Its channel phrase associates output methods, format options and severity levels with @@ -704,7 +704,7 @@ channels, or to standard error if the "
-g" option was specified.All log output goes to one or more channels; you can make as many of them as you want.
Every channel definition must include a destination clause that @@ -1019,7 +1019,7 @@ a delegation-only in a hint or stu
This is the grammar of the lwres statement in the
named.conffile:lwres { @@ -1032,7 +1032,7 @@ statement in thenamed.conffile:The lwres statement configures the name server to also act as a lightweight resolver server. (See the section called “Running a Resolver Daemon”.) There may be multiple @@ -1060,20 +1060,20 @@ exact match lookup before search path elements are appended.
mastersname[portip_port] { (masters_list|ip_addr[portip_port] [keykey] ) ; [...] } ;masters lists allow for a common set of masters to be easily used by multiple stub and slave zones.
This is the grammar of the options statement in the
named.conffile:options { @@ -1702,7 +1702,7 @@ IN-ADDR.ARPA, IP6.ARPA, or IP6.INT).The forwarding facility can be used to create a large site-wide cache on a few servers, reducing traffic over links to external name servers. It can also be used to allow queries by servers that @@ -1734,7 +1734,7 @@ Statement Grammar”.
Dual-stack servers are used as servers of last resort to work around problems in reachability due the lack of support for either IPv4 or IPv6 on the host machine.
@@ -1815,7 +1815,7 @@ from these addresses will not be responded to. The default is +InterfacesThe interfaces and ports that the server will answer queries from may be specified using the listen-on option. listen-on takes an optional port, and an
address_match_list. @@ -1865,7 +1865,7 @@ the server will not listen on any IPv6 address.If the server doesn't know the answer to a question, it will query other name servers. query-source specifies the address and port used for such queries. For queries sent over @@ -2056,7 +2056,7 @@ but applies to notify messages sent to IPv6 addresses.
avoid-v4-udp-ports and avoid-v6-udp-ports specify a list of IPv4 and IPv6 UDP ports that will not be used as system @@ -2069,7 +2069,7 @@ to query again.
The server's usage of many system resources can be limited. Scaled values are allowed when specifying resource limits. For example, 1G can be used instead of @@ -2113,7 +2113,7 @@ may use. The default is
default.The following options set limits on the server's resource consumption that are enforced internally by the server rather than the operating system.
@@ -2167,7 +2167,7 @@ silently raised.
- cleaning-interval
The server will remove expired resource records @@ -2662,7 +2662,7 @@ For more details, see the description of
trusted-keys {stringnumbernumbernumberstring; [stringnumbernumbernumberstring; [...]] @@ -2671,7 +2671,7 @@ For more details, see the description ofThe trusted-keys statement defines @@ -2714,7 +2714,7 @@ For more details, see the description of
The view statement is a powerful new feature of BIND 9 that lets a name server answer a DNS query differently depending on who is asking. It is particularly useful for implementing @@ -2916,10 +2916,10 @@ zone
zone_name[
@@ -3032,7 +3032,7 @@ from forwarders. The zone's name may optionally be followed by a class. If a class is not specified, class
@@ -3042,12 +3042,12 @@ used to share information about various systems databases, such as users, groups, printers and so on. The keywordIN(forInternet), is assumed. This is correct for the vast majority of cases.HSis a synonym for hesiod. -Another MIT development is CHAOSnet, a LAN protocol created +
Another MIT development is Chaosnet, a LAN protocol created in the mid-1970s. Zone data for it can be specified with the
CHAOSclass.
- allow-notify
See the description of @@ -3295,7 +3295,7 @@ name, the rules are checked for each existing record type.
@@ -3305,7 +3305,7 @@ Since the publication of RFC 1034, several new RRs have been identified and implemented in the DNS. These are also included.A domain name identifies a node. Each node has a set of resource information, which may be empty. The set of resource information associated with a particular name is composed of @@ -3524,7 +3524,7 @@ are currently valid in the DNS:
CH
-CHAOSnet, a LAN protocol created at MIT in the mid-1970s. +Chaosnet, a LAN protocol created at MIT in the mid-1970s. Rarely used for its historical purpose, but reused for BIND's built-in server information zones, e.g.,
version.bind. @@ -3564,7 +3564,7 @@ used as "pointers" to other data in the DNS.RRs are represented in binary form in the packets of the DNS protocol, and are usually represented in highly encoded form when stored in a name server or resolver. In the examples provided in @@ -3654,7 +3654,7 @@ each of a different class.
As described above, domain servers store information as a series of resource records, each of which contains a particular piece of information about a given domain name (which is usually, @@ -3771,7 +3771,7 @@ can be explicitly specified, for example,
1h30m.Reverse name resolution (that is, translation from IP address to name) is achieved by means of the in-addr.arpa domain and PTR records. Entries in the in-addr.arpa domain are made in @@ -3802,14 +3802,14 @@ in the [example.com] domain:
Note
The $ORIGIN lines in the examples -are for providing context to the examples only-they do not necessarily +are for providing context to the examples only — they do not necessarily appear in the actual usage. They are only used here to indicate that the example is relative to the listed origin.
The Master File Format was initially defined in RFC 1035 and has subsequently been extended. While the Master File Format itself is class independent all records in a Master File must be of the same @@ -3818,7 +3818,7 @@ class.
and $TTL.Syntax: $ORIGIN
domain-name[comment]$ORIGIN sets the domain name that will @@ -3833,7 +3833,7 @@ WWW CNAME MAIN-SERVER
Syntax: $INCLUDE
@@ -3857,7 +3857,7 @@ This could be construed as a deviation from RFC 1035, a feature, or both.filename[origin] [comment]Syntax: $TTL
@@ -3868,7 +3868,7 @@ with undefined TTLs. Valid TTLs are of the range 0-2147483647 seconds.default-ttl[comment]Syntax: $GENERATE
rangelhs[ttl] [class]typerhs[comment]$GENERATE is used to create a series of resource records that only differ from each other by an iterator. $GENERATE can diff --git a/doc/arm/Bv9ARM.ch07.html b/doc/arm/Bv9ARM.ch07.html index b9837bfeee..781734c588 100644 --- a/doc/arm/Bv9ARM.ch07.html +++ b/doc/arm/Bv9ARM.ch07.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - +
@@ -46,11 +46,11 @@Table of Contents
@@ -102,7 +102,7 @@ see the AUSCERT advisory at
- Access Control Lists
-- Chroot and Setuid (for +
- Chroot and Setuid (for UNIX servers)
- Dynamic Update Security
On UNIX servers, it is possible to run BIND in a chrooted environment (using the chroot() function) by specifying the "
-t" @@ -117,7 +117,7 @@ user 202:
/usr/local/bin/named -u 202 -t /var/namedIn order for a chroot environment to work properly in a particular directory (for example,
/var/named), @@ -142,7 +142,7 @@ to set up things likePrior to running the named daemon, use the touch utility (to change file access and modification times) or the chown utility (to diff --git a/doc/arm/Bv9ARM.ch08.html b/doc/arm/Bv9ARM.ch08.html index 446260ae73..7249486697 100644 --- a/doc/arm/Bv9ARM.ch08.html +++ b/doc/arm/Bv9ARM.ch08.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - +
@@ -45,18 +45,18 @@Table of Contents
The best solution to solving installation and configuration issues is to take preventative measures by setting up logging files beforehand. The log files provide a @@ -66,7 +66,7 @@
Zone serial numbers are just numbers — they aren't date related. A lot of people set them to a number that represents a date, usually of the form YYYYMMDDRR. A number of people @@ -87,7 +87,7 @@
The Internet Software Consortium (ISC) offers a wide range of support and service agreements for BIND and DHCP servers. Four levels of premium support are available and each level includes diff --git a/doc/arm/Bv9ARM.ch09.html b/doc/arm/Bv9ARM.ch09.html index aa5cd98493..26534b6d39 100644 --- a/doc/arm/Bv9ARM.ch09.html +++ b/doc/arm/Bv9ARM.ch09.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - +
@@ -43,24 +43,24 @@Table of Contents
Although the "official" beginning of the Domain Name System occurred in 1984 with the publication of RFC 920, the @@ -96,7 +96,7 @@ employee on loan to the CSRG, worked on BIND to 1987. Many other people also contributed to BIND development during that time: Doug Kingston, Craig Partridge, Smoot Carl-Mitchell, Mike Muuss, Jim Bloom and Mike Schwartz. BIND maintenance was subsequently -handled by Mike Karels and O. Kure.
+handled by Mike Karels and Řivind Kure.BIND versions 4.9 and 4.9.1 were released by Digital Equipment Corporation (now Compaq Computer Corporation). Paul Vixie, then a DEC employee, became BIND's primary caretaker. He was assisted @@ -108,9 +108,23 @@ Wolfhugel, and others.
Vixie became BIND's principal architect/programmer.BIND versions from 4.9.3 onward have been developed and maintained by the Internet Software Consortium with support being provided -by ISC's sponsors. As co-architects/programmers, Bob Halley and +by ISC's sponsors. +
+As co-architects/programmers, Bob Halley and Paul Vixie released the first production-ready version of BIND version 8 in May 1997.
++ BIND version 9 was released in September 2000 and is a + major rewrite of nearly all aspects of the underlying + BIND architecture. +
++ BIND version 4 is officially deprecated and BIND version + 8 development is considered maintenance-only in favor + of BIND version 9. No additional development is done + on BIND version 4 or BIND version 8 other than for + security-related patches. +
BIND development work is made possible today by the sponsorship of several corporations, and by the tireless work efforts of numerous individuals.
@@ -263,17 +277,17 @@ the number of the RFC). RFCs are also available via the Web at@@ -281,22 +295,22 @@ Specification. November 1987.Standards
-[RFC974] Mail Routing and the Domain System. January 1986.
+[RFC974] Mail Routing and the Domain System. January 1986.
Proposed Standards
-[RFC2181] Clarifications to the DNS Specification. July 1997.
+[RFC2181] Clarifications to the DNS Specification. July 1997.
-[RFC2308] Negative Caching of DNS Queries. March 1998.
+[RFC2308] Negative Caching of DNS Queries. March 1998.
-[RFC1995] Incremental Zone Transfer in DNS. August 1996.
+[RFC1995] Incremental Zone Transfer in DNS. August 1996.
-[RFC1996] A Mechanism for Prompt Notification of Zone Changes. August 1996.
+[RFC1996] A Mechanism for Prompt Notification of Zone Changes. August 1996.
-[RFC2136] Dynamic Updates in the Domain Name System. April 1997.
+[RFC2136] Dynamic Updates in the Domain Name System. April 1997.
-[RFC2845] Secret Key Transaction Authentication for DNS (TSIG). May 2000.
+[RFC2845] Secret Key Transaction Authentication for DNS (TSIG). May 2000.
@@ -307,85 +321,85 @@ Specification. November 1987. RFCs are undergoing major revision by the IETF.-[RFC1886] DNS Extensions to support IP version 6. December 1995.
+[RFC1886] DNS Extensions to support IP version 6. December 1995.
-[RFC2065] Domain Name System Security Extensions. January 1997.
+[RFC2065] Domain Name System Security Extensions. January 1997.
-[RFC2137] Secure Domain Name System Dynamic Update. April 1997.
+[RFC2137] Secure Domain Name System Dynamic Update. April 1997.
Other Important RFCs About DNS Implementation
-[RFC1535] A Security Problem and Proposed Correction With Widely Deployed DNS Software.. October 1993.
+[RFC1535] A Security Problem and Proposed Correction With Widely Deployed DNS Software.. October 1993.
Resource Record Types
-[RFC1706] DNS NSAP Resource Records. October 1994.
+[RFC1706] DNS NSAP Resource Records. October 1994.
-[RFC2168] Resolution of Uniform Resource Identifiers using +
[RFC2168] Resolution of Uniform Resource Identifiers using the Domain Name System. June 1997.
-[RFC1876] A Means for Expressing Location Information in the Domain +
[RFC1876] A Means for Expressing Location Information in the Domain Name System. January 1996.
-[RFC2052] A DNS RR for Specifying the Location of +
[RFC2052] A DNS RR for Specifying the Location of Services.. October 1996.
DNS and the Internet
-[RFC1101] DNS Encoding of Network Names and Other Types. April 1989.
+[RFC1101] DNS Encoding of Network Names and Other Types. April 1989.
-[RFC1123] Requirements for Internet Hosts - Application and Support. October 1989.
+[RFC1123] Requirements for Internet Hosts - Application and Support. October 1989.
DNS Operations
-[RFC1537] Common DNS Data File Configuration Errors. October 1993.
+[RFC1537] Common DNS Data File Configuration Errors. October 1993.
-[RFC1912] Common DNS Operational and Configuration Errors. February 1996.
+[RFC1912] Common DNS Operational and Configuration Errors. February 1996.
@@ -396,28 +410,28 @@ Conformant Global Address Mapping. January 1998 DNS-related, are not concerned with implementing software.-[RFC1464] Using the Domain Name System To Store Arbitrary String Attributes. May 1993.
+[RFC1464] Using the Domain Name System To Store Arbitrary String Attributes. May 1993.
-[RFC1713] Tools for DNS Debugging. November 1994.
+[RFC1713] Tools for DNS Debugging. November 1994.
-[RFC1794] DNS Support for Load Balancing. April 1995.
+[RFC1794] DNS Support for Load Balancing. April 1995.
-[RFC2240] A Legal Basis for Domain Name Allocation. November 1997.
+[RFC2240] A Legal Basis for Domain Name Allocation. November 1997.
-[RFC2345] Domain Names and Company Name Retrieval. May 1998.
+[RFC2345] Domain Names and Company Name Retrieval. May 1998.
-[RFC2352] A Convention For Using Legal Names as Domain Names. May 1998.
+[RFC2352] A Convention For Using Legal Names as Domain Names. May 1998.
@@ -437,14 +451,14 @@ after which they are deleted unless updated by their authors.Obsolete and Unimplemented Experimental RRs
-diff --git a/doc/arm/Bv9ARM.html b/doc/arm/Bv9ARM.html index 87ef41d2ff..eb00094a81 100644 --- a/doc/arm/Bv9ARM.html +++ b/doc/arm/Bv9ARM.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -83,7 +83,7 @@DNS and BIND. Copyright © 1998 Sebastopol, CA: O'Reilly and Associates.
+DNS and BIND. Copyright © 1998 Sebastopol, CA: O'Reilly and Associates.
Name Server Operations 4. Advanced DNS Features @@ -92,34 +92,34 @@Dynamic Update Incremental Zone Transfers (IXFR) -Split DNS -+ Split DNS +TSIG - -
- Generate Shared Keys for Each Pair of Hosts
-- Copying the Shared Secret to Both Machines
-- Informing the Servers of the Key's Existence
-- Instructing the Server to Use the Key
-- TSIG Key Based Access Control
-- Errors
+- Generate Shared Keys for Each Pair of Hosts
+- Copying the Shared Secret to Both Machines
+- Informing the Servers of the Key's Existence
+- Instructing the Server to Use the Key
+- TSIG Key Based Access Control
+- Errors
TKEY -SIG(0) +TKEY +SIG(0) DNSSEC - IPv6 Support in BIND 9 +IPv6 Support in BIND 9 5. The BIND 9 Lightweight Resolver 6. BIND 9 Configuration Reference @@ -127,77 +127,77 @@Configuration File Elements Configuration File Grammar - -
- acl Statement Grammar
+- acl Statement Grammar
- acl Statement Definition and Usage
-- controls Statement Grammar
+- controls Statement Grammar
- controls Statement Definition and Usage
-- include Statement Grammar
-- include Statement Definition and Usage
-- key Statement Grammar
-- key Statement Definition and Usage
-- logging Statement Grammar
-- logging Statement Definition and Usage
-- lwres Statement Grammar
-- lwres Statement Definition and Usage
-- masters Statement Grammar
-- masters Statement Definition and Usage
-- options Statement Grammar
+- include Statement Grammar
+- include Statement Definition and Usage
+- key Statement Grammar
+- key Statement Definition and Usage
+- logging Statement Grammar
+- logging Statement Definition and Usage
+- lwres Statement Grammar
+- lwres Statement Definition and Usage
+- masters Statement Grammar
+- masters Statement Definition and Usage
+- options Statement Grammar
- options Statement Definition and Usage
- server Statement Grammar
- server Statement Definition and Usage
-- trusted-keys Statement Grammar
-- trusted-keys Statement Definition +
- trusted-keys Statement Grammar
+- trusted-keys Statement Definition and Usage
- view Statement Grammar
-- view Statement Definition and Usage
+- view Statement Definition and Usage
- zone Statement Grammar
-- zone Statement Definition and Usage
+- zone Statement Definition and Usage
Zone File +Zone File
- Types of Resource Records and When to Use Them
-- Discussion of MX Records
+- Discussion of MX Records
- Setting TTLs
-- Inverse Mapping in IPv4
-- Other Zone File Directives
-- BIND Master File Extension: the $GENERATE Directive
+- Inverse Mapping in IPv4
+- Other Zone File Directives
+- BIND Master File Extension: the $GENERATE Directive
7. BIND 9 Security Considerations 8. Troubleshooting A. Appendices