The Men & Mice Blog

The ABC's of DNS: a select glossary from the Men & Mice training archives - Part 1

Posted by Men & Mice on 4/26/19 9:43 AM

As you’ve probably discovered by now, we have an honest passion for teaching and training. For the past 20 years, Men & Mice has been offering DNS and BIND courses across the globe. Always updated and always practical, from the start we've constructed classes to address real world challenges and solve problems that our students actually face.


Beyond this series, you can also catch us in person (outside of the training courses): we’re really proud to be sponsoring RIPE78 in Reykjavik next month!

In addition to the diversity programming, we’ll also be giving two talks, presented by Carsten Strotmann, about DNS privacy and Unwind.


And the onslaught of new challenges never stops. Public and private networks. Cloud and on-prem resources. Hybrid and multiclouds. Privacy, security, efficiency.

Being on top of our game means constantly learning.

In this new series, we'd like to give you a small taste of the Men & Mice training courses. Organized alphabetically, we'll cover a glossary of select tips, tricks, and trivia that will deepen your understanding of DNS and BIND.

Without further ado, let's get started - we have a whole alphabet to cover.

A is for "anonymizing IP addresses in logfiles"

Anonymizing IP addresses is a handy trick to know, with (DNS) privacy features often requested and businesses becoming increasingly liable for traffic to and from their servers.

ipv6loganon is a Linux command line tool for anonymizing IP addresses in HTTP server logfiles. By default your webserver (be it Apache, nginx, or something else) logs every connection.This is useful for diagnosing connection issues or find malicious actors - but during normal operations it's also a liability from a privacy standpoint.

You can type man ipv6loganon in your server terminal to see all the options. Run it as a cron job or automate some other way.

B is for "BIND features roundup"

BIND is a fantastic suite of software. Whether you consciously use it or not, it's one of the most fundamental pieces in almost any network puzzle (that's why our most popular training course is titled "DNS and BIND").

Lot of people are surprised just how many tools BIND offers. For example:

  • dig is the Swiss Army Knife of network tools. So much so, that we'll be giving it its own entry at the letter 'D' in the next post. In the meantime, read man dig in your terminal, and learn to love it.
  • delv can be used to verify DNSSEC trust. It's as easy as typing delv +v www.domain.com.
  • named-checkconf -z can be used to test manual changes to DNS zonefiles.
  • dnstap is a faster alternative to query logging. (During the training courses we go deep into how to use it.)

BIND also comes with a host of security features like DNS cookies, Response Policy Zones, Response Rate Limiting, and more. The DNSB-W and DNSB-A courses cover these in detail.

C is for "catalog zones"

C is not just for cookies, but also: catalog zones. Catalog zones are special DNS zones, used to quickly propagate DNS zones from master to slave servers. Slave servers use catalog zones to recreate member zones, and if any changes occur "upstream", they're also synced across slaves using the catalog zones.

Use catalog zones for redundancy, so if your slave servers go out of commission for any reason, you can resume normal operations by quickly spinning up backups.

Want to learn more?

In this DNS glossary series, we focus on just a handful of concepts in each post. Bite-sized, they're but the tip of the iceberg. Our training program is where all of these concepts come to exist in the right context - and you get to try your hand at putting newly learnt skills in action.

  • If you’re new to DNS, we offer the DNS & BIND Fundamentals (DNSB-F) course. It’s part of the DNS & BIND Week (DNSB-W) and serves as a shorter introduction to the world of DNS and BIND.
  • If you’re already familiar with the basics, the full five-day DNS & BIND Week (DNSB-W) course takes you deeper into DNS, including a heavy emphasis on security, stopping just short of DNSSEC (for which we offer a separate course).
  • And if you're looking for even more, we offer the DNS & BIND Advanced (DNSB-A) program, getting into the deep end of things.

Check out our training calendar for 2019, and reach out to us with any questions. 

Topics: IT best practices, DNS training, RIPE 78

Doing DNS better: DNS (and BIND) Training with Men & Mice

Posted by Greg Fazekas on 3/27/19 11:49 AM

DNS is the core mechanism of the internet. And, as all technology does, it keeps evolving and changing, even if its primary function hasn’t changed all that much. DNS makes networks work, but in turn we have to make DNS work.

Because it’s so critically important to networks, DNS is also a prime target for attack. With the Internet-of-Things bringing online hundreds of thousands of devices every hour (!) of every day, the attack vectors for malicious elements are multiplying exponentially. And beyond DDoS striking fear in every network manager’s heart, the most constant threat to any network still remains the most basic one: easy-to-miss configuration errors.

Safeguards from smart vendors (like our own xDNS Redundancy™) help protect against DNS errors and DNS attacks such as DDoS. Training your staff protects against human error. Learning how to configure, manage, and defend DNS effectively yields both obvious and unexpected benefits to any business’s network. If you want to keep your critical business infrastructure running smoothly,  your network staff needs to be able to grasp DNS from every angle.

That’s where we come in.

Learn DNS with Men & Mice

DNS_DNSSEC_BINDtraining

 

Men & Mice has been offering DNS training for 20 years, since 1999. Our training program has educated students throughout the birth and boom of the internet. We’ve played a critical role in strategy and management of network growth all along.

Having a comprehensive training program that allows entry for any knowledge level is instrumental, as we know students seek out our courses with various objectives in mind. Courses are designed to provide both a renewed examination of existing knowledge, with new best practices, to expert students as well as  fundamental, practical information for beginners.

New call-to-action

A new and improved courses - for everyone39

How we teach DNS is constantly evolving, in sync with innovations in DNS technology. For example, our courses have been augmented with new security and monitoring materials, new sections on RPZ, RRL, DNS Cookies and dnstap. All these sections include laboratory exercises for hands-on experience.  Other brand new material covers minimal ANY, DNS looking glasses, and packet capture (passive replication). We have added additional quizzes and several new labs, such as challenging debugging labs.

So which course is a perfect fit for you?

If you’re new to DNS, we recommend the DNS & BIND Fundamentals (DNSB-F) program. It’s part of the DNS & BIND Week (DNSB-W) and serves as a shorter introduction to the world of DNS and BIND.

If you’re already familiar with the basics, the full five-day DNS & BIND Week (DNSB-W) course takes you deeper into DNS, including  a heavy emphasis on security, stopping just short of DNSSEC (for which we offer a separate course).

For those looking for even more, we offer the DNS & BIND Advanced (DNSB-A) program. The DNSB-A gets into the full depths of DNS and BIND with topics such as

  • new ISC binary releases for Linux distributions that were added last summer,

  • the change to dnssec-keygen beginning in BIND 9.13,

  • catalog zones,

  • packet capture (passive replication),

  • and more.

And for those of you curious about whether the BIND training addresses the most recent versions of BIND:  Both DNS & BIND Fundamentals (DNSB-F) and DNS & BIND Week (DNSB-W), as well as the DNS & BIND Advanced (DNSB-A) course have not only been updated to 9.11, but also addresses changes in 9.12 and 9.13.

DNS training for the real world

Our instructors and program coordinators value comprehensive, practical teaching methods. As such, our course materials are decidedly not "animated user manuals" - they cover DNS contextually, with real-world examples and hands-on labs. As one of our recent students put it:

“I was very impressed with everything about Men and Mice. The communication, the facilities, the instructor, the material. Everything about my class was really awesome, knowledgeable, and engaging. They never let us just sit there, always brought us into the lesson, and also gave great examples to help us understand concepts. I would take any class they taught.” (Michelle Boyd, Systems Engineer, Southwest Airlines)

Upcoming course dates include courses offered near Denver, Colorado in April, as well as Gdansk, Poland and Reston, Virgina, in June. We're also adding courses for Fall 2019 across North America (US, Canada), Ireland, The Netherlands and Switzerland. Stay tuned for more details.  To learn more about the Men & Mice Training Program and see what’s available in your neck of the woods, visit https://menandmice.com/training.


 

Topics: BIND, DNS training, ip infrastructure

New Year Resolution: 20th Anniversary of Men & Mice DNS & BIND Training

Posted by Greg Fazekas on 1/10/19 12:12 PM

 

New Year, Newly Trained You!

Many people love to use the new year as an opportunity to set goals for self-improvement. Whether it’s improving health or taking a chance on yourself to go for those big career goals you’ve been putting off.

If you’ve been looking for the perfect opportunity to either learn DNS & BIND or refresh your knowledge, we have the perfect series of courses to bring you up to speed.

For 20 years Men & Mice Training has helped professionals in Network Management, including executives, System Administrators, Network Architects and Network Managers learn principles, best practices and strategies for DNS and BIND.

Why learn DNS?

Nothing in the Digital Era happens without DNS. Business functions and services are increasingly, exclusively online, as are nearly all areas of our lives. DNS makes networks work. If you want to know how to keep things running smoothly online, then it helps to fully understand DNS.

Suffice to say, DNS is important.

Why learn from Men & Mice?

It'd be easy to point to our track record (since 1990!) of developing DNS, DHCP, and IPAM software solutions to highlight why we feel (and our students feel) that our DNS & BIND courses are exceptional. Since 1999, we’ve offered independent public and onsite private training to professionals and organizations such as:

  • Top Level Domain (TLD) operators,

  • DNS registrars,

  • Governments,

  • Universities,

  • Enterprise and SMB businesses

Our instructors and program coordinators value comprehensive, practical teaching methods. As such, our course materials are decidedly not "animated user manuals" - they cover DNS contextually, with real world examples and hands-on labs.

Our 2019 resolution was to augment our course materials to include new sections on DNS Cookies, Response Policy Zones (RPZ), Response Rate Limiting (RRL), and DNSTAP as well as other refinements including the introduction of new debugging labs. This resolution aligns with our ongoing commitment to ensure our courses are relevant to real wold scenarios and stay up-to-date.

In short, you'll learn what DNS is, what it means today, and why having this knowledge is valuable to your own career growth and to your company’s network.

Training designed for context

Men & Mice offers two main training paths: DNS & BIND Week (DNSB-W) and DNS & BIND Advanced (DNSB-A).

The former covers the fundamentals, with practical training and tactical application.

For those peripherally working with DNS, or looking to learn the basics, the first three days of DNS & BIND Week is available as DNS & BIND Fundamentals (DNSB-F).

The latter DNSB-A, and the security focused DNSSEC & BIND that we will offer again this year, teaches the ins and outs of DNS mastery, and the subsequent use cases and resulting business values.

Even experienced network professionals get value out DNS & BIND Week, like this student who took our course in 2019:

"I've been using the internet since the days of gopher in 1995.  And running networked linux systems since 1997. But this course refreshed my understanding of the fundamentals of the internet more than anything else I've done in the last 21 years."

When, where, and how

Men & Mice offers training courses and certifications in_ (1)

To learn about the Men & Mice Training Program, take a look below and visit https://menandmice.com/training.

 

MARCH 4 - 8, 2019

AMSTERDAM, NETHERLANDS

 

APRIL 22 – 26, 2019

CENTENNIAL, CO, USA (NEAR DENVER)

 

JUNE 3 –7, 2019

GDANSK, POLAND

 

JUNE 24 - 28, 2019

RESTON, VA, USA (NEAR WASHINGTON DC)

New call-to-action

 

Topics: BIND, DNS training, Response Rate Limiting (RRL), Response Policy Zones (RPZ), DNSTAP, DNS Cookies, hybrid dns, network management, day-to-day IT

DNS Cookies, Response Policy Zones (RPZ), Response Rate Limiting (RRL) and DNSTAP added to Training course curriculum.

Posted by Greg Fazekas on 11/13/18 7:27 AM

If you’re looking to advance your understanding of one of the most fundamental aspects of public and private networks, from the internet to corporate intrawebs, consider that Men & Mice has been delivering DNS and BIND training courses since 1999.

menandmice_unified_console_

In the coming year, we will augment these popular courses with entirely new sections on DNS Cookies, Response Policy Zones (RPZ), Response Rate Limiting (RRL) and DNSTAP as well as updates on DNS Security and DNSSEC. Many other enhancements are also being rolled out in 2019 for the DNS & BIND courses, including refinements to course materials and the introduction of new labs (including Debugging labs). Register today, to secure your spot in one of our upcoming courses.

To ensure there is a conveniently located training program nearby, Men & Mice Training events have taken place in locations spanning four continents, and deliver learning opportunities to organizations of all sizes and functions, such as:


  • Top Level Domain (TLD) operators,
  • DNS registrars,
  • Governments,
  • Universities,
  • Enterprise and SMB businesses

DNS&BIND trainingsMen & Mice's work in developing DNS, DHCP, and IP Address management (DDI) solutions has led to the development of the vendor and environment-agnostic Men & Mice Suite, which provides a holistic DDI overlay for simplifying complex management of critical network infrastructure for enterprise organizations.

The development of our public training courses and private on-site training programs utilizes our deep expertise in DNS and BIND. The courses, which are  independent from our software solution, are designed to strengthen DNS know-how both for individual career development and to bolster expertise across network teams.

Not only useful for beginners, they’re valued by those with years of expertise. Here's what as student from one of our fall 2018 courses had to say:

“There's nothing more basic to the internet than DNS.  I've been using the internet since the days of gopher in 1995.  And running networked linux systems since 1997. But this course refreshed my understanding of the fundamentals of the internet more than anything else I've done in the last 21 years. By teaching me in-depth how the internet WORKS.”

Our training courses are designed to cater to both new students and seasoned professionals. Students often realize that while their base knowledge is valuable, taking a different approach illuminates concepts they weren't aware of before. They return to work with a deeper understanding of how their roles, tasks and input related to DNS, as well as that of their colleagues, impacts the entirety of the network.

Comprehensive Training in DNS & BIND

trainingl-1

DNS & BIND Week (DNSB-W) provides an overall understanding of the fundamental building blocks of a network.

Students get hands-on workshop experience with DNS in a practical environment. Men & Mice maximizes the efficiency of training sessions by promoting tactical application rather than simply studying, pointing out along the way the large-scale correlations born from localized concepts.

DNS & BIND Advanced (DNSB-A) - following the DNSB-W and DNSB-F programs - and DNSSEC & BIND (DNSSECB) - offered again in 2019 - programs offer more advanced knowledge and practice. Designed primarily for those responsible for some of the most mission-critical of internet services - such as DNS registrars and TLD operators - they bring students to the top of their expertise.

Foundational Training in DNS & BIND

For those peripherally working with DNS, or looking to learn the basics, the first three days of DNS & BIND Week is available as DNS & BIND Fundamentals (DNSB-F).

To learn about the Men & Mice Training Program, visit our menandmice.com/training.

New call-to-action

UPCOMING COURSES:

NOVEMBER 12 –

NOVEMBER 16, 2018

ZURICH, SWITZERLAND

 
2019

 

LOCATION  

MARCH 4 –

MARCH 8, 2019

AMSTERDAM, NETHERLANDS

 

APRIL 22 –

APRIL 26, 2019

CENTENNIAL, CO, USA (NEAR DENVER)

 

JUNE 3 –

JUNE 7, 2019

GDANSK, POLAND

 

JUNE 24 –

JUNE 28, 2019

RESTON, VA, USA (NEAR WASHINGTON DC)

 

Topics: Men & Mice, DNSSEC, BIND, DNS training, Response Rate Limiting (RRL), Response Policy Zones (RPZ), DNSTAP, DNS Cookies

DNS and BIND  Training with Men & Mice

Posted by Men & Mice on 6/13/18 7:55 AM

trainingl

In the first half of 2018, Men & Mice Training taught courses in five countries with students flying in from across time zones and from other continents. Participants came from three different ccTLDs, from national governments, and from both major enterprise corporations and smaller institutions.

We are proud of our reputation for delivering exceptional training courses, positive student feedback, and humbled by the effort that people make to attend. However, we're committed to making attending easier.

New DNS & BIND fall 2018 courses added

ddi_menandmiceFive new public courses have been added to our schedule this fall, from September through November 2018.

We've also begun soliciting student feedback on where we should hold our next courses. Based on initial feedback, classes have already been scheduled for two locations where we've previously never taught: Denver, Colorado, USA, and Geneva, Switzerland.

Our most popular public course is DNS & BIND Week (DNSB-W).

DNS & BIND Week is ideal for anyone just starting in the DNS world, but most commonly attended by those knowledgeable about DNS, and by experienced BIND administrators. Those with previous skills report that the start of the course, which assumes nothing, fills in gaps in their knowledge and corrects misconceptions, and the course moves on to unknown topics and new material. All Men & Men courses are hands-on, full of laboratory exercises. 

If you want to get trained ASAP, this is your chance.

SUMMER COURSES

Space is limited but still available.

June 25 – 29, 2018 – Zurich, Switzerland

FALL COURSES 

September 17 – September 21, 2018  Europe (City TBD)


September 24 – September 28, 2018  Geneva, Switzerland


October 15 – October 19, 2018      Denver, Colorado, USA


October 22 – October 26, 2018      North America (City TBD)


November 12 – November 16, 2018    Zurich, Switzerland

DNS & BIND Fundamentals (DNSB-F): is the first three days of DNS & BIND Week.

Who attends: Those who work peripherally with DNS. After the course, many wish they had attended the entire week. For them, we offer DNS & BIND Advanced (DNSB-A), which is the final two days of DNS & BIND Week.

Looking ahead, in 2019 we plan to begin offering our three day DNSSEC & BIND (DNSSECB) course publicly. It is currently only available for private, on-site corporate training.

Register now

Topics: BIND, DNS training, DNS events

Thinking of doing DNS better?

Posted by Men & Mice on 3/20/18 10:27 AM

I train, therefore I am

Or that’s what Descartes may have said if he’d been thinking his thoughts in 2018.

Mind you, this blog is not about thinking and it’s not about physical training either, like running or wife carrying or stuff like that. It’s more about training as in training for the mind. Learning useful things. Like how to configure BIND, debug DNS, figure out TSIGs or what DNSSEC can do for your network. Basically, the kind of training that helps you build a leaner, stronger, fitter network, and create the system resilience needed to deliver those constantly surging numbers of packets to their right destination, faster and more securely.

DNS sync.png

Getting DNS skills in sync

Since 1999, Men & Mice has been known for running effective and efficient DNS & BIND training courses worldwide. Previous offerings included open, public courses in a number of locations, as well as private on-site training on request.

Beginning in 2018, we are putting a little extra effort and logging a few more air-miles, making it much easier for you to attend, wherever you are.  We’re extending our public offerings into new destinations, with upcoming courses scheduled in California, New York, Switzerland, England and Israel, with additional courses to be added as the year progresses. See the schedule at menandmice.com/training/

To get the hang of running a better network, sign up for the 3-day DNS & BIND Fundamentals, or take our most popular course and spend 5 days sinking your teeth deeper into the subject matter in DNS & BIND Week. A range of on-site training options is also on offer.

Reach out to Men & Mice Training to register for a course, ask questions, log comments, or to recommend additional locations for future public offerings.

In the meantime, check out the dates and feast your eyes on the list of topics covered by our hands-on courses, taught by DNS experts.

Happy training!

Topics: Men & Mice, DNS, BIND, DNS training

Why follow Men & Mice?

The Men & Mice blog publishes educational, informational, as well as product-related material for everyone and anyone interested in IP Address Management, DNS, DHCP, IPv6, DNSSEC and more.

Subscribe to Email Updates

Recent Posts