Definitely the Best!

Ron Aitchison's Pro DNS and BIND packs a whopping 550 pages of material which is easy to read for the novice or ongoing DNS administrator, and which is very well written (I greatly enjoyed the author's style). After a short introduction in which I learnt some interesting facts about the provisioning of the root servers, the author implements a first zone describing the necessary concepts such as resource records, queries and zone transfers very clearly, followed by the different types of DNS setups (master, slave, caching, forwarding and stealth servers); these are covered in depth in chapter 7. Chapter five covers IPv6 and its relevance to BIND. Throughout the book, references to other DNS server implementations are given, but the primary focus is of course BIND 9.3.0.

Aitchison leads the reader through detailed installation of BIND on Linux, FreeBSD and even Windows (ISC has an installer for Windows in its portfolio), after which common DNS tasks are discussed (how to delegate a subdomain, how to define SPF records, etc. read it on-line here) as well as a chapter on tools.

The third part of the book is dedicated to securing DNS configurations with topics ranging from simple administrative issues (chroot jails) through securing DNS updates and zone transfers with TSIG and DNSSEC.bis which is covered very extensively in chapter 11.

Chapters 12 and 13 provide extensive commented references on BIND configuration and Zone files. There is of course plenty of on-line reference information on these two topics (including the author's very good DNS for Rocket Scientists) but I like to have reference information on hardcopy (in the event my DNS servers fail, and I can't reach the on-line documentation :-) )

In part 5 the author shortly covers programming with the BIND API and the resolver libraries, and he follows that with an interesting chapter on DNS Messages and Records, good to have if you want to sniff your way through DNS traffic.

The publisher's web site carries a sample chapter as well as the source code to the book which is also available in TAR format on the author's web site together with complementary information and pointers to further resources.

My only complaint about this otherwise excellent book is that on two or three occasions I read a paragraph that I thought I'd just read before; some duplication must have taken place (or I was tired). For the next edition, I'd like to read a chapter on interoperability between BIND and Microsoft Windows DNS servers, specifically regarding DNSSEC.

This book is an absolute must have for anybody who needs to understand DNS in the first place (irrespective of the implementation he or she plans to use), and it is a must have for a systems administrator who is either intending to deploy or has already deployed BIND 9.3. I wish I'd read this book before the first mentioned above.

Other Reviews

• Muito bom
• Wonderful book for both novice and expert!
• Definitely the Best!
• Online VS. Hardcopy version
• To understand DNS and BIND get this book!