6

I don't understand when named/bind is needed on (Debian) Linux systems. I understand it's related to domain name resolution but I don't understand by what it is called.

Is there any relation between named / bind9 and /etc/resolv.conf?

I'm using Linux on my desktop: do I need to run named?

I'm using Linux on servers, do I need to run named?

What if I've got a server which has no domain name attached to it and to which I only SSH in using it's IP: can I safely turn off / remove named?

What if I've got a server which has a domain name attached to its IP and is only running a webserver on port 443 / https, do I need named/bind9?

lsof says bind is listening on ports 53 (I think) and 953, but I don't know if it's externally listening or only locally:

~# lsof -i -n
COMMAND  PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
named   2488 bind   20u  IPv4   8189      0t0  TCP 127.0.0.1:domain (LISTEN)
named   2488 bind   21u  IPv6   8191      0t0  TCP [::1]:domain (LISTEN)
named   2488 bind   22u  IPv4  10931      0t0  TCP 127.0.0.1:953 (LISTEN)
named   2488 bind   23u  IPv6  10932      0t0  TCP [::1]:953 (LISTEN)
named   2488 bind  512u  IPv4   8188      0t0  UDP 127.0.0.1:domain 
named   2488 bind  513u  IPv4   8188      0t0  UDP 127.0.0.1:domain 
named   2488 bind  514u  IPv4   8188      0t0  UDP 127.0.0.1:domain 
named   2488 bind  515u  IPv4   8188      0t0  UDP 127.0.0.1:domain 
named   2488 bind  516u  IPv6   8190      0t0  UDP [::1]:domain 
named   2488 bind  517u  IPv6   8190      0t0  UDP [::1]:domain 
named   2488 bind  518u  IPv6   8190      0t0  UDP [::1]:domain 
named   2488 bind  519u  IPv6   8190      0t0  UDP [::1]:domain

If I ask which package it belongs to, it tells me:

~# apt-file search /usr/sbin/named
bind9: /usr/sbin/named

If I try to apt-get remove bind9, it tells me the following packages are no longer needed:

... ~#  apt-get remove bind9
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following packages were automatically installed and are no longer required:
  bind9utils libexpat1 libpython-stdlib libpython2.7-minimal libpython2.7-stdlib mime-support python python-minimal python2.7 python2.7-minimal

So I take so far they rely on bind9 / named.

Is it safe to remove named / bind9? What do I risk breaking by removing it?

thrig
  • 34,938
Cedric Martin
  • 2,827

2 Answers2

5

Bind is needed if you have multiple computers and you want your computer to act as a name server (DNS server) for other computers, i.e. those computers contact yours to translate host names (what users type and applications type) into IP addresses (how computers actually designate each other under the hood).

Even if you do have multiple computers, Bind is probably not useful for you if you didn't know what it is. Bind is designed for large name servers. For a typical home or small office setting, I recommend Dnsmasq. Actually, I don't — you probably have a router appliance that can do that for you (and it may be running Linux with Dnsmasq!). But if you need to run a name server on your computer, use Dnsmasq. See How to make a machine accessible from the LAN using its hostname for more details.

You do not need Bind or any other name server software if your computer isn't a DNS server. You don't need Bind on a normal client PC, on a web server, on an SSH server, etc. And you should not run it, because it has a history of security holes.

What can be useful on any computer is a caching name server, which relays DNS requests from programs running on the same machine, and caches responses to reduce the average latency of DNS requests. Dnsmasq can do that (and is included for that purpose in default installations of Ubuntu, for example).

The packages that can be removed now that you've removed the bind9 package are packages that bind9 requires, not packages that require bind9. You can remove them, though I strongly recommend to keep python (and its dependencies): there's a lot of Python software out there, so you're likely to install some soon anyway.

Community
  • 1
Gilles 'SO- stop being evil'
  • 829,060
1

You could use named for:

  1. maintaining your domain (server)

  2. working as a cache for your dns queries (server and desktop), as Linux it-self do not cache resolved dns records

Without named, your Linux will be ably to resolve dns queries by stab resolver using dns from /etc/resolv.conf or /etc/hosts file.

Artur Szymczak
  • 1,933
  • 12
  • 12
  • Linux may cache DNS records if something like nscd is employed. – thrig Feb 17 '16 at 21:05
  • @Artur Szymczak: thanks a lot, this helps a lot already. You say I could help it to maintain my domain: but can I only have the records kept by my domain name registrar and still run a server (say one IP, one domain name, only port 443 / https), without named at all? I think I'll remove it to see what happens (on a test server). – Cedric Martin Feb 18 '16 at 00:09