Updating root zone file bind
For example, pop.example.com, could both point to the primary server where the mail server and the business intranet reside, and the domain could be
It's easy to remember that these two services are running on the same machine whose IP address is 192.168.0.1.
Putting a DNS server on a network allows for the replacement of IP addresses of individual machines by a name.
As a result, it's even possible to associate multiple names to the same machine to update the different available services.
Users take advantage of this when they recite meaningful Uniform Resource Locators (URLs) and e-mail addresses without having to know how the computer actually locates them.
BIND (pronounced /ˈbaɪnd/), or named (/ˈneɪmdiː/), was as of 2004 the most commonly used Domain Name System (DNS) server on the Internet, and still proclaims itself to be so.
Resource records define the parameters of the zone and assign identities to individual hosts.
It associates various information with domain names assigned to each of the participating entities.DNS Security Extensions (DNSSEC) is a specification which aims at maintaining the data integrity of DNS responses.DNSSEC signs all the DNS resource records (A, MX, CNAME etc.) of a zone using PKI (Public Key Infrastructure).Now DNSSEC enabled DNS resolvers (like Google Public DNS) can verify the authenticity of a DNS reply (containing an IP address) using the public DNSKEY record. Master Nameserver: IP Address: 220.127.116.11 Hostname: master.OS: Debian 7 Slave Nameserver: IP Address: 18.104.22.168 Hostname: slave.OS: Cent OS The names and locations of configuration and zone files of BIND different according to the Linux distribution used.A Resource Record (RR) contains a specific information about the domain. Service name: bind9 Main configuration file: [email protected]:/var/cache/bind# dnssec-keygen -f KSK -a NSEC3RSASHA1 -b 4096 -n ZONE Generating key pair...................... 007 62910 [email protected]:/var/cache/bind# dnssec-signzone -A -3 $(head -c 1000 /dev/random | sha1sum | cut -b 1-16) -N INCREMENT -o -t zone Verifying the zone using the following algorithms: NSEC3RSASHA1.