Addition/Setup.Bind.As.Cache.DNS.Server
From iRedMail
| Line 13: | Line 13: | ||
"'''named'''" gets a request for domain resolution. | "'''named'''" gets a request for domain resolution. | ||
| - | It checks whether the request can be satisfied from cache. If the answer is in cache and not stale, the request is satisfied from cache itself saving a lot of time | + | <p>It checks whether the request can be satisfied from cache. If the answer is in cache and not stale, the request is satisfied from cache itself saving a lot of time. |
| - | + | ||
If request can't be satisfied from cache, named queries the first parent. If it replies with the answer, then named will cache the response and subsequent requests for the same domain name will be satisfied from the cache. | If request can't be satisfied from cache, named queries the first parent. If it replies with the answer, then named will cache the response and subsequent requests for the same domain name will be satisfied from the cache. | ||
| - | In case first parent fails to reply, named will query the second parent and so on. | + | In case first parent fails to reply, named will query the second parent and so on.</p> |
| Line 26: | Line 26: | ||
To check the package present or not on the system, just using | To check the package present or not on the system, just using | ||
| - | rpm -qa |grep bind | + | rpm -qa |grep bind |
| - | + | rpm -qa |grep caching-nameserver | |
| - | rpm -qa |grep caching-nameserver | + | |
| Line 44: | Line 43: | ||
the package we need on cache named server is | the package we need on cache named server is | ||
| - | '''bind''' | + | *'''bind''' |
| - | '''bind-chroot''' | + | *'''bind-chroot''' |
| - | '''bind-util''' | + | *'''bind-util''' |
| - | '''caching-nameserver''' | + | *'''caching-nameserver''' |
If they are not present on your system, install using | If they are not present on your system, install using | ||
| - | + | ''yum install caching-nameserver bind-chroot'' | |
| - | ''yum install caching-nameserver bind-chroot'' | + | |
all the components we need will be installed | all the components we need will be installed | ||
| Line 70: | Line 68: | ||
The '''RED''' characters indicate that you need to enter by yourself. | The '''RED''' characters indicate that you need to enter by yourself. | ||
| - | + | // | |
| - | // | + | // named.caching-nameserver.conf |
| - | // named.caching-nameserver.conf | + | // |
| - | // | + | // Provided by Red Hat caching-nameserver package to configure the |
| - | // Provided by Red Hat caching-nameserver package to configure the | + | // ISC BIND named(8) DNS server as a caching only nameserver |
| - | // ISC BIND named(8) DNS server as a caching only nameserver | + | // (as a localhost DNS resolver only). |
| - | // (as a localhost DNS resolver only). | + | // |
| - | // | + | // See /usr/share/doc/bind*/sample/ for example named configuration files. |
| - | // See /usr/share/doc/bind*/sample/ for example named configuration files. | + | // |
| - | // | + | // DO NOT EDIT THIS FILE - use system-config-bind or an editor |
| - | // DO NOT EDIT THIS FILE - use system-config-bind or an editor | + | // to create named.conf - edits to this file will be lost on |
| - | // to create named.conf - edits to this file will be lost on | + | // caching-nameserver package upgrade. |
| - | // caching-nameserver package upgrade. | + | // |
| - | // | + | options { |
| - | options { | + | listen-on port 53 { 127.0.0.1; }; |
| - | + | listen-on-v6 port 53 { ::1; }; | |
| - | + | directory "/var/named"; | |
| - | + | dump-file "/var/named/data/cache_dump.db"; | |
| - | + | statistics-file "/var/named/data/named_stats.txt"; | |
| - | + | memstatistics-file "/var/named/data/named_mem_stats.txt"; | |
| - | + | forward first; //using external DNS if no reference on this server | |
| - | + | forwarders { | |
| - | + | 202.76.4.18; // CPCNet DNS | |
| - | + | 8.8.8.8; // Google DNS | |
| - | + | }; | |
| - | + | ||
// Those options should be used carefully because they disable port | // Those options should be used carefully because they disable port | ||
// randomization | // randomization | ||
// query-source port 53; | // query-source port 53; | ||
// query-source-v6 port 53; | // query-source-v6 port 53; | ||
| - | + | ||
| - | allow-query { localhost; }; | + | allow-query { localhost; }; |
| - | + | allow-query-cache { localhost; }; | |
| - | }; | + | }; |
| - | logging { | + | logging { |
| - | + | channel default_debug { | |
| - | + | file "data/named.run"; | |
| - | + | severity dynamic; | |
| + | }; | ||
| + | }; | ||
| + | view localhost_resolver { | ||
| + | match-clients { localhost; }; | ||
| + | match-destinations { localhost; }; | ||
| + | recursion yes; | ||
| + | include "/etc/named.rfc1912.zones"; | ||
}; | }; | ||
| - | |||
| - | |||
| - | |||
| - | |||
| - | |||
| - | |||
| - | |||
| - | |||
Revision as of 08:39, 10 March 2010
Mission
To configure a caching nameserver on a iRedMail server itself.
Advantage
Reduces the delay in domain name resolution drastically as the requests for frequently accessed domain are served from cache.
Working
"named" gets a request for domain resolution.
It checks whether the request can be satisfied from cache. If the answer is in cache and not stale, the request is satisfied from cache itself saving a lot of time. If request can't be satisfied from cache, named queries the first parent. If it replies with the answer, then named will cache the response and subsequent requests for the same domain name will be satisfied from the cache. In case first parent fails to reply, named will query the second parent and so on.
How to install
We choose BIND which is the most common package on DNS server.
To check the package present or not on the system, just using
rpm -qa |grep bind
rpm -qa |grep caching-nameserver
by default on iRedMail server, the result is:
[root@mail ~]# rpm -qa |grep bind
ypbind-1.19-12.el5
bind-libs-9.3.6-4.P1.el5_4.2
bind-utils-9.3.6-4.P1.el5_4.2
the package we need on cache named server is
- bind
- bind-chroot
- bind-util
- caching-nameserver
If they are not present on your system, install using
yum install caching-nameserver bind-chroot
all the components we need will be installed
How to configure
The main configuration file for named resides in /var/named/chroot/etc/named.caching-nameserver.conf which is also soft linked from /etc/named.caching-nameserver.conf . named configuration file supports C/C++ style comments.
Below is a configuration file for a machine for iRedMail localhost only. The comments inline explain what each option does.
Since the DNS cache server is for iRedMail local use only, so the IP listen and query is only for localhost. If you want to share the DNS caching for local network for any query, you need to modify the config file to your own.
The RED characters indicate that you need to enter by yourself.
//
// named.caching-nameserver.conf
//
// Provided by Red Hat caching-nameserver package to configure the
// ISC BIND named(8) DNS server as a caching only nameserver
// (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// DO NOT EDIT THIS FILE - use system-config-bind or an editor
// to create named.conf - edits to this file will be lost on
// caching-nameserver package upgrade.
//
options {
listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
forward first; //using external DNS if no reference on this server
forwarders {
202.76.4.18; // CPCNet DNS
8.8.8.8; // Google DNS
};
// Those options should be used carefully because they disable port
// randomization
// query-source port 53;
// query-source-v6 port 53;
allow-query { localhost; };
allow-query-cache { localhost; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients { localhost; };
match-destinations { localhost; };
recursion yes;
include "/etc/named.rfc1912.zones";
};
