Commit 30a2695e authored by Tinderbox User's avatar Tinderbox User

Merge branch 'prep-release' into v9_11_18-release

parents 52666bbc 9ba23d94
--- 9.11.18 released ---
5380. [contrib] Fix building MySQL DLZ modules against MySQL 8
libraries. [GL #1678]
......
......@@ -324,6 +324,10 @@ BIND 9.11.17
BIND 9.11.17 is a maintenance release.
BIND 9.11.18
BIND 9.11.18 is a maintenance release.
Building BIND
Minimally, BIND requires a UNIX or Linux system with an ANSI C compiler,
......
......@@ -341,6 +341,10 @@ BIND 9.11.16 is a maintenance release.
BIND 9.11.17 is a maintenance release.
#### BIND 9.11.18
BIND 9.11.18 is a maintenance release.
### <a name="build"/> Building BIND
Minimally, BIND requires a UNIX or Linux system with an ANSI C compiler,
......
......@@ -39,7 +39,7 @@
host \- DNS lookup utility
.SH "SYNOPSIS"
.HP \w'\fBhost\fR\ 'u
\fBhost\fR [\fB\-aCdlnrsTUwv\fR] [\fB\-c\ \fR\fB\fIclass\fR\fR] [\fB\-N\ \fR\fB\fIndots\fR\fR] [\fB\-R\ \fR\fB\fInumber\fR\fR] [\fB\-t\ \fR\fB\fItype\fR\fR] [\fB\-W\ \fR\fB\fIwait\fR\fR] [\fB\-m\ \fR\fB\fIflag\fR\fR] [[\fB\-4\fR] | [\fB\-6\fR]] [\fB\-v\fR] [\fB\-V\fR] {name} [server]
\fBhost\fR [\fB\-aCdlnrsTUwv\fR] [\fB\-c\ \fR\fB\fIclass\fR\fR] [\fB\-N\ \fR\fB\fIndots\fR\fR] [\fB\-p\ \fR\fB\fIport\fR\fR] [\fB\-R\ \fR\fB\fInumber\fR\fR] [\fB\-t\ \fR\fB\fItype\fR\fR] [\fB\-W\ \fR\fB\fIwait\fR\fR] [\fB\-m\ \fR\fB\fIflag\fR\fR] [[\fB\-4\fR] | [\fB\-6\fR]] [\fB\-v\fR] [\fB\-V\fR] {name} [server]
.SH "DESCRIPTION"
.PP
\fBhost\fR
......@@ -134,6 +134,11 @@ directive in
/etc/resolv\&.conf\&.
.RE
.PP
\-p \fIport\fR
.RS 4
Specify the port on the server to query\&. The default is 53\&.
.RE
.PP
\-r
.RS 4
Non\-recursive query: Setting this option clears the RD (recursion desired) bit in the query\&. This should mean that the name server receiving the query will not attempt to resolve
......
......@@ -36,6 +36,7 @@
[<code class="option">-aCdlnrsTUwv</code>]
[<code class="option">-c <em class="replaceable"><code>class</code></em></code>]
[<code class="option">-N <em class="replaceable"><code>ndots</code></em></code>]
[<code class="option">-p <em class="replaceable"><code>port</code></em></code>]
[<code class="option">-R <em class="replaceable"><code>number</code></em></code>]
[<code class="option">-t <em class="replaceable"><code>type</code></em></code>]
[<code class="option">-W <em class="replaceable"><code>wait</code></em></code>]
......@@ -166,6 +167,12 @@
in <code class="filename">/etc/resolv.conf</code>.
</p>
</dd>
<dt><span class="term">-p <em class="replaceable"><code>port</code></em></span></dt>
<dd>
<p>
Specify the port on the server to query. The default is 53.
</p>
</dd>
<dt><span class="term">-r</span></dt>
<dd>
<p>
......
......@@ -9,7 +9,7 @@
'\" t
.\" Title: dnssec-dsfromkey
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/>
.\" Date: 2012-05-02
.\" Manual: BIND9
.\" Source: ISC
......@@ -38,13 +38,13 @@
.SH "NAME"
dnssec-dsfromkey \- DNSSEC DS RR generation tool
.SH "SYNOPSIS"
.HP 17
.HP \w'\fBdnssec\-dsfromkey\fR\ 'u
\fBdnssec\-dsfromkey\fR [\fB\-1\fR | \fB\-2\fR | \fB\-a\ \fR\fB\fIalg\fR\fR] [\fB\-C\fR | \fB\-l\ \fR\fB\fIdomain\fR\fR] [\fB\-T\ \fR\fB\fITTL\fR\fR] [\fB\-v\ \fR\fB\fIlevel\fR\fR] [\fB\-K\ \fR\fB\fIdirectory\fR\fR] {keyfile}
.HP 17
.HP \w'\fBdnssec\-dsfromkey\fR\ 'u
\fBdnssec\-dsfromkey\fR [\fB\-1\fR | \fB\-2\fR | \fB\-a\ \fR\fB\fIalg\fR\fR] [\fB\-C\fR | \fB\-l\ \fR\fB\fIdomain\fR\fR] [\fB\-T\ \fR\fB\fITTL\fR\fR] [\fB\-v\ \fR\fB\fIlevel\fR\fR] [\fB\-c\ \fR\fB\fIclass\fR\fR] [\fB\-A\fR] {\fB\-f\ \fR\fB\fIfile\fR\fR} [dnsname]
.HP 17
.HP \w'\fBdnssec\-dsfromkey\fR\ 'u
\fBdnssec\-dsfromkey\fR [\fB\-1\fR | \fB\-2\fR | \fB\-a\ \fR\fB\fIalg\fR\fR] [\fB\-C\fR | \fB\-l\ \fR\fB\fIdomain\fR\fR] [\fB\-T\ \fR\fB\fITTL\fR\fR] [\fB\-v\ \fR\fB\fIlevel\fR\fR] [\fB\-c\ \fR\fB\fIclass\fR\fR] [\fB\-K\ \fR\fB\fIdirectory\fR\fR] {\-s} {dnsname}
.HP 17
.HP \w'\fBdnssec\-dsfromkey\fR\ 'u
\fBdnssec\-dsfromkey\fR [\fB\-h\fR | \fB\-V\fR]
.SH "DESCRIPTION"
.PP
......@@ -77,8 +77,7 @@ option,
reads a
keyset\-
file, as generated by
\fBdnssec\-keygen\fR
\fB\-C\fR\&.
\fBdnssec\-keygen\fR\fB\-C\fR\&.
.SH "OPTIONS"
.PP
\-1
......
......@@ -9,7 +9,7 @@
'\" t
.\" Title: dnssec-signzone
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/>
.\" Date: 2014-02-18
.\" Manual: BIND9
.\" Source: ISC
......@@ -38,7 +38,7 @@
.SH "NAME"
dnssec-signzone \- DNSSEC zone signing tool
.SH "SYNOPSIS"
.HP 16
.HP \w'\fBdnssec\-signzone\fR\ 'u
\fBdnssec\-signzone\fR [\fB\-a\fR] [\fB\-c\ \fR\fB\fIclass\fR\fR] [\fB\-d\ \fR\fB\fIdirectory\fR\fR] [\fB\-D\fR] [\fB\-E\ \fR\fB\fIengine\fR\fR] [\fB\-e\ \fR\fB\fIend\-time\fR\fR] [\fB\-f\ \fR\fB\fIoutput\-file\fR\fR] [\fB\-g\fR] [\fB\-h\fR] [\fB\-i\ \fR\fB\fIinterval\fR\fR] [\fB\-I\ \fR\fB\fIinput\-format\fR\fR] [\fB\-j\ \fR\fB\fIjitter\fR\fR] [\fB\-K\ \fR\fB\fIdirectory\fR\fR] [\fB\-k\ \fR\fB\fIkey\fR\fR] [\fB\-L\ \fR\fB\fIserial\fR\fR] [\fB\-l\ \fR\fB\fIdomain\fR\fR] [\fB\-M\ \fR\fB\fImaxttl\fR\fR] [\fB\-N\ \fR\fB\fIsoa\-serial\-format\fR\fR] [\fB\-o\ \fR\fB\fIorigin\fR\fR] [\fB\-O\ \fR\fB\fIoutput\-format\fR\fR] [\fB\-P\fR] [\fB\-p\fR] [\fB\-Q\fR] [\fB\-R\fR] [\fB\-r\ \fR\fB\fIrandomdev\fR\fR] [\fB\-S\fR] [\fB\-s\ \fR\fB\fIstart\-time\fR\fR] [\fB\-T\ \fR\fB\fIttl\fR\fR] [\fB\-t\fR] [\fB\-u\fR] [\fB\-v\ \fR\fB\fIlevel\fR\fR] [\fB\-V\fR] [\fB\-X\ \fR\fB\fIextended\ end\-time\fR\fR] [\fB\-x\fR] [\fB\-z\fR] [\fB\-3\ \fR\fB\fIsalt\fR\fR] [\fB\-H\ \fR\fB\fIiterations\fR\fR] [\fB\-A\fR] {zonefile} [key...]
.SH "DESCRIPTION"
.PP
......
......@@ -10,12 +10,12 @@
.\" Title: named.conf
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/>
.\" Date: 2019-07-22
.\" Date: 2020-03-12
.\" Manual: BIND9
.\" Source: ISC
.\" Language: English
.\"
.TH "NAMED\&.CONF" "5" "2019\-07\-22" "ISC" "BIND9"
.TH "NAMED\&.CONF" "5" "2020\-03\-12" "ISC" "BIND9"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
......
......@@ -13,7 +13,7 @@
<refentry xmlns:db="http://docbook.org/ns/docbook" version="5.0" xml:id="man.named.conf">
<info>
<date>2019-07-22</date>
<date>2020-03-12</date>
</info>
<refentryinfo>
<corpname>ISC</corpname>
......
......@@ -9,7 +9,7 @@
'\" t
.\" Title: rndc
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/>
.\" Date: 2014-08-15
.\" Manual: BIND9
.\" Source: ISC
......@@ -38,7 +38,7 @@
.SH "NAME"
rndc \- name server control utility
.SH "SYNOPSIS"
.HP 5
.HP \w'\fBrndc\fR\ 'u
\fBrndc\fR [\fB\-b\ \fR\fB\fIsource\-address\fR\fR] [\fB\-c\ \fR\fB\fIconfig\-file\fR\fR] [\fB\-k\ \fR\fB\fIkey\-file\fR\fR] [\fB\-s\ \fR\fB\fIserver\fR\fR] [\fB\-p\ \fR\fB\fIport\fR\fR] [\fB\-q\fR] [\fB\-r\fR] [\fB\-V\fR] [\fB\-y\ \fR\fB\fIkey_id\fR\fR] {command}
.SH "DESCRIPTION"
.PP
......@@ -371,8 +371,7 @@ All of these options can be shortened, i\&.e\&., to
Enable or disable query logging\&. (For backward compatibility, this command can also be used without an argument to toggle query logging on and off\&.)
.sp
Query logging can also be enabled by explicitly directing the
\fBqueries\fR
\fBcategory\fR
\fBqueries\fR\fBcategory\fR
to a
\fBchannel\fR
in the
......
......@@ -528,7 +528,10 @@ ret=0
$RNDCCMD 10.53.0.3 addzone "test4.baz" '{ type master; file "e.db"; };' > /dev/null 2>&1 || ret=1
$RNDCCMD 10.53.0.3 addzone "test5.baz" '{ type master; file "e.db"; };' > /dev/null 2>&1 || ret=1
$RNDCCMD 10.53.0.3 addzone '"test/.baz"' '{ type master; check-names ignore; file "e.db"; };' > /dev/null 2>&1 || ret=1
$RNDCCMD 10.53.0.3 addzone '"test\".baz"' '{ type master; check-names ignore; file "e.db"; };' > /dev/null 2>&1 || ret=1
# FIXME: This check triggers a known issue in non-LMDB BIND builds
if [ -n "${NZD}" ]; then
$RNDCCMD 10.53.0.3 addzone '"test\".baz"' '{ type master; check-names ignore; file "e.db"; };' > /dev/null 2>&1 || ret=1
fi
$PERL $SYSTEMTESTTOP/stop.pl addzone ns3
$PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} addzone ns3 || ret=1
$DIG $DIGOPTS @10.53.0.3 version.bind txt ch > dig.out.test$n || ret=1
......
......@@ -10,7 +10,7 @@
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Chapter 1. Introduction</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
<meta name="generator" content="DocBook XSL Stylesheets V1.78.1">
<link rel="home" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
<link rel="up" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
<link rel="prev" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
......@@ -50,7 +50,8 @@
</dl></dd>
</dl>
</div>
<p>
<p>
The Internet Domain Name System (<acronym class="acronym">DNS</acronym>)
consists of the syntax
to specify the names of entities in the Internet in a hierarchical
......@@ -60,10 +61,12 @@
group of distributed
hierarchical databases.
</p>
<div class="section">
<div class="section">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="doc_scope"></a>Scope of Document</h2></div></div></div>
<p>
<p>
The Berkeley Internet Name Domain
(<acronym class="acronym">BIND</acronym>) implements a
domain name server for a number of operating systems. This
......@@ -72,12 +75,14 @@
<acronym class="acronym">BIND</acronym> version 9 software package for
system administrators.
</p>
<p>This version of the manual corresponds to BIND version 9.11.</p>
</div>
<div class="section">
<p>This version of the manual corresponds to BIND version 9.11.</p>
</div>
<div class="section">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="organization"></a>Organization of This Document</h2></div></div></div>
<p>
<p>
In this document, <span class="emphasis"><em>Chapter 1</em></span> introduces
the basic <acronym class="acronym">DNS</acronym> and <acronym class="acronym">BIND</acronym> concepts. <span class="emphasis"><em>Chapter 2</em></span>
describes resource requirements for running <acronym class="acronym">BIND</acronym> in various
......@@ -102,15 +107,18 @@
and the Domain Name
System.
</p>
</div>
<div class="section">
</div>
<div class="section">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="conventions"></a>Conventions Used in This Document</h2></div></div></div>
<p>
<p>
In this document, we use the following general typographic
conventions:
</p>
<div class="informaltable"><table class="informaltable" border="1">
<div class="informaltable">
<table border="1">
<colgroup>
<col width="3.000in" class="1">
<col width="2.625in" class="2">
......@@ -167,11 +175,14 @@
</td>
</tr>
</tbody>
</table></div>
<p>
</table>
</div>
<p>
The following conventions are used in descriptions of the
<acronym class="acronym">BIND</acronym> configuration file:</p>
<div class="informaltable"><table class="informaltable" border="1">
<div class="informaltable">
<table border="1">
<colgroup>
<col width="3.000in" class="1">
<col width="2.625in" class="2">
......@@ -226,31 +237,36 @@
</td>
</tr>
</tbody>
</table></div>
</table>
</div>
<p>
</p>
</div>
<div class="section">
</div>
<div class="section">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="dns_overview"></a>The Domain Name System (<acronym class="acronym">DNS</acronym>)</h2></div></div></div>
<p>
<p>
The purpose of this document is to explain the installation
and upkeep of the <acronym class="acronym">BIND</acronym> (Berkeley Internet
Name Domain) software package, and we
begin by reviewing the fundamentals of the Domain Name System
(<acronym class="acronym">DNS</acronym>) as they relate to <acronym class="acronym">BIND</acronym>.
</p>
<div class="section">
<div class="section">
<div class="titlepage"><div><div><h3 class="title">
<a name="dns_fundamentals"></a>DNS Fundamentals</h3></div></div></div>
<p>
<p>
The Domain Name System (DNS) is a hierarchical, distributed
database. It stores information for mapping Internet host names to
IP
addresses and vice versa, mail routing information, and other data
used by Internet applications.
</p>
<p>
<p>
Clients look up information in the DNS by calling a
<span class="emphasis"><em>resolver</em></span> library, which sends queries to one or
more <span class="emphasis"><em>name servers</em></span> and interprets the responses.
......@@ -258,11 +274,13 @@
contains a name server, <span class="command"><strong>named</strong></span>, and a
resolver library, <span class="command"><strong>liblwres</strong></span>.
</p>
</div>
<div class="section">
</div>
<div class="section">
<div class="titlepage"><div><div><h3 class="title">
<a name="domain_names"></a>Domains and Domain Names</h3></div></div></div>
<p>
<p>
The data stored in the DNS is identified by <span class="emphasis"><em>domain names</em></span> that are organized as a tree according to
organizational or administrative boundaries. Each node of the tree,
called a <span class="emphasis"><em>domain</em></span>, is given a label. The domain
......@@ -273,7 +291,8 @@
separated by dots. A label need only be unique within its parent
domain.
</p>
<p>
<p>
For example, a domain name for a host at the
company <span class="emphasis"><em>Example, Inc.</em></span> could be
<code class="literal">ourhost.example.com</code>,
......@@ -285,7 +304,8 @@
<code class="literal">ourhost</code> is the
name of the host.
</p>
<p>
<p>
For administrative purposes, the name space is partitioned into
areas called <span class="emphasis"><em>zones</em></span>, each starting at a node and
extending down to the leaf nodes or to nodes where other zones
......@@ -293,27 +313,32 @@
The data for each zone is stored in a <span class="emphasis"><em>name server</em></span>, which answers queries about the zone using the
<span class="emphasis"><em>DNS protocol</em></span>.
</p>
<p>
<p>
The data associated with each domain name is stored in the
form of <span class="emphasis"><em>resource records</em></span> (<acronym class="acronym">RR</acronym>s).
Some of the supported resource record types are described in
<a class="xref" href="Bv9ARM.ch06.html#types_of_resource_records_and_when_to_use_them" title="Types of Resource Records and When to Use Them">the section called &#8220;Types of Resource Records and When to Use Them&#8221;</a>.
</p>
<p>
<p>
For more detailed information about the design of the DNS and
the DNS protocol, please refer to the standards documents listed in
<a class="xref" href="Bv9ARM.ch11.html#rfcs" title="Request for Comments (RFCs)">the section called &#8220;Request for Comments (RFCs)&#8221;</a>.
</p>
</div>
<div class="section">
</div>
<div class="section">
<div class="titlepage"><div><div><h3 class="title">
<a name="zones"></a>Zones</h3></div></div></div>
<p>
<p>
To properly operate a name server, it is important to understand
the difference between a <span class="emphasis"><em>zone</em></span>
and a <span class="emphasis"><em>domain</em></span>.
</p>
<p>
<p>
As stated previously, a zone is a point of delegation in
the <acronym class="acronym">DNS</acronym> tree. A zone consists of
those contiguous parts of the domain
......@@ -325,7 +350,8 @@
parent zone, which should be matched by equivalent NS records at
the root of the delegated zone.
</p>
<p>
<p>
For instance, consider the <code class="literal">example.com</code>
domain which includes names
such as <code class="literal">host.aaa.example.com</code> and
......@@ -347,7 +373,8 @@
gain a complete understanding of this difficult and subtle
topic.
</p>
<p>
<p>
Though <acronym class="acronym">BIND</acronym> is called a "domain name
server",
it deals primarily in terms of zones. The master and slave
......@@ -357,11 +384,13 @@
be a slave server for your <span class="emphasis"><em>domain</em></span>, you are
actually asking for slave service for some collection of zones.
</p>
</div>
<div class="section">
</div>
<div class="section">
<div class="titlepage"><div><div><h3 class="title">
<a name="auth_servers"></a>Authoritative Name Servers</h3></div></div></div>
<p>
<p>
Each zone is served by at least
one <span class="emphasis"><em>authoritative name server</em></span>,
which contains the complete data for the zone.
......@@ -369,16 +398,19 @@
most zones have two or more authoritative servers, on
different networks.
</p>
<p>
<p>
Responses from authoritative servers have the "authoritative
answer" (AA) bit set in the response packets. This makes them
easy to identify when debugging DNS configurations using tools like
<span class="command"><strong>dig</strong></span> (<a class="xref" href="Bv9ARM.ch03.html#diagnostic_tools" title="Diagnostic Tools">the section called &#8220;Diagnostic Tools&#8221;</a>).
</p>
<div class="section">
<div class="section">
<div class="titlepage"><div><div><h4 class="title">
<a name="primary_master"></a>The Primary Master</h4></div></div></div>
<p>
<p>
The authoritative server where the master copy of the zone
data is maintained is called the
<span class="emphasis"><em>primary master</em></span> server, or simply the
......@@ -389,16 +421,19 @@
<span class="emphasis"><em>zone file</em></span> or
<span class="emphasis"><em>master file</em></span>.
</p>
<p>
<p>
In some cases, however, the master file may not be edited
by humans at all, but may instead be the result of
<span class="emphasis"><em>dynamic update</em></span> operations.
</p>
</div>
<div class="section">
</div>
<div class="section">
<div class="titlepage"><div><div><h4 class="title">
<a name="slave_server"></a>Slave Servers</h4></div></div></div>
<p>
<p>
The other authoritative servers, the <span class="emphasis"><em>slave</em></span>
servers (also known as <span class="emphasis"><em>secondary</em></span> servers)
load the zone contents from another server using a replication
......@@ -408,7 +443,7 @@
slave. In other words, a slave server may itself act as a
master to a subordinate slave server.
</p>
<p>
<p>
Periodically, the slave server must send a refresh query to
determine whether the zone contents have been updated. This
is done by sending a query for the zone's SOA record and
......@@ -421,17 +456,19 @@
<span class="command"><strong>max-retry-time</strong></span>, and
<span class="command"><strong>min-retry-time</strong></span> options.
</p>
<p>
<p>
If the zone data cannot be updated within the time specified
by the SOA EXPIRE option (up to a hard-coded maximum of
24 weeks) then the slave zone expires and will no longer
respond to queries.
</p>
</div>
<div class="section">
</div>
<div class="section">
<div class="titlepage"><div><div><h4 class="title">
<a name="stealth_server"></a>Stealth Servers</h4></div></div></div>
<p>
<p>
Usually all of the zone's authoritative servers are listed in
NS records in the parent zone. These NS records constitute
a <span class="emphasis"><em>delegation</em></span> of the zone from the parent.
......@@ -442,7 +479,8 @@
list servers in the parent's delegation that are not present at
the zone's top level.
</p>
<p>
<p>
A <span class="emphasis"><em>stealth server</em></span> is a server that is
authoritative for a zone but is not listed in that zone's NS
records. Stealth servers can be used for keeping a local copy of
......@@ -453,7 +491,8 @@
are
inaccessible.
</p>
<p>
<p>
A configuration where the primary master server itself is a
stealth server is often referred to as a "hidden primary"
configuration. One use for this configuration is when the primary
......@@ -461,12 +500,17 @@
is behind a firewall and therefore unable to communicate directly
with the outside world.
</p>
</div>
</div>
<div class="section">
</div>
</div>
<div class="section">
<div class="titlepage"><div><div><h3 class="title">
<a name="cache_servers"></a>Caching Name Servers</h3></div></div></div>
<p>
<p>
The resolver libraries provided by most operating systems are
<span class="emphasis"><em>stub resolvers</em></span>, meaning that they are not
capable of
......@@ -478,22 +522,26 @@
is called a <span class="emphasis"><em>recursive</em></span> name server; it performs
<span class="emphasis"><em>recursive lookups</em></span> for local clients.
</p>
<p>
<p>
To improve performance, recursive servers cache the results of
the lookups they perform. Since the processes of recursion and
caching are intimately connected, the terms
<span class="emphasis"><em>recursive server</em></span> and
<span class="emphasis"><em>caching server</em></span> are often used synonymously.
</p>
<p>
<p>
The length of time for which a record may be retained in
the cache of a caching name server is controlled by the
Time To Live (TTL) field associated with each resource record.
</p>
<div class="section">
<div class="section">
<div class="titlepage"><div><div><h4 class="title">
<a name="forwarder"></a>Forwarding</h4></div></div></div>
<p>
<p>
Even a caching name server does not necessarily perform
the complete recursive lookup itself. Instead, it can
<span class="emphasis"><em>forward</em></span> some or all of the queries
......@@ -501,7 +549,8 @@
server,
commonly referred to as a <span class="emphasis"><em>forwarder</em></span>.
</p>
<p>
<p>
There may be one or more forwarders,
and they are queried in turn until the list is exhausted or an
answer
......@@ -515,18 +564,22 @@
that can do it, and that server would query the Internet <acronym class="acronym">DNS</acronym> servers
on the internal server's behalf.
</p>
</div>
</div>
<div class="section">
</div>
</div>
<div class="section">
<div class="titlepage"><div><div><h3 class="title">
<a name="multi_role"></a>Name Servers in Multiple Roles</h3></div></div></div>
<p>
<p>
The <acronym class="acronym">BIND</acronym> name server can
simultaneously act as
a master for some zones, a slave for other zones, and as a caching
(recursive) server for a set of local clients.
</p>
<p>
<p>
However, since the functions of authoritative name service
and caching/recursive name service are logically separate, it is
often advantageous to run them on separate server machines.
......@@ -541,9 +594,11 @@
does not need to be reachable from the Internet at large and can
be placed inside a firewall.
</p>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="navfooter">
<hr>
<table width="100%" summary="Navigation footer">
......@@ -561,6 +616,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.11.17 (Extended Support Version)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.11.18 (Extended Support Version)</p>
</body>
</html>
......@@ -10,7 +10,7 @@
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Chapter 2. BIND Resource Requirements</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">