The Domain Name System (DNS) converts human-readable names given to
networked machines to the IP addresses that machines use. (See Chapter 18,
“Networking,” for more on IP addresses.) DNS works in the other direction as
well, taking IP addresses and giving names.
When you set up a DNS server using the BIND DNS server software
discussed in this chapter, you gain the power to set the name/IP details for
domains you own, either domains that are internal on your network or Internet
domains you have purchased through a registrar like Namecheap.com or
GoDaddy. But these registrars run DNS servers and allow you to perform this
setup through their lovely web GUIs. Why would anyone want to do this
themselves? There are several possible reasons:
You have an internal network, a local area network (LAN) that is not
accessible from outside that network—Your internal network assigns
and uses private IP addresses, but you want to make things easier for
your LAN users by assigning names to the various systems. These
domain names will not be assigned by a domain name registrar because
they are internal only; they won’t include top-level domains like .com or
.net at the end and will be usable only within the network.
You want to improve performance by caching—Most DNS queries are
shared by a large number of computers. If those individual computers
don’t have to each connect to the Internet and get their domain names
resolved by your Internet service provider’s DNS server (or another
public DNS server) but can instead get that information from a server on
the local network, it could speed things up. This isn’t an issue for most
of us, but for large networks, it can be a huge benefit.
You want to ban access to a harmful domain—Maybe an email came
in to your company’s employees with a link to a specific website that is
distributing viruses and you want to prevent naïve internal network users
from accessing that website. You can change the IP address that is served
for this domain name so that it instead forwards users to an HTML page
you write up describing the problem. Your change only affects
computers on your internal network, so this is not something that will
make people outside your company angry or that they will even know is
happening.
You run a local network at home—You want to make your life a little
easier when it comes time to log in to each and perform updates, so you
want to give a name to each computer and allow access to each computer
using a pet name for each one instead of using the IP address on your
network.