Configuring DNS (BIND) in isolation

[Andrew Falanga]

On 12/4/06, David Robillard <david.robillard at gmail.com> wrote:
>
> > Hello,
> >
> > I have a need to make my own DNS system on an isolated network.  Years
> ago,
> > I administered DNS for a couple of different companies, but that was
> quite a
> > while ago and since I've turned to programming I haven't done much in
> the
> > way of network administration.  I recall from using BIND 4, when I was
> > reading up on it, that it is most certainly possible to configure an
> entire
> > DNS system on a totally isolated network.
> >
> > Would I need zone files for the root, ".", zone and any other zones I
> > configure; e.g. "isolation."?  This would seem to be the way to go about
> it,
> > but I'm having some difficulty visualizing it in my head.  I just did
> some
> > searches online for the O'Reilly book "DNS & BIND".  I recall using this
> > book in the past and it was quite helpful (and unfortunately for me,
> > belonged to my former employers).  Would this book be a good reference
> for
> > this task as well, or are there better books that I might want to look
> into
> > getting for this?  Or, are there good on-line resources that could help
> me
> > muddle through?
> >
> > Any help is greatly appreciated.
> >
> > Thanks,
> > Andy
>
> Hello Andy,
>
> First, you need to know that BIND has jumped from version 4 directly
> to version 8 and is now at version 9. There is a whole world of
> difference between the version 4 that you've worked with in the past
> and the latest version 9 (such as Views, DNSSEC, IXFR, etc).
>
> Now, the book you mentioned above is still THE reference on the topic.
> O'Reilly recently published the 5th edition of "DNS & BIND" which
> covers everything BIND 9 has to offer. Plus an extended chapter on the
> DNS architecture itself. It's a great book, you should get yourself a
> copy if you're interested by DNS.
>
> Third, while "DNS & BIND" is a fine book, you'll have more direct help
> from another O'Reilly book called "DNS & BIND Cookbook" from Cricket
> Liu. It presents some common DNS related tasks in the form of easy to
> follow "recipes". It sure is a great help when it actually is time to
> build and configure your DNS servers.
>
> Moreover, FreeBSD is an excellent platform for building DNS servers.
> I've built DNS servers out of Solaris, AIX, RedHat and FreeBSD
> machines and BSD is by far the easiest and more flexible to setup and
> secure.
>
> <shameless plug>
> Finally, if for various reasons you don't have the time or expertise
> to setup your own DNS machine. Then have a look at the appliances from
> the author of "DNS & BIND" Cricket Liu's company called Infoblox at
> http://www.infoblox.com.
> </shameless plug>
>
> Cheers,
>
> David
> --
> David Robillard
> UNIX systems administrator & Oracle DBA
> CISSP, RHCE & Sun Certified Security Administrator
> Montreal: +1 514 966 0122
>


I wanted to thank everyone who answered, but I think my first reply went
only to the individual of whose e-mail I chose to respond to (sorry) and
thanks everyone.  I think I've got what I need to get going.

Andy