Dns

From gr0x0rd
Jump to navigation Jump to search

bind

You will need to have emerged openssl and openssh with the bindist USE flag disabled. After that, 

$ sudo emerge -av bind

Once up and running, edit the /etc/bind/named.conf file. There is a good resource for basic setup here. In order to get the server working, I had to disable dnssec: 

dnssec-enable no;
dnssec-validation no;

To start the server 

$ sudo /etc/init.d/named start

Add to startup 

$ sudo rc-update add named default

tinydns

tinydns is a small, dns server. It is good for hosting local zones, but doesn't provide upstream functionality like bind. 

$ sudo emerge -av daemontools djbdns

After emerging the packages, the other portions were configured as per the documentation. To start the daemontools svscan process at startup 

$ sudo rc-update add svscan default

Initial setup for all the djbdns services 

$ sudo axfrdns-conf tinydns dnslog /var/axfrdns /var/tinydns 192.168.78.100
$ sudo dnscache-conf dnscache dnslog /var/dnscache 192.168.78.100
$ sudo tinydns-conf tinydns dnslog /var/tinydns 192.168.78.100

To inform daemon-tools of the service. I've omitted axfrdns and dnscache but they would follow the same pattern. 

$ sudo ln -s /var/tinydns /service/tinydns

Managing the service

Start the svscan process 

$ sudo /etc/init.d/svscan start

Since daemontools manages the tinydns service as opposed to the gentoo RC configuration, the service management is a bit different.
To manage the service 

$ sudo svc -u /service/tinydns   # start (up) tinydns
$ sudo svc -d /service/tinydns   # stop (down) tinydns
$ sudo svc -t /service/tinydns   # reload tinydns
$ sudo svstat /service/tinydns   # check that tinydns is running

Testing the service

There are a number of ways to test and see if the tinydns instance is running. First, check netstat: 

$ sudo netstat -a -n | grep ":53"

This should yield something along the lines of 

tcp        0      0 192.168.100.22:53           0.0.0.0:*               LISTEN     
udp6       0      0 192.168.100.22:53           :::*

It's also possible to check on the service via daemontools: 

$ sudo svstat /service/*

Should show something like 

/service/axfrdns: up (pid 9084) 74 seconds
/service/tinydns: up (pid 9086) 74 seconds

Happy that the service is up and running? OK, let's test it: 

gr0x0rd@teletran4 /var/tinydns/root $ dig @192.168.78.100 www.gr0x0rd.com A

; <<>> DiG 9.10.4-P4 <<>> @192.168.78.100 www.gr0x0rd.com A
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41010
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;www.gr0x0rd.com.		IN	A

;; ANSWER SECTION:
www.gr0x0rd.com.	4000	IN	A	96.54.59.113

;; AUTHORITY SECTION:
gr0x0rd.com.		3600	IN	NS	ns.gr0x0rd.com.

;; ADDITIONAL SECTION:
ns.gr0x0rd.com.		4000	IN	A	96.54.59.113

;; Query time: 0 msec
;; SERVER: 192.168.78.100#53(192.168.78.100)
;; WHEN: Thu Jan 25 20:20:00 PST 2018
;; MSG SIZE  rcvd: 82
Retrieved from "http:///index.php?title=Dns&oldid=874"