\u00a0djbDNS DNS Server On CentOS<\/p>\n
What is djbDNS? And why do we use djbDNS? There is a new point of view to serve the dns service – each of the dns server functionalities is a separate service, like authority, cache, forward and so on.<\/p>\n
The other difference is the daemon-tools which will rapidly restart services to prevent zombies.<\/p>\n
Log in as root.<\/p>\n
# yum update<\/p>\n
# yum install gcc<\/p>\n
# mkdir pkg<\/p>\n
# cd pkg<\/p>\n
The first step is to install the daemon-tools:<\/p>\n
# cd ~\/pkg<\/p>\n
# wget http:\/\/cr.yp.to\/daemontools\/daemontools-0.76.tar.gz<\/p>\n
# gunzip daemontools-0.76.tar<\/p>\n
# tar -xpf daemontools-0.76.tar<\/p>\n
# rm -f daemontools-0.76.tar<\/p>\n
# cd admin\/daemontools-0.76<\/p>\n
# vi src\/conf-cc<\/p>\n
Append the following line at the end of the gcc line:<\/p>\n
-include \/usr\/include\/errno.h
# .\/package\/install<\/p>\n
One other package we need to prepare for djbdns to be functional is ucspi:<\/p>\n
# cd ~\/pkg<\/p>\n
# wget http:\/\/cr.yp.to\/ucspi-tcp\/ucspi-tcp-0.88.tar.gz<\/p>\n
# gunzip ucspi-tcp-0.88.tar<\/p>\n
# tar -xf ucspi-tcp-0.88.tar<\/p>\n
# cd ucspi-tcp-0.88<\/p>\n
# vi src\/conf-cc<\/p>\n
Append the following line at the end of the gcc line:<\/p>\n
-include \/usr\/include\/errno.h
# make<\/p>\n
# make setup check<\/p>\n
The next step is the document publication:<\/p>\n
# cd ~\/pkg<\/p>\n
# wget http:\/\/cr.yp.to\/djbdns\/doc.tar.gz<\/p>\n
Next we will unzip docs under \/doc:<\/p>\n
# gunzip < doc.tar.gz | (cd \/; tar -xf -)<\/p>\n
Use the following script to merge in system docs:<\/p>\n
#!\/bin\/sh
for i in packages commands cfunctions fileformats
do
\u00a0 sort -f \/dev\/null `find \/doc\/merge -name $i.html` > \/doc\/$i.new
\u00a0 mv \/doc\/$i.new \/doc\/$i.html
done<\/p>\n
Save script into a file: script.sh<\/p>\n
# chmod +x script.sh<\/p>\n
# .\/script.sh<\/p>\n
# cd ~\/pkg<\/p>\n
# wget http:\/\/cr.yp.to\/djbdns\/djbdns-1.05.tar.gz<\/p>\n
# gunzip djbdns-1.05.tar<\/p>\n
\u00a0tar -xf djbdns-1.05.tar<\/p>\n
# cd djbdns-1.05<\/p>\n
# vi src\/conf-cc<\/p>\n
Append the following line at the end of the gcc line:<\/p>\n
-include \/usr\/include\/errno.h<\/p>\n
# make<\/p>\n
# make setup check<\/p>\n
All compiling gets done.<\/p>\n
The next step is the dns server configuration.<\/p>\n
<\/p>\n
DNSCACHE
Create two system user accounts:<\/p>\n
# useradd -d \/var\/dnscache -s \/bin\/false dnscache<\/p>\n
# useradd -d \/var\/dnscache -s \/bin\/false dnslog<\/p>\n
Configure the cache:<\/p>\n
# dnscache-conf dnscache dnslog \/var\/dnscache\/dnscache <listen-IP><\/p>\n
Example: dnscache-conf dnscache dnslog \/var\/dnscache\/dnscache 192.168.20.1<\/p>\n
Allow the rest of your network to query dnscache:<\/p>\n
# touch \/var\/dnscache\/dnscache\/root\/ip\/<Net-ID><\/p>\n
Example: touch \/var\/dnscache\/dnscache\/root\/ip\/192.168<\/p>\n
Add dnscache to the list of services to be monitored by svscan:<\/p>\n
# ln -sf \/var\/dnscache\/dnscache \/service\/<\/p>\n
If you like ms-windows… you can make a reboot to be sure that all the world is in place.<\/p>\n
There is a point here that your are still not able to query from your cache server, because your clients are now able to be resolved in reverse mode.<\/p>\n
As mentioned before it’s one of the dns-cache security features to reverse-check clients. So in the next step we will work on tinydns to act for us.<\/p>\n
<\/p>\n
DNSTINY
Once again, we need two system user accounts:<\/p>\n
# useradd -d \/var\/dnscache -s \/bin\/false tinydns<\/p>\n
# useradd -d \/var\/dnscache -s \/bin\/false tinylog<\/p>\n
# tinydns-conf tinydns tinylog \/var\/dnscache\/tinydns 127.0.0.1<\/p>\n
Now it’s time to add nodes into dns database:<\/p>\n
# cd \/var\/dnscache\/tinydns\/root<\/p>\n
# .\/add-ns rmohan.com 192.168.2.1<\/p>\n
# .\/add-ns 2.168.192.in-addr.arpa 192.168.2.1<\/p>\n
# .\/add-mx rmohan.com 192.168.2.2<\/p>\n
# .\/add-host ns1.rmohan.com 192.168.2.1<\/p>\n
# .\/add-host mail.rmohan.com 192.168.2.2<\/p>\n
# .\/add-alias test.rmohan.com 192.168.2.2<\/p>\n
# make<\/p>\n
These nodes with go to the database file \/var\/dnscache\/tinydns\/root\/data that you are able to edit manually.<\/p>\n
The last step is the dns service startup:<\/p>\n
# ln -sf \/var\/dnscache\/tinydns \/service<\/p>\n","protected":false},"excerpt":{"rendered":"
djbDNS DNS Server On CentOS<\/p>\n
What is djbDNS? And why do we use djbDNS? There is a new point of view to serve the dns service – each of the dns server functionalities is a separate service, like authority, cache, forward and so on.<\/p>\n
The other difference is the daemon-tools which will rapidly restart […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[15],"tags":[],"_links":{"self":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/1684"}],"collection":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1684"}],"version-history":[{"count":3,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/1684\/revisions"}],"predecessor-version":[{"id":1688,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/1684\/revisions\/1688"}],"wp:attachment":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1684"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1684"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1684"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}