Sorry it took so long to get back to you. Can you post the output of...

cat /etc/dnscache/log/run

You also may want to consider commenting out your ISP's nameserver from /etc/resolv.conf and see if you're still able to do nslookups. I suspect that your dns server isn't listening correctly and you're getting your answers from your ISP's nameserver.

You can do this...

dig google.com @127.0.0.1 -t mx

To query your own server to be sure your machine is providing the answers. Notice the -t is asking for mx records. The @127.0.0.1 means I'm only wanting answers from my DNS server running on the localhost. Check "man dig" for more options.

Also, you can convert those tai64 timestamps into "real" dates/times by doing this...

tail -f current | tai64nlocal

To check to be sure it's listening properly, run this...

netstat -nap | grep dnscache

Here's my output of this command...

As you can see in my output, I have dnscache listening on a TCP socket and it's also "listening" on a UDP socket as well. Since UDP is a stateless protocol, it's not really "listening" per se, but it's there and it's open to accepting connections. All the other "ESTABLISHED" connections is dnscache responding to queries.

Thanks for your help. I've actually just had a power spike at my house and as a result I think my modem is dead. As soon as I get things back up and running there I'll let you know and then try what you've suggested.

Thanks again.

GSee

Ok, I'm back on board. Modem was fine, switch is dead and phone lines needed to be 'rebuilt'.

All in all I'm back in action with temporary switch and everything's ok.

As soon as I get a chance I'll try the last things suggested by Donboy and post my results. I know it's been a while but I hope you're still with me for this.

Gsee

Yeah, man. I'm here. Bring it on. Whenever you're good and ready.

Sorry for the delay - here are the results from the commands you requested.


MyDNS# cat /etc/dnscache/log/run
#!/bin/sh
exec setuidgid dnslog multilog t ./main

*************************************************


MyDNS# dig www.google.com @127.0.0.1 -t mx

; <<>> DiG 9.2.3 <<>> www.google.com @127.0.0.1 -t mx
;; global options: printcmd
;; connection timed out; no servers could be reached



*****************************************************

MyDNS# netstat -nap | grep dnscache
netstat: option requires an argument -- p
usage: netstat [-Aan] [-f address_family] [-M core] [-N system]
netstat [-bdgilmnqrSstu] [-f address_family] [-M core] [-N system]
netstat [-bdn] [-I interface] [-M core] [-N system] [-w wait]
netstat [-s] [-M core] [-N system] [-p protocol]
netstat [-a] [-f address_family] [-i | -I interface]


********************************
because that didn't work I tried this
********************************

MyDNS# netstat | grep dnscache
MyDNS#



**********************************************

Thanks for your help

gsee

Oops, I think I may have told you wrong. You said earlier, I think, that you were trying to set this up on 192.168.0.5. In that case, you need to run this...

dig www.google.com @192.168.0.5 -t mx

I think your netstat command must be run as root to see the output you requested.

The network address of my DNS server is currently 192.168.1.12 thus I entered this and got that:

$ dig www.google.com@192.168.1.12 -t mx

; <<>> DiG 9.2.3 <<>> www.google.com@192.168.1.12 -t mx
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55466
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;www.google.com\@192.168.1.12. IN MX

;; AUTHORITY SECTION:
. 10800 IN SOA A.ROOT-SERVERS.NET. NSTLD.V ERISIGN-GRS.COM. 2004123000 1800 900 604800 86400

;; Query time: 1174 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Fri Dec 31 20:45:37 2004
;; MSG SIZE rcvd: 120


Even as root I couldn't get the netstat command to work, I received the same results.

Thanks again,
gsee

You know, it's been so long, I had to reread some of the previous posts just to remember what this was all about. I think it's post #13 where you identifed a problem. You said, you were having trouble doing ping www.google.com because it would say unknown host. Is it still doing that? Are you having trouble with any other domains pinging or looking up ns records?

The output of your dig command looks fine and seems like everything is working. I'm just surprised your log isn't running. Or is it now?

Did you change your resolv.conf? The IP needs to be 192.168.1.12, since that's the IP dnscache is listening on. Did you comment out your ISP's nameservers? If so, then you should be able to continue doing stuff like...

dig whatever.com
dnsip whatever.com
host 152.163.142.184 (should return info on AOL.com)

If you're able to run all of these commands and get decent answers, then it means dnscache is running and doing the queries... it HAS to be, because you haven't told resolv.conf anywhere else to look!

It seems like your logging process isn't working, for some reason. Try this...

ps -elf | grep dnslog

and see if you show it running.

I know why the dig above finally worked. At some stage I must have set /etc/resolv.conf to use 192.168.1.1 as a nameserver - this is the IP address of my modem/router so ofcourse it's going to get through.

I've changed my resolv.conf to:
nameserver 192.168.1.12
lookup file bind


Now I do these:

MyDNS# dig www.yahoo.com

; <<>> DiG 9.2.3 <<>> www.yahoo.com
;; global options: printcmd
;; connection timed out; no servers could be reached


MyDNS# dnsip www.yahoo.com
dnsip: fatal: unable to find IP address for www.yahoo.com: connection refu


Also, my hard drive is being written to every second again, as though the log file is going error... error... error... :S

I did this too:

MyDNS# ps aux | grep dnslog
dnslog 15486 0.0 0.7 92 444 ?? S 9:14AM 0:09.15 multilog t ./
root 9136 0.0 0.1 76 48 p0 R+ 2:20AM 0:00.01 grep dnslog

Any ideas?

Gsee

I keep forgetting your on BSD. Try sockstat instead of netstat. Maybe look at the man pages to be sure the flags are the same. The idea is, you want to be sure it's actually listening on those ports/IPs. Maybe try sockstat -4 and see what that does?

From what I can tell, your config is right, but there may be something wrong about running it on BSD that I don't know about.

maybe you should consult this howto...

http://www.purebsd.com/o.daemon.djbdns.php

This may be difficult looking over all these steps and see which ones differ from my howto. Obviously there are commands in there being used that I didn't have in mine, but I don't know where they are because some of those "privte" commands are not ones I recognize.

Would you agree that I should possibly just format and start again using the the purebsd document for setting this up? I never found that one when I started my endeavour, otherwise due to it being BSD specific I would have followed it first.

I can't understand what's going wrong. I don't understand setting up a DNS server well enough yet to be able to figure it out. The general intention of setting this up was to learn it all - so I guess one way or another I'm doing that. Thanks for your help.

It's 2:00PM here in Australia if I don't hear back from you in the next couple of hours I'll probably just rebuild.

Thanks immensely for your help.

Gsee

Well, I hate to recommend such an extreme. You can always just remove /etc/dnscache and pretty much start over without needing to reformat. I regret not being able to help you any better than this. I guess I just expected things to go as smoothly for you on BSD as they did for me in Linux.

I know enough about djbdns to get it installed on Linux, but on BSD I'm clueless.

Well I've formatted and have installed everything. I'm working through the djbdns document found at http://www.purebsd.com/o.daemon.djbdns.php. Everything has been going great. I have but one question so far.

The setup I'm following - as mentioned above - assues that I'm using three network interfaces. One is the local - fine, the second is for the LAN which in my case is 192.168.1.6 and the third is for the external connection. Do I have to have that? Do I have to setup a second NIC?

I'm both hoping and assuming I don't have to - but then what do I do at this point?

** " Create an authorative DNS service for the internet:
tinydns-conf tinydns dnslog \
/var/djbdns/public-tinydns 131.174.117.141 " **

131.174.117.141 is the external IP address used throughout the howto. I tried putting in my own external IP address but I don't know that that's correct.

Please help? I feel this doc is getting me further as it's more directed at BSD and I feel I'm close to being finished. By other problem is that I'm trying to set this up on a domain that doesn't exist. I'm purchasing my domain name tomorrow and will probably format and do the setup again once I've got the actual domain - it's good practice. But if I could clarify I'm doing these steps correctly I'd feel much better.

Thanks again,
Gsee

P.S. Also when I cd to /service and run svstat /service/* I get:

MyDNS# svstat /service/*
/service/private-dnscache: up (pid 12955) 1664 seconds
/service/private-tinydns: up (pid 26648) 1664 seconds
/service/public-tinydns: up (pid 19195) 1 seconds

I think the problem with public-tinydns is because of the external IP Address but I'm at a loss as to what I should have done.

Thanks

You can skip all parts that talk about tinydns because you won't need it. tinydns and dnscache don't really have anything in common, so by skipping those parts you won't be losing anything. In the lines you posted, the external IP is needed for tinydns.

I think you should remove all of the tinydns commands from your /service directory, since you're not needing them. Just go into /service and delete all the tinydns symlinks. When you're done, reboot the system and it should quit trying to start them up. I'm sure there is an easier way besides rebooting, but again, I don't know that much about BSD, so I don't know the commands needed to restart. On Linux, I can just do "init q" and everything is fixed.

By the way... reformatting each time is a bit extreme. I know you want to have your machine clean of all the remnants of tinydns, but I don't think it's necessary to reformat. If you're concerned about security... don't be. By removing the key componenets to tinydns, you've ensured that it will not be abused becuase it doesn't work! If you're concerned about disk space, don't be... tinydns doesn't take up much of anything. It's log files do, but since you're not running it yet, no log files have been created! So you're all good if you just remove the main files.

As of tomorrow I will have purchased a domain name - will I then be needing TinyDNS? My understanding is yes, I will.

Gsee