What can djbdns, (or any DNS Server/cacher) do for me?
*BSDThis forum is for the discussion of all BSD variants.
FreeBSD, OpenBSD, NetBSD, etc.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Sorry it took so long to get back to you. Can you post the output of...
cat /etc/dnscache/log/run
You also may want to consider commenting out your ISP's nameserver from /etc/resolv.conf and see if you're still able to do nslookups. I suspect that your dns server isn't listening correctly and you're getting your answers from your ISP's nameserver.
You can do this...
dig google.com @127.0.0.1 -t mx
To query your own server to be sure your machine is providing the answers. Notice the -t is asking for mx records. The @127.0.0.1 means I'm only wanting answers from my DNS server running on the localhost. Check "man dig" for more options.
Also, you can convert those tai64 timestamps into "real" dates/times by doing this...
tail -f current | tai64nlocal
To check to be sure it's listening properly, run this...
As you can see in my output, I have dnscache listening on a TCP socket and it's also "listening" on a UDP socket as well. Since UDP is a stateless protocol, it's not really "listening" per se, but it's there and it's open to accepting connections. All the other "ESTABLISHED" connections is dnscache responding to queries.
Thanks for your help. I've actually just had a power spike at my house and as a result I think my modem is dead. As soon as I get things back up and running there I'll let you know and then try what you've suggested.
Ok, I'm back on board. Modem was fine, switch is dead and phone lines needed to be 'rebuilt'.
All in all I'm back in action with temporary switch and everything's ok.
As soon as I get a chance I'll try the last things suggested by Donboy and post my results. I know it's been a while but I hope you're still with me for this.
Oops, I think I may have told you wrong. You said earlier, I think, that you were trying to set this up on 192.168.0.5. In that case, you need to run this...
You know, it's been so long, I had to reread some of the previous posts just to remember what this was all about. I think it's post #13 where you identifed a problem. You said, you were having trouble doing ping www.google.com because it would say unknown host. Is it still doing that? Are you having trouble with any other domains pinging or looking up ns records?
The output of your dig command looks fine and seems like everything is working. I'm just surprised your log isn't running. Or is it now?
Did you change your resolv.conf? The IP needs to be 192.168.1.12, since that's the IP dnscache is listening on. Did you comment out your ISP's nameservers? If so, then you should be able to continue doing stuff like...
dig whatever.com
dnsip whatever.com
host 152.163.142.184 (should return info on AOL.com)
If you're able to run all of these commands and get decent answers, then it means dnscache is running and doing the queries... it HAS to be, because you haven't told resolv.conf anywhere else to look!
It seems like your logging process isn't working, for some reason. Try this...
I know why the dig above finally worked. At some stage I must have set /etc/resolv.conf to use 192.168.1.1 as a nameserver - this is the IP address of my modem/router so ofcourse it's going to get through.
I've changed my resolv.conf to:
nameserver 192.168.1.12
lookup file bind
I keep forgetting your on BSD. Try sockstat instead of netstat. Maybe look at the man pages to be sure the flags are the same. The idea is, you want to be sure it's actually listening on those ports/IPs. Maybe try sockstat -4 and see what that does?
From what I can tell, your config is right, but there may be something wrong about running it on BSD that I don't know about.
This may be difficult looking over all these steps and see which ones differ from my howto. Obviously there are commands in there being used that I didn't have in mine, but I don't know where they are because some of those "privte" commands are not ones I recognize.
Would you agree that I should possibly just format and start again using the the purebsd document for setting this up? I never found that one when I started my endeavour, otherwise due to it being BSD specific I would have followed it first.
I can't understand what's going wrong. I don't understand setting up a DNS server well enough yet to be able to figure it out. The general intention of setting this up was to learn it all - so I guess one way or another I'm doing that. Thanks for your help.
It's 2:00PM here in Australia if I don't hear back from you in the next couple of hours I'll probably just rebuild.
Well, I hate to recommend such an extreme. You can always just remove /etc/dnscache and pretty much start over without needing to reformat. I regret not being able to help you any better than this. I guess I just expected things to go as smoothly for you on BSD as they did for me in Linux.
I know enough about djbdns to get it installed on Linux, but on BSD I'm clueless.
Well I've formatted and have installed everything. I'm working through the djbdns document found at http://www.purebsd.com/o.daemon.djbdns.php. Everything has been going great. I have but one question so far.
The setup I'm following - as mentioned above - assues that I'm using three network interfaces. One is the local - fine, the second is for the LAN which in my case is 192.168.1.6 and the third is for the external connection. Do I have to have that? Do I have to setup a second NIC?
I'm both hoping and assuming I don't have to - but then what do I do at this point?
** " Create an authorative DNS service for the internet:
tinydns-conf tinydns dnslog \
/var/djbdns/public-tinydns 131.174.117.141 " **
131.174.117.141 is the external IP address used throughout the howto. I tried putting in my own external IP address but I don't know that that's correct.
Please help? I feel this doc is getting me further as it's more directed at BSD and I feel I'm close to being finished. By other problem is that I'm trying to set this up on a domain that doesn't exist. I'm purchasing my domain name tomorrow and will probably format and do the setup again once I've got the actual domain - it's good practice. But if I could clarify I'm doing these steps correctly I'd feel much better.
Thanks again,
Gsee
P.S. Also when I cd to /service and run svstat /service/* I get:
MyDNS# svstat /service/*
/service/private-dnscache: up (pid 12955) 1664 seconds
/service/private-tinydns: up (pid 26648) 1664 seconds
/service/public-tinydns: up (pid 19195) 1 seconds
I think the problem with public-tinydns is because of the external IP Address but I'm at a loss as to what I should have done.
You can skip all parts that talk about tinydns because you won't need it. tinydns and dnscache don't really have anything in common, so by skipping those parts you won't be losing anything. In the lines you posted, the external IP is needed for tinydns.
I think you should remove all of the tinydns commands from your /service directory, since you're not needing them. Just go into /service and delete all the tinydns symlinks. When you're done, reboot the system and it should quit trying to start them up. I'm sure there is an easier way besides rebooting, but again, I don't know that much about BSD, so I don't know the commands needed to restart. On Linux, I can just do "init q" and everything is fixed.
By the way... reformatting each time is a bit extreme. I know you want to have your machine clean of all the remnants of tinydns, but I don't think it's necessary to reformat. If you're concerned about security... don't be. By removing the key componenets to tinydns, you've ensured that it will not be abused becuase it doesn't work! If you're concerned about disk space, don't be... tinydns doesn't take up much of anything. It's log files do, but since you're not running it yet, no log files have been created! So you're all good if you just remove the main files.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.