Asperger Syndrome »
« 8.5 days
DNS and BIND, 5th Edition

Posted at 2006-09-14 12.35

I put this review in the hreview microformat, so with any luck its structure should be easily parsed by machine.

  • Authors: Cricket Liu and Paul Albitz
  • Type: book
  • ISBN: 0-596-10057-4
  • URL: http://www.oreilly.com/catalog/dns5/
  • Publisher: O'Reilly Media
  • Price: £35.50
  • Published: 2006-05
  • Pages: 650


Excellent book, essential for the BIND administrator.

This is a truly remarkable book. It has been revised and improved over
its 14-year history, resulting in a vast and authoritative yet readable
account of DNS and especially BIND.

The good

The authors have chosen to remove most references to BIND 4 from this
latest edition, concentrating instead on various versions of BIND 8 and 9.

The book covers all aspects of DNS and how to implement them in BIND,
including DNS zones and subdomains, Dynamic DNS, zone transfers, mail records,
DNSSEC and IPv6.

It has a large chapter on DNS security, describing DNSSEC, TSIG,
split-horizon and prescribing various models for securing BIND.

I was very impressed with the chapter about DNS programming: an aspect
of Unix that is imperfectly documented in the manual pages at best. Liu and
Albitz’s treatment of this topic is, as with the rest of the book, clear and
exhaustive.

However, the twin highlights of the book were the chapters on
maintaining and debugging BIND. The maintenance chapter sets out the seasoned
expert’s approach to looking after BIND, and the chapter about debugging
describes the 13 most likely causes of BIND problems, from the authors'
extensive knowledge of taming the beast.

The bad

I was uncomfortable with the book’s overuse of the deprecated
nslookup program for debugging. It does justify this by saying
that it’s widely available, but in my opinion this is a poor reason for using
a substandard tool when better alternatives, such as host and
dig are almost as widespread.

Also, I was disappointed that BIND was the only DNS server
considered for Unix. Surely a chapter or two on djbdns would not have gone
amiss.

The ugly

Read this book if you want to know in intimate detail just how buggy
various versions of BIND (up to 9.3.2) are. Liu and Albitz document, in loving
detail, the flaws in BIND. If you must use BIND, this book is essential.
However, it has convinced me to avoid BIND in favour of djbdns wherever
possible.

Score: 8/10

Andrew Stribblehill

2006-09-05


No comments have been added to this post yet.

Leave a comment

(required)

(required)


Information for comment users
Line and paragraph breaks are implemented automatically. Your e-mail address is never displayed. Please consider what you're posting.

Use the buttons below to customise your comment.


RSS feed for comments on this post | TrackBack URI

 
ok