Difference between revisions of "Dns"
(Created page with "This was done following the installation on ns2 done a few weeks previous. $ sudo emerge -av daemontools djbdns After emerging the packages, the other portions were confi...") |
|||
| (One intermediate revision by the same user not shown) | |||
| Line 1: | Line 1: | ||
| − | + | ||
| + | === bind === | ||
| + | |||
| + | You will need to have emerged openssl and openssh with the '''bindist''' USE flag disabled. After that, | ||
| + | $ sudo emerge -av bind | ||
| + | Once up and running, edit the ''/etc/bind/named.conf'' file. There is a good resource for basic setup [https://wiki.gentoo.org/wiki/BIND/Guide here]. In order to get the server working, I had to disable dnssec: | ||
| + | <pre> | ||
| + | dnssec-enable no; | ||
| + | dnssec-validation no; | ||
| + | </pre> | ||
| + | To start the server | ||
| + | $ sudo /etc/init.d/named start | ||
| + | Add to startup | ||
| + | $ sudo rc-update add named default | ||
| + | |||
| + | === tinydns === | ||
| + | |||
| + | tinydns is a small, dns server. It is good for hosting local zones, but doesn't provide upstream functionality like bind. | ||
| + | |||
$ sudo emerge -av daemontools djbdns | $ sudo emerge -av daemontools djbdns | ||
After emerging the packages, the other portions were configured as per the documentation. To start the daemontools svscan process at startup | After emerging the packages, the other portions were configured as per the documentation. To start the daemontools svscan process at startup | ||
Latest revision as of 22:42, 28 January 2018
bind
You will need to have emerged openssl and openssh with the bindist USE flag disabled. After that,
$ sudo emerge -av bind
Once up and running, edit the /etc/bind/named.conf file. There is a good resource for basic setup here. In order to get the server working, I had to disable dnssec:
dnssec-enable no; dnssec-validation no;
To start the server
$ sudo /etc/init.d/named start
Add to startup
$ sudo rc-update add named default
tinydns
tinydns is a small, dns server. It is good for hosting local zones, but doesn't provide upstream functionality like bind.
$ sudo emerge -av daemontools djbdns
After emerging the packages, the other portions were configured as per the documentation. To start the daemontools svscan process at startup
$ sudo rc-update add svscan default
Initial setup for all the djbdns services
$ sudo axfrdns-conf tinydns dnslog /var/axfrdns /var/tinydns 192.168.78.100 $ sudo dnscache-conf dnscache dnslog /var/dnscache 192.168.78.100 $ sudo tinydns-conf tinydns dnslog /var/tinydns 192.168.78.100
To inform daemon-tools of the service. I've omitted axfrdns and dnscache but they would follow the same pattern.
$ sudo ln -s /var/tinydns /service/tinydns
Managing the service
Start the svscan process
$ sudo /etc/init.d/svscan start
Since daemontools manages the tinydns service as opposed to the gentoo RC configuration, the service management is a bit different.
To manage the service
$ sudo svc -u /service/tinydns # start (up) tinydns $ sudo svc -d /service/tinydns # stop (down) tinydns $ sudo svc -t /service/tinydns # reload tinydns $ sudo svstat /service/tinydns # check that tinydns is running
Testing the service
There are a number of ways to test and see if the tinydns instance is running. First, check netstat:
$ sudo netstat -a -n | grep ":53"
This should yield something along the lines of
tcp 0 0 192.168.100.22:53 0.0.0.0:* LISTEN udp6 0 0 192.168.100.22:53 :::*
It's also possible to check on the service via daemontools:
$ sudo svstat /service/*
Should show something like
/service/axfrdns: up (pid 9084) 74 seconds /service/tinydns: up (pid 9086) 74 seconds
Happy that the service is up and running? OK, let's test it:
gr0x0rd@teletran4 /var/tinydns/root $ dig @192.168.78.100 www.gr0x0rd.com A
; <<>> DiG 9.10.4-P4 <<>> @192.168.78.100 www.gr0x0rd.com A ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41010 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;www.gr0x0rd.com. IN A ;; ANSWER SECTION: www.gr0x0rd.com. 4000 IN A 96.54.59.113 ;; AUTHORITY SECTION: gr0x0rd.com. 3600 IN NS ns.gr0x0rd.com. ;; ADDITIONAL SECTION: ns.gr0x0rd.com. 4000 IN A 96.54.59.113 ;; Query time: 0 msec ;; SERVER: 192.168.78.100#53(192.168.78.100) ;; WHEN: Thu Jan 25 20:20:00 PST 2018 ;; MSG SIZE rcvd: 82