LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   DNS Caching Only Config Help (https://www.linuxquestions.org/questions/linux-networking-3/dns-caching-only-config-help-757748/)

unixanalyst 09-25-2009 11:21 AM
DNS Caching Only Config Help
 
Hi Chaps and Chappettes,

I've had a short period of time recently to learn and implement DNS cache-only in our organisation. Trouble is, according to my tcpdumps, the amount of traffic on port 53 has increased. This is of course the exact opposit of the desired effect. Would y'all mind looking over my config?

FYI, the machine is an Exim MTA handling mail traffic. There are 2 internal and 2 external DNS servers as well as this machine. resolv.conf is pointed to local. Stuff I dig appears in the cache dump. I'm not sure if I should have the zone specified as there is no zonefile on this machine, but it did seem to get the internal traffic going again.

RHEL 5 2.6.18-128.1.6.el5PAE
BIND 9.3.4-10.P1.el5

Many, many thanks for any help.

named.conf:
Code:
options {
  forwarders { ip_of_external_1; ip_of_external_2; };
  forward first;
  directory "/var/named" ;
  dump-file "dump/named_dump.db";
  allow-query { any; };
  allow-recursion { any; };
  allow-transfer { none; };
  allow-notify { none; };
  listen-on-v6 { none; };
  recursive-clients 3500;
  version none;
  zone-statistics yes;
  notify no;
  auth-nxdomain no;
  };

logging{
  channel simple_log {
    file "named.log" versions 3 size 5m;
    severity dynamic;
    print-time yes;
    print-severity yes;
    print-category yes;
  };
  category default{
    simple_log;
  };
  category lame-servers {
    null;
  };
};

zone "orgname.com" {
        type forward;
        forwarders { ip_of_internal_1; 2ip_of_internal_2; ip_of_internal_1_service_ip; ip_of_internal_2_service_ip; };
};

zone "0.0.127.in-addr.arpa" {
        type master;
        file "db.127.0.0";
};
db.127.0.0:
Code:
$TTL 345600
@              IN      SOA    localhost. root.localhost.      (
                                00      ; Serial
                                86400  ; Refresh
                                7200    ; Retry
                                2592000 ; Expire
                                345600) ; Minimum

                IN      NS      localhost.
1              IN      PTR    localhost.

bathory 09-26-2009 12:12 PM
Hi,

What you have done is a forwarding dns. It always forwards queries to forwarders, even if the response exist in its cache. To setup a caching dns, remove the 2 lines (forward, forwarders) from the global options and add the hint "." zone:
Code:
zone "." IN {
        type hint;
        file "root.db";
};
You can get a fresh root.db zone file, running:
Code:
dig @a.root-servers.net . ns > root.db
Regarding the orgname.com zone, you can keep forwarding if you want, or you can make your dns a secondary for that domain in order to reduce the traffic.

Regards

unixanalyst 09-28-2009 09:59 PM
Thanks for the help bathory.

I just found the named.caching-server.conf file, which has pretty much pointed me in the same direction.

Ta.


All times are GMT -5. The time now is 03:05 AM.