BSD Guides :: Doing Stuff With FreeBSD, NetBSD, OpenBSD, & Mac OS X

Now serving 103 guides.  RSS Feeds

KeptPrivate - Secure Private E-Mail Provider

Guide Search:

Home | Guides | Requests | Stats
Username: Password: | Forgot Password

Contribute | Register Now

Print View

djbdns dnscache
Updated: 10/16/2005


General Information

This guide will walk you through setting up a DJB dnscache resolver.

Requirements

You will need the following items to be able to complete this guide:
  1. Root access to a FreeBSD machine
  2. FreeBSD install with ports up-to-date
  3. Installed and running daemontools (svscan)

Compiling

Here is where your up-to-date ports tree comes in handy, this we are just going to compile the djbdns package.  From the options that show up, pick those that you wish to apply, the standards should suffice, unless you wish to host ipv6 IP addresses using tinydns, in which case you might want to select that.
#
#		 cd /usr/ports/dns/djbdns
make install
If you want to change what you compiled djbdns with next time, but it says that you have a saved config, type "make rmconfig" to remove the saved options and the next time you compile again you will once again be asked for the options.

Adding required users/groups

We are adding the following groups/users to be used when configuring dnscache.  If you do not add these users, you can't use dnscache!
#
#
#		 pw groupadd nofiles -g 800
pw useradd dnslog -u 810 -g 800 -c "Logging for dns" -d /usr/local/djbdns/ -s /sbin/nologin
pw useradd dnscache -u 811 -g 800 -c "dnscache" -d /usr/local/djbdns/ -s /sbin/nologin
Look at "pw userdel help" for info on removing these users if you decide to undo this entire install.

Setting up dnscache

You can install dnscache anywhere.  My personal place to put all of my tinydns/dnscache instances is in /usr/local/djbdns, so if you want yours elsewhere, please modify the following commands.
#
#		 mkdir /usr/local/djbdns
dnscache-conf dnscache dnslog /usr/local/djbdns/dnscache 127.0.0.1
This tells dnscache it should create the directory with everything in it at /usr/local/djbdns/dnscache, use dnscache as the user to run under when started with svnscan, and to use dnslog as the user to write the log files to the HD with.  The IP address on the end is the IP it has to bind to when it starts up.  If you want to let other clients connect to your dnscache server to resolve their stuff, then you need to bind it to an outward facing IP.

Starting dnscache

Tell svnscan about dnscache.  Then wait 5 seconds, and dnscache should be running.
# ln -s /usr/local/djbdns/dnscache /var/service
Well, since it is now hopefully running, we should test if it works.
# dig @127.0.0.1 0x58.com
If you get an answer, pat yourself on the back as dnscache is properly running, unless of course BIND answered that.  But unless you enabled BIND, it should not be running.  To set your dnscache as your nameserver for the entire OS, add an entry to /etc/resolv.conf
nameserver 127.0.0.1
Now do the test with dig again, this time leave out the @ symbol and look for ;; SERVER: 127.0.0.1#53(127.0.0.1)
# dig 0x58.com
That's it!

This guide is © 2005 - 2008 Jan-Willem Regeer.

Author: Jan-Willem Regeer
bsdguides at x-istence dot com


2 Comments

Posted by neomaximus2k on August 14, 2006 at 7:24:50 pm EEST

how would you go about emptying the cache?

Posted by X-Istence on December 30, 2007 at 12:59:36 am EET

neomaximus2k: You can empty the cache by restarting the services. Nothing is ever written to disk.

Login to comment.

Copyright 2003 - 2008 BSD Guides.  All rights reserved.

About | Terms of Use | Privacy | Contact