DNS Techniques

  • Ron Aitchison


This chapter describes a number of common configurations when working with zone files and, in some cases, with BIND. These solutions are presented to assist you in quickly implementing some commonly used features, recovering from errors, and illustrating some of the more subtle uses of the DNS. The following topics are covered:
  • How to delegate a subdomain: This configuration allows the domain name owner to pass the responsibility to a subdomain owner (which may be another party or another part of the organization) who will be entirely responsible for the zone files describing the subdomain.

  • How to delegate a virtual subdomain: This configuration uses a single zone file to provide subdomain addressing (for instance, www.us.example.com or www.uk.example.com).

  • How to configure fail-over mail servers: The configuration allows backup mail servers to support a domain.

  • How to reverse-map subnets: This configuration allows the delegation of reverse mapping to subnets of typically less than 256 IPv4 addresses.

  • How to load balance with DNS: The configurations describe various ways in which load balancing may be implemented using DNS features. The BIND statements that control the order in which addresses are returned are also covered.

  • How to define an SPF record: The Sender Policy Framework (SPF) is an anti-spam measure that allows an e-mail server to verify that the SMTP source is valid for the sending e-mail address. SPF records are currently implemented by Microsoft, Google, and AOL to name but three of the many hundreds of thousands of users.

  • How to define a DKIM record: DomainKeys Identified Mail (DKIM) is an anti-spam feature using signed mail and used by several major mail providers such as Google, Yahoo, and others.

  • How to support http://example.com: The configuration allows both the URL www.example.com and example.com to directly address a web or other service. The required changes to the Apache server are also covered.

  • How to fix an out-of-sequence SOA serial number: The process used to fix various SOA serial number errors is covered.

  • How to use DNS wildcards: The DNS RRs support the use of a wildcard (*). The section on wildcards illustrates the use of this error-prone feature.

  • Zone file Construction: Zone files can be constructed in a variety of ways to ease configuration.

  • Split horizons: Techniques for giving different IP addresses based on query location. A poor man’s anycasting.

  • DNSBL: DNS blacklists and other alternative uses for DNS.

  • TTL values: The TTL value for any resource record can play a significant part in DNS reliability.


Serial Number IPv4 Address Mail Server Test Pass Selector Field 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Ron Aitchison 2011

Authors and Affiliations

  • Ron Aitchison

There are no affiliations available

Personalised recommendations