Forgot your password?
Document Actions
c3.html
| DNS -- Domain Name Service | ||
|---|---|---|
| <<< Previous | Next >>> | |
DNS using djbdns
DNS (Domain Name Service) is the backbone of the Internet, and any IP based system. It's the means by which meaningful domain and host names are turned into numeric IP addresses, and IP addresses translated back to FQDNs (Fully Qualified Domain Names). For years BIND (Berkeley Internet Name Daemon) has been the standard method of maintaining and resolving these addresses. Unfortunately BIND has also taken sendmail's place as one of the primary security hazards on the Internet.
Overview
The djbdns program is an alternative to BIND, and offers many advantages, notably security, speed, simplicity, and security (to paraphrase ``Blazing Saddles'' -- kinda like that security). A major reason for the increased security is that djbdns consists of several small programs, each of which handles a specific job instead of doing everything in one huge, monolithic program that does everything. This means that there's a bit more work to do to set up djbdns than to set up BIND (beyond the fact that BIND is pre-installed on most Unix-type systems). All the djbdns servers run as non-root users with limited privileges.
The most daunting aspect of djbdns is that each server requires its own IP address (with one exception that I'll address later). This requires some mental adjustment, and planning, but isn't difficult to implement.
| <<< Previous | Home | Next >>> |
| DNS -- Domain Name Service | Server Descriptions |