PDA

Click to See Complete Forum and Search --> : Setting up caching DNS server

victorzhang
09-02-2002, 02:46 AM
Hi all
I am setting up caching DNS server according to DNS howto,but when I setup all necessary files,but when I ping www.yahoo.com,ping returns "unknown host www.yahoo.com".I don't know where is the problem.
Below is the configure files.

Thanks
Victor

/etc/named.conf
================

options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};

//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};

zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};

include "/etc/rndc.key";


/var/named/named.ca
====================

; This file holds the information on root name servers needed to
; initialize cache of Internet domain name servers
; (e.g. reference this file in the "cache . <file>"
; configuration file of BIND domain name servers).
;
; This file is made available by InterNIC registration services
; under anonymous FTP as
; file /domain/named.root
; on server FTP.RS.INTERNIC.NET
; -OR- under Gopher at RS.INTERNIC.NET
; under menu InterNIC Registration Services (NSI)
; submenu InterNIC Registration Archives
; file named.root
;
; last update: Aug 22, 1997
; related version of root zone: 1997082200
;
;
; formerly NS.INTERNIC.NET
;
. 3600000 IN NS A.ROOT-SERVERS.NET.
A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
;
; formerly NS1.ISI.EDU
;
. 3600000 NS B.ROOT-SERVERS.NET.
B.ROOT-SERVERS.NET. 3600000 A 128.9.0.107
;
; formerly C.PSI.NET
;
. 3600000 NS C.ROOT-SERVERS.NET.
C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12
;
; formerly TERP.UMD.EDU
;
. 3600000 NS D.ROOT-SERVERS.NET.
D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90
;
; formerly NS.NASA.GOV
;
. 3600000 NS E.ROOT-SERVERS.NET.
E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10
;
; formerly NS.ISC.ORG
;
. 3600000 NS F.ROOT-SERVERS.NET.
F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241
;
; formerly NS.NIC.DDN.MIL
;
. 3600000 NS G.ROOT-SERVERS.NET.
G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4
;
; formerly AOS.ARL.ARMY.MIL
;
. 3600000 NS H.ROOT-SERVERS.NET.
H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53
;
; formerly NIC.NORDU.NET
;
. 3600000 NS I.ROOT-SERVERS.NET.
I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17
;
; temporarily housed at NSI (InterNIC)
;
. 3600000 NS J.ROOT-SERVERS.NET.
J.ROOT-SERVERS.NET. 3600000 A 198.41.0.10
;
; housed in LINX, operated by RIPE NCC
;
. 3600000 NS K.ROOT-SERVERS.NET.
K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129
;
; temporarily housed at ISI (IANA)
;
. 3600000 NS L.ROOT-SERVERS.NET.
L.ROOT-SERVERS.NET. 3600000 A 198.32.64.12
;
; housed in Japan, operated by WIDE
;
. 3600000 NS M.ROOT-SERVERS.NET.
M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33
; End of File

/var/named/localhost.zone
=========================
$TTL 86400
$ORIGIN localhost.
@ 1D IN SOA @ root (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum

1D IN NS @
1D IN A 127.0.0.1

/var/named/named.local
=======================
$TTL 86400
@ IN SOA localhost. root.localhost. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS localhost.

1 IN PTR localhost.

/etc/rndc.key
=============
key "rndckey" {
algorithm hmac-md5;
secret "JpaUbtkocpQ0GjHFDZbWBxcrQYkXldRy0TiSQdEoVYPfEkNys0 oZbEdMmDQV";
};

/etc/rndc.conf
==============
options {
default-server localhost;
default-key rndckey;
};

server localhost {
key rndckey;
};

key rndckey {
algorithm hmac-md5;
secret "JpaUbtkocpQ0GjHFDZbWBxcrQYkXldRy0TiSQdEoVYPfEkNys0 oZbEdMmDQV";
};
jumpedintothefire
09-02-2002, 09:00 AM
Here is what I use from my bind 8.2.1 setup:

change "ip of isp's serv" to you isp's dns server.
change "10.2.0/24; " to match your network.

#/etc/named.conf

---------------
options {
directory "/var/named";
forward first;

forwarders {
ip of isp's serv;
ip of isp's serv;
ip of isp's serv;
};
listen-on port 53 {
10.2.0/24; 127/8;
};
};

zone "." {
type hint;
file "named.ca";
};

zone "0.0.127.in-addr.arpa" {
type master;
file "named.local";
};

---------------

hope it helps
victorzhang
09-02-2002, 08:36 PM
As your setup for your DNS,I think strictly speaking it is not a caching name server,it is a forwarding name server.
A purely caching name server doesn't contain "forward" statement,it can have "type hint" statement,which lists all root name servers.

I have modified my named.conf as yours,now it worked perfectly.
One more question:setting up a caching name server in linux when you use dynamic IP address/dial up networking,how much benefit can we get from it than setting my linux box to be a dns client?
Setting up forwarders can gain load balance for a real name server,but for us,it seems much is lost during the intermidate processing.
Any opinion?

Thanks
Victor
jumpedintothefire
09-02-2002, 08:56 PM
Why would you like to always contact a root server on the other side of the internet, 20 hops or more? 3-10 hops to your isp is much quicker, IMHO. If your isp 'fails' (read blocks) a dns lookup, you could point the one of forwarders elsewhere....