When I sat down to write Alternative DNS Servers I new what I wanted the book not to be. It could be neither DNS and BIND nor could it be Pro DNS and Bind for the simple reason that it isn’t possible to write a book about the DNS more comprehensively than those two books are. They are authoritative (pun intended) on the topic of DNS and I bow at their authors.
My book had to be different, and I knew how it could become that way. I had to take on the task of describing the “other” DNS servers as comprehensively as possible. By “other” I mean not BIND. And that is exactly what I did. I took the creme de la creme of the Open Source DNS servers and wrote about how they store DNS data in files, in LDAP or in an SQL database. A few of those have impressed others; I think of dnsmasq or the now sadly almost obsolete ldapdns. (Boy, do I wish a good programmer would pick up where that author left off – but talk to me before you start!)
In spite of not wanting mine to be “another” BIND book, I have three chapters on BIND: one describes general syntax, but the other two chapters quite comprehensively describe BIND’s simplified SDB interface, and the other is all about BIND’s DLZ (Dynamically Loadable Zones). Both chapters cover the topics with lots of examples and reasons on why you’d use one or the other.
I emphasized on some of the cool things you can do with the DNS. As such, one of my favorites is Chapter 15 (DNS and Perl) where I describe a self-made Perl DNS server which can be used by a help-desk in an organization to find details of an irritated user calling for help. Chapter 16 discusses DNS blacklists or block-lists. Then there’s the chapter on Caching name servers, and another of my favorites: Delegation and private DNS roots.
Because LDAP is (or was) not as well known as SQL, my editor suggested I write an appendix explaining LDAP, which I did, and I believe it is the most concise, description of LDAP I’ve read, and yet, it explains some of the more advanced topics, such as schema expansion.
While communicating with some of the program authors or maintainers, I
got to write even more. I recall one particular thread of e-mails very well,
because they caused me a lot of work. :-) After Wouter Wijngaards had kindly
proof-read my chapter on NSD, he confided in me that NLnet Labs
were in the process of building a new recursive name server called
Unbound. I asked him whether I could have a peek at the code and also
asked whether he’d enjoy me writing a chapter on it, and so Alternative DNS
Servers became the first book to document the Unbound caching name server.
(This was also the moment my book was first mentioned in a press release
on Unbound.) It was during that phase, that the need to write about the DNS
Security Extensions, known as DNSSEC, became apparent. Chapter 22
(Introducing DNSSEC), gave me countless headaches, and had my editor go into
bouts of despair: my explanations wheren’t good enough for him. I believe we
rewrote that chapter three times. The result is good. Most of the maintainers
where helpful, but they guys at NLnet Labs stand out: I’ve mentioned
Wouter already, and also Olaf Kolkman, who added
Net::DNS::Nameserver at my request. (And they sent me a t-shirt.)
I discuss the Name Service Switch in quite some detail, as well as IDN – Internationalized Domain Names; important if you live outside of dot com. :-)
Literally only a few days before going to press, the PowerDNS Recursor was released with a Lua plugin capability, and so I squeezed in an appendix on embedding Lua and the Recursor’s interface to it: Scripting PowerDNS Recursor with the Lua programming language.
Monitoring the DNS, emphasizing that you can’t be careful enough to ensure this vital network service is constantly running, ensuring you always have “at least two of everything”; that is, I hope, one of the central ideas I write about. The rest is easy.
And which is the fastest server? Well, you’ll have to read Chapter 23, Performance, to find out. Getting the data was hard work, and I describe exactly how I got it. As benchmarks go, it isn’t representative; your mileage will vary, but the numbers give you an idea.
I knew my book would never get “Harry Potter” status – I’d not make a fortune on it, and I haven’t. I wrote the book because I wanted to convey ideas I’ve gathered in many years of working with the tools I describe. None of the words in my book are fiction, and the anecdotes and footnotes, where I was permitted put some, are true. The book’s few reviews are very good, and they’ve proven I worked well. Where did we fail? I can’t think of much except the title: it sucks. In hindsight the title really is bad because, upon hearing “alternative DNS servers”, most think of “other DNS servers I can use in my network settings”, which is certainly not what the book is about.
We (my publisher and I) are considering releasing the book as a full, unabridged, freely downloadable PDF, without any DRM crap on it. You’ll be able to print it, view it, copy from it, etc. Needless to say the book has a copyright to which you are bound. We also hope you’ll want to purchase a copy of the printed book, which I’ll gladly sign for you if we meet.
Stay tuned. Here it is.