friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
8826eae394
ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzakk_5.4.0.1/rzakkconceptbind.htm

103 lines
7.0 KiB
HTML
Raw Blame History

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="reference" />
<meta name="DC.Title" content="BIND 8 features" />
<meta name="abstract" content="Besides dynamic updates, BIND 8 offers several features to enhance performance of your Domain Name System (DNS) server." />
<meta name="description" content="Besides dynamic updates, BIND 8 offers several features to enhance performance of your Domain Name System (DNS) server." />
<meta name="DC.Relation" scheme="URI" content="rzakkconceptparent.htm" />
<meta name="DC.Relation" scheme="URI" content="rzakkinstalling.htm" />
<meta name="DC.Relation" scheme="URI" content="rzakkscenario5.htm" />
<meta name="DC.Relation" scheme="URI" content="rzakkconceptdynamic.htm" />
<meta name="DC.Relation" scheme="URI" content="rzakkplanningsecurity.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2004, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2004, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzakkconceptbind" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>BIND 8 features</title>
</head>
<body id="rzakkconceptbind"><a name="rzakkconceptbind"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">BIND 8 features</h1>
<div><p>Besides dynamic updates, BIND 8 offers several features to enhance
performance of your Domain Name System (DNS) server.</p>
<div class="section"><p>DNS has been redesigned to use BIND 8 for OS/400<sup>®</sup> V5R1. If you do not have PASE
installed, you can continue to configure and run the previously released OS/400 DNS
server based on BIND 4.9.3. The DNS system requirements topic explains what
you need to run BIND 8-based DNS on your iSeries™ server. Using the new DNS allows
you to take advantage of the following features:</p>
</div>
<div class="section"><h4 class="sectiontitle">Multiple DNS servers running on a single iSeries</h4><p>In
previous releases, only one DNS server can be configured. Now you can configure
multiple DNS servers, or instances. This allows you to set up logical division
between servers. When you create multiple instances, you must explicitly define
the listen-on interface IP addresses for each one. Two DNS instances cannot
listen on the same interface.</p>
<p>One practical application of multiple
servers is split DNS, where one server is authoritative for an internal network,
and a second server is used for external queries. </p>
</div>
<div class="section"><h4 class="sectiontitle">Conditional forwarding</h4><p>Conditional forwarding allows
you to configure your DNS server to fine-tune your forwarding preferences.
You can set a server to forward all queries for which it does not know the
answer. You can set forwarding at a global level, but add exceptions to domains
for which you want to force normal iterative resolution. Or, you can set normal
iterative resolution at the global level, then force forwarding within certain
domains.</p>
</div>
<div class="section"><h4 class="sectiontitle">Secure dynamic updates</h4><p>Dynamic Host Configuration
Protocol (DHCP) and other authorized sources can send dynamic resource record
updates, using Transaction Signatures (TSIG) or source IP address authorization,
or both. This reduces the need for manual updates of zone data while ensuring
that only authorized sources are used for updates.</p>
</div>
<div class="section"><h4 class="sectiontitle">NOTIFY</h4><p>When NOTIFY is turned on, the DNS NOTIFY
function is activated whenever zone data is updated on the primary server.
The primary server sends out a message indicating that data has changed to
all known secondary servers. Secondary servers can then respond with a zone
transfer request for updated zone data. This helps improve secondary server
support by keeping backup zone data current.</p>
</div>
<div class="section"><h4 class="sectiontitle">Zone transfers (IXFR and AXFR)</h4><p> In the past, whenever
secondary servers needed to reload zone data, they had to load the entire
data set in an All zone transfer (AXFR). BIND 8 supports a new zone transfer
method: incremental zone transfer (IXFR). IXFR is a way that other servers
can transfer only changed data, instead of the entire zone.</p>
<p>When enabled
on the primary server, data changes are assigned a flag to indicate that a
change has occurred. When a secondary server requests a zone update in an
IXFR, the primary server will send just the new data. IXFR is especially useful
when a zone is dynamically updated. This transfer reduces the traffic load
by sending smaller amounts of data.</p>
<div class="note"><span class="notetitle">Note:</span> Both the primary server and secondary
server must be IXFR-enabled to use this feature.</div>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzakkconceptparent.htm" title="This topic explains what Domain Name System (DNS) is and how it works. It also shows the different types of zones that can be defined on a DNS server.">Domain Name System concepts</a></div>
</div>
<div class="relconcepts"><strong>Related concepts</strong><br />
<div><a href="rzakkinstalling.htm" title="This topic describes the software requirements to run Domain Name System (DNS) on your iSeries server.">Domain Name System requirements</a></div>
<div><a href="rzakkconceptdynamic.htm" title="OS/400 V5R1 DNS based on BIND 8 supports dynamic updates. These allow outside sources, such as Dynamic Host Configuration Protocol (DHCP), to send updates to the Domain Name System (DNS) server.">Dynamic updates</a></div>
</div>
<div class="relref"><strong>Related reference</strong><br />
<div><a href="rzakkscenario5.htm" title="This example depicts Domain Name System (DNS) operating over a firewall to protect internal data from the Internet, while allowing internal users to access data on the Internet.">Example: Split Domain Name System over firewall</a></div>
<div><a href="rzakkplanningsecurity.htm" title="Domain Name System (DNS) provides security options to limit outside access to your server.">Plan security measures</a></div>
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink