Consider configuring servers even if you are not creating your own
zones. If you configure a secondary server for the zones (forward and
reverse) where your hosts are members and point your hosts to that
secondary server, the BIND service will continue to work for local
names even if you lose your link to the outside world.
6.4.1 Server Selection Guidelines
Study your network and keep in mind the following guidelines to help you achieve your goals:
The primary server is the authority, or best source of information, for one or more zones. You need one primary server for each zone in your domain hierarchy.
Every time a host changes addresses or servers, update the forward and reverse zone files on the primary server. If your zone has many hosts, consider dividing the zone into separate subzones, to balance the administrative work.
A primary server can also be a primary or a secondary server for other
zones that exist in a contiguous or non-contiguous part of the name
space.
6.4.3 Selecting Secondary Servers
Your strategy for configuring secondary servers is especially important in the initial stages of BIND operation. Once a resolver establishes a cache of frequently used names, the server will rarely need to locate a copy of the information it needs. However, well-planned copying of zone files can make the server's process of learning about names in a large network easier and more efficient.
When selecting secondary servers for large networks, consider the following guidelines to enhance BIND service performance:
There are no special requirements for caching-only servers. Follow the
guidelines in Section 6.4.1.
6.4.5 Selecting Forwarder and Slave Servers
You can configure any server to act as a forwarder server. A BIND server can use a forwarder server to resolve queries. Because a forwarder server accepts queries from many other servers, it can develop an extensive cache compared to caches on other servers. Having a forwarder server in your zone can reduce the total number of queries from the zone to the rest of the Internet.
Configure slave servers if you do not want specific hosts to have
access to the Internet or you want to restrict the server to using only
specified forwarder servers. If you have a slave server in your zone,
you must have a forwarder server as well.
6.4.6 Determining Server Placement for LANs and Extended LANs
You might be able to use just one server on a LAN. Factors influencing your decision can include the expected lookup load and how you want to distribute it, and the capacity of the systems that you plan to use as BIND servers.
On extended LANs, consider the reliability of the bridge connecting the
LANs. If the bridge is frequently unavailable, you might want one
server on each side of the bridge. However, if the bridge is reliable,
one server on the LAN may be adequate.
6.4.7 Determining Server Placement for Sites Connected by a WAN
When planning the placement of BIND servers in a wide area network (WAN) environment, avoid connections through WAN links. WAN links are not usually stable. Place BIND servers so that most systems can access at least one server even if a WAN connection is unavailable.
At small sites connected to the rest of the network through a WAN, a BIND server is not necessary if the small site only occasionally uses resources on the other side of the WAN link. For example, if users at a small site sometimes contact nodes at the company's headquarters, it is probably sufficient to store the node names at headquarters, and it is not necessary to configure a BIND server at the small site. Remember that once the BIND resolver at the small site caches frequently used names, they will rarely need to cross a WAN link for lookups.
Conversely, if a small site has many domains, configure a server there.
Also, if you expect users to make frequent name changes, create a zone
and store the information at the site's server. This further reduces
WAN traffic and improves performance.
6.5 Planning Domain Registration
After you plan your domains and zones, your next steps are to create the necessary server files and to register zone and domain information with the upper-level domain administrator and zone technical contact. See Appendix A for information about domain registration.
The InterNIC---the Internet Network Information Center---is a cooperative activity between the National Science Foundation, Network Solutions, Inc., and AT&T that offers four basic services:
The InterNIC Registration Services maintain Requests for Comments (RFCs) and documents related to the Domain Name System (DNS). The InterNIC Registration Services also provide Internet domain registration for a small yearly fee.
The other InterNIC services offer an array of tools, resources, databases, and publications of interest to the Internet community.
You can access the InterNIC's web site at
http://rs.internic.net for up-to-date information or to
receive RFCs, DNS documentation, and current domain registration
prices. If you do not yet have Internet access, you can download copies
of RFCs and DNS documents, with either the automated mail service or
FTP as described in this appendix.
A.1 Using the Automated Mail Service to Download Documents
Use this service to retrieve DNS-related documents with electronic mail. Send a mail message to MAILSERV@RS.INTERNIC.NET (the body message is unimportant; it is generally ignored). In the SUBJECT field, type one of the following to specify the service you want:
| HELP | Returns the list of services you can request. |
| INDEX | Returns the master list of available index files. |
| NETINFO xxx | Returns a specified file --- xxx is a file name or the word INDEX. |
| RFC nnn | Returns the specified Request for Comments (RFC) --- nnn is the RFC number or the word INDEX. |
| SEND xxx | Returns the specified file --- xxx is a fully qualified file name. |
| WHOIS xxx | Returns information about the specified entity (domains, network numbers, etc.) --- use WHOIS HELP to receive information about using the WHOIS program. |
For example, you could type NETINFO DOMAIN-TEMPLATE.TXT to receive the domain registration template, or you could type RFC 1033 to receive the RFC 1033 file.
The message body is generally ignored. The automated mail service
breaks large files into smaller separate mail messages.
A.2 Using FTP to Download Documents
Retrieve public files using FTP as follows:
To register your network, autonomous system and domains, complete the appropriate templates (see Table A-1) and return them to the InterNIC Registration Services; you can use either postal mail or electronic mail (see Section A.3.2 for the postal mailing address). The process for using the automatic registration is as follows:
Use the templates listed in Table A-1 to register your domains, networks, and autonomous systems.
| If Registering This: | Use This Template: |
|---|---|
| Network | templates/internet-number-template.txt |
| Autonomous system | netinfo/asn-template.txt |
| Domains | templates/domain-template.txt |
A.3.2 Registration Services User Assistance
You can contact the InterNIC using the Internet, postal mail, or the
telephone. If you have questions about the registration services or
want to mail your registration templates electronically, follow the
procedures on the http://rs.internic.net web site. To use
postal mail for questions or mailing of your registration templates,
send to:
This glossary defines terms that explain the features and operation of DIGITAL TCP/IP Services for OpenVMS (UCX).
absolute path name: A path name that starts with a
slash (/); specifies a file that can be found by starting at the root
of the file system and traversing the file tree.
absolute time: A point on a time scale.
abstract syntax: The description of a data structure
that is independent of host structures or codes.
Abstract Syntax Notation One (ASN.1): The language
used by ISO protocols for describing abstract syntax. Most notable use
in TCP/IP is for Simple Network Management Protocol (SNMP) and the
Management Information Base I & II (MIB-I & MIB-II). The rules
of ASN.1 are independent of the encoding techniques used to represent
them.
access control information: A character string with
login information that validates connect or login at a remote host.
access control list (ACL): A list that defines the
kinds of access to be granted or denied to users.
access rights: A set of privileges that determines
what users can do.
ACK: See acknowledgment.
acknowledgment (ACK): A type of message sent to
indicate that a block of data arrived at its destination without error.
A control bit (acknowledgment flag) in the TCP header indicates that
the acknowledgment number field is significant for each segment in a
packet.
ACL: See access control list.
ACP: See ancillary control
process.
active port: A port that is bound to a process.
address: A number or group of numbers that uniquely
identifies a network node within its own network or internet. (See
also IP address and hardware
address.)
address mask: A 32-bit mask used to identify which
bits in an IP address correspond to the network and subnet portions of
the address.
address resolution: The process of relating a logical
address to a physical address, when both refer to the same device, for
example, conversion of an IP address into the corresponding Ethernet,
Token Ring, or FDDI hardware address. This may require broadcasting on
a local network. See also Address Resolution
Protocol.
Address Resolution Protocol (ARP): The protocol that
dynamically binds IP addresses to either Ethernet or FDDI addresses;
limited to physical network systems that support broadcast packets that
can be heard by all hosts on the network. See also
proxy ARP.
addressing: The function that ensures that network
systems are correctly identified at all times.
addressing authority: The authority, such as the
American National Standards Institute (ANSI), responsible for assigning
Network Interface layer addresses within an addressing domain.
addressing domain: A level in a hierarchy of Network
Interface layer addresses.
adjacency: A single connection to an adjacent node;
collection of state information representing a node in the local node's
routing databases.
adjacency address: An address that identifies a local
subnet access point and a subnet address of an adjacent system.
adjacent nodes: The nodes with direct lines between
them; can communicate without an intermediate system. For example, all
nodes on an Ethernet LAN are adjacent to each other.
administrative domain: A group of hosts, routers, and
networks operated and managed by a single organization. Routing within
an administrative domain is based on a consistent technical plan. An
administrative domain is viewed from the outside, for purposes of
routing, as a cohesive entity, of which the internal structure is
unimportant. Information passed by other administrative domains is
trusted less than information from one's own administrative domain.
aged packet: A data packet that is discarded because
it exceeded the maximum number of visits while being forwarded through
the network.
agent: A system that acts on behalf of another system.
(1) Client/server model: Part of the system that initiates, prepares,
and exchanges information preparation on behalf of a client or server
application. (2) Network management: Portion of an entity that responds
to management requests and/or preprogrammed trap.
agent access module: The portion of an agent
responsible for the agent's end of SNMP.
agent access point: The instance of a connection
between a client or director and a server or agent.
agent address: An address that specifies the
information needed by a director to establish communications with the
agent's management interface.
agent attributes: The attributes maintained by the
agent; do not cross the internal management interface.
aggregate throughput: See
throughput.
alias: A name, usually easy to remember, that is
translated from a different name, usually difficult to remember. Most
often used as an optional alternate name for a host. See also
host name.
alias node identifier: An optional node name used by
some or all nodes in an OpenVMS cluster, allows them to be treated as
one node.
alternate address notation: The internet address
notation that conveys the same information as the common notation, but
consists of two parts: network and host.
American National Standards Institute (ANSI): The
organization that coordinates U.S. standards in many areas, including
computers and communications.
American Standard Code for Information Interchange
(ASCII): The standard character set that assigns an octal
sequence to each letter, number, and selected control characters.
ancillary control process (ACP): The process that acts
as an interface between user software and an I/O driver; provides
functions supplementary to those performed in the driver, such as file
and directory management.
anonymous (FTP): A convention of the File Transfer
Protocol that allows individuals who do not have explicit authorization
to transfer files to and from a host anonymously. The individual
usually logs in with a generic user ID and e-mail address as password.
ANSI: See American National Standard
Institute.
API: See application programming
interface.
application: A program that provides functionality for
end users of systems.
Application layer: The top-most layer in the Internet
architecture model where the user interacts with an application such as
Network File Service (NFS), File Transfer Protocol (FTP), and mail.
application process: A part of a distributed
application running on a single host.
application programming interface (API): A
standardized set of routines that makes system functions available to
programmers.
architecture: The structure of a system, a description
of which can be used to re-create the system.
ARP: See Address Resolution
Protocol.
ASCII: See American Standard Code for
Information Interchange.
assigned numbers: The numbers officially assigned as
part of the Internet standards.
asynchronous transfer mode (ATM): The method for
dynamic allocation of bandwidth using a fixed-size packet (called a
cell). Also known as fast packet.
asynchronous transmission: The mode of transmission in
which the time intervals between character transmissions differ. Each
character is surrounded by start and stop bits to allow the receiving
device to recognize the beginning and end of each character (also
called start-stop transmission).
ATM: See asynchronous transfer
mode.
attribute: The controllable or observable part of an
entity; a variable that network managers and applications programmers
can manipulate for optimal performance.
attribute group: A named collection of attributes
grouped together, such as all information relating to errors.
authentication: Verification of the identity of a
person or process attempting to access a system.
authentication server: The software that searches the
proxy database for valid user and group identification for remote
personal computer users and returns them to PC-NFS.
autonomous confederation: A group of independent
computer systems that trust each other regarding routing and
reachability information; members believe information provided by other
members in preference to information received from systems that are not
part of the confederation.
autonomous system: A collection of networks controlled
by one administrative authority. The gateways within this system are
expected to trust one another and to share and update routing
information among themselves by any mutually agreeable protocol. A core
gateway must also be designated to share routing information with other
autonomous systems by means of an External Gateway Protocol. See
also External Gateway Protocol.
auxiliary server: The DIGITAL TCP/IP Services for
OpenVMS software that runs as a background process and listens for
incoming requests for services. When it receives a request, it runs the
appropriate server application; includes inetd, security, and
logging options.
availability: The proportion of time a specific piece
of equipment, system, or network is usable, compared to the total time
it is expected to be.
backbone: The primary connectivity mechanism of a
hierarchical distributed system. Usually a high-speed high-performance
network that links together other networks into an internetwork. All
systems with connectivity to an intermediate system on the backbone
will connect to each other. This does not prevent systems from setting
up private arrangements with each other to bypass the backbone for
reasons of cost, performance, or security.
bandwidth: (1) Technically: The difference, in Hertz
(Hz), between the highest and lowest frequencies of a transmission
channel. (2) Typically: The amount of data that can be sent through a
communications circuit.
baseband: A characteristic of any network technology
that uses a single carrier frequency and requires all stations attached
to the network to participate in every transmission; only one
communication channel is provided at a time. See also
broadband.
BBS: See Bulletin Board
System.
Berkeley Internet Name Domain (BIND): The
implementation of a DNS server developed and distributed by the
University of California at Berkeley. Host name and address lookup
service for the Internet; implemented in a client/server model. The
client software, referred to as the resolver, allows client
systems to obtain host names and addresses from servers rather than
from locally hosted databases.
Berkeley Software Distribution (BSD): The derivation
of the original UNIX operating system developed by the Computer Systems
Research Group of the Department of Electrical Engineering and Computer
Science at the University of California at Berkeley. The DIGITAL UNIX
operating system is based on the BSD version of UNIX.
best-effort delivery: A characteristic of network
technologies that will attempt to deliver data but will not try to
recover if there is an error such as a line failure. Internet protocols
IP and UDP provide best-effort delivery service to application programs.
BG driver: The DIGITAL TCP/IP Services for OpenVMS
implementation of a network device driver. See also
device driver.
BGP: See Border Gateway
Protocol.
big endian: The format for storage or transmission of
binary data in which the most significant bit (or byte) comes first.
The reverse convention is called little endian.
BIND resolver: The software that asks a name server to
look up name and address information.
BIND server: The software that responds to queries
from BIND resolvers for name and address lookups; can be local or
distributed. See also cache server,
forwarder server, primary server, and
secondary server.
binding: Defining a remote file system to be a part of
the local UCX file system.
Bits per second (bps or b/s): The measure of the rate
of data transmission.
block: A contiguous unit of user information grouped
together for transmission, such as the user data within a packet,
excluding the protocol overhead.
boot file: A database file that BIND servers use to
determine their type, the zones for which they have authority and the
location of other BIND database files.
BOOTP: The mnemonic for Bootstrap protocol. The
protocol used for booting diskless systems remotely to a network.
See also remote boot.
BOOTP database: The DIGITAL TCP/IP Services Software
for OpenVMS database with entries for diskless network clients that
depend on a boot server to download their system images.
Border Gateway Protocol (BGP): The interautonomous
system routing protocol used to exchange network reachability
information between autonomous systems; runs over TCP.
bottleneck: A point in the network where traffic is
delayed or blocked. Bottlenecks are the limiting factors in network
performance.
bound port: An I/O function specifying a port number
and IP address for the device socket to bind a port to a process.
bps: See bits per second.
bridge: A device that connects two or more physical
networks and then stores and forwards complete packets between them;
can usually be made to filter packets (that is, to forward only certain
traffic).
broadband: A characteristic of any network that
multiplexes multiple, independent network carriers onto a single cable;
usually using frequency division multiplexing. Broadband technology
allows several networks to coexist on one single cable; traffic from
one network does not interfere with traffic from another because the
"conversations" happen on different frequencies.