LinuxQuestions.org - setting up a dns server

- Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)

- - setting up a dns server (https://www.linuxquestions.org/questions/linux-networking-3/setting-up-a-dns-server-234520/)

setting up a dns server

I want to setup a DNS server that will foward queries to a specified DNS server, but I also want it to cache the "answer" so that it only needs to rely on the internet DNS once per domain (and check it again once in a while in case the IP changes).

I also want to be able to add my own top level domain so I can name machines on my network. So I can go to server.custom and access the server etc...

I have webmin which makes things easier. Thing is, I have no clue what I'm doing from here, I checked tutorials and such but I'm just totally confused as to how it works, and how I can even tell wether or not it's working. I set the IP in my router, and my ISP's as secondary, but I have no clue if it's just skipping my DNS or if it's actually working. (bind is running).

It would be great if there would be some kind of log or something, but unlike what is mentioned in tutorials, there is no log to be found. I checked in /var/log and there's no named log, and I checked a bunch of other paths mentioned in some tutorials.

Can someone point me in the right direction as to how I can do a setup like this, if it's even possible? Thanks!

If you haven't already read it, you want this http://www.math.uio.no/~janl/DNS/DNS-HOWTO-3.html. It explains, step by step, how to do everything you've just listed, and what each step does. Other pages in the same HOWTO deal with setting up your own zone file for your local domain.

For a simple test, use:

dig domain.name @localhost

This will only ask a DNS server on your local machine for info - it will not query your ISPs server. Of course, your DNS server should query the ISP anyway, the first time (and again in the future, after the expire time).

That sort of helped. Named won't start anymore so at least I know the files created did something.

But how can I find out why it won't start? Is there some kind of log somewhere? Thanks.

Also it said to do man 8 resolv but it just says there's no resolv, is it something I need?

edit: nevermind, found the log, it's hidden in /var/log/messages... I figured it would be called bind.log/named.log or something.

Turns out I need to put the root servers in named.ca so I'm going to do that and see what happends from there... Also I'm told these change often, so is there a way to make it so that file updates automaticly?

Another thing, how can I find out what version I have? In webmin there's an entry for bind 4 and an entry for bind. They both have some of the settings I entered, but they don't overlap. I'm confused now.

Check out /etc/named.conf for logging options (there should also be a man page for "named.conf"). You can have it log to a named.log file if you would prefer.

For which version you're using, try "named -v" (you may need to specify a path to named depending on where it's installed). Bind 4 is an older version and uses a different style of config file. You probably have 8 or 9, and both of these will work with the plain bind option.

If you check that HOWTO I linked, it has a link that explains what you need to do to maintain the root servers section, and even provides a script you can use to do it automatically.

Actually I just though of something, by only using the root servers I'm limited to .com .org .net .gov and .mil and whatever A B C etc are for, but I don't get all the countries like .ca .co.uk etc.... at least I don't think so. so is there a way that instead of specifying the root servers, I can just specify a DNS IP?

Correct me if I'm wrong, but root server A is for .com, root server B is for .org etc...(maybe not in that order).

Looks like I got it working, but I still want logging of some sort but I can't figure it out, I did what the tutorial says, but it just won't put any log file anywhere. There's only the basic syslog, but I want way more info then "starting...". I want to know what domains get resolved etc....

Also, where does it actually cache the information? I checked in the /var/named/ for any newly created files, or existing files that have data apended to them, and no luck.

I want to be able to fully monitor all this correctly. I don't want it to "just work" but I want to know what is really going on. Thanks.

Ah, so you want to spy on your flatmates to find out where they get their porn? :D (j/k)
You need to read the named.conf man page to find out how to configure the logging.
If you don't have the man page, there is an online version here http://www.die.net/doc/linux/man/man5/named.conf.5.html

Thanks I had it right, but I just had the assumption of order wrong. I figured severity of dynamic shows more information then, say debug. I put it to debug 3 and it's showing what I want.

So far there's not allot of porn sites that show up though. :D This is a 2-pc network, so I don't think no one will go on a porno site. lol

Now I just need to figure out how to make my own domain (accessable locally only) but I assume the man page will cover that.

I have the man command in linux, but when I use it I just get giberish so glad they have an online version of it.

I still can't figure out where it actually stores the cache and how long it keeps it. Where does it go?

I also don't understand the main difference between a zone and a domain. In tutorials I read it says it's important to know and I bet it is, but none of the explainations make any sense.

Is it that ".com" is a zone and "iceteks.com" is a domain? But isi'nt ".com" a domain as well? (a top level one).

I also can't seem to find any info on how to setup my own top level domain. (for LAN only). I want to be able to type www.server.loc and make it go to a local server.

Thanks.

It's been a while since I set one of these up. I think you'll find a named file or two under /var.

If you go to the tutorial I linked earlier, and move to the next page, it explains how to set up your own domain, and their example includes an invalid TLD.

As for the difference between zone and domain... A zone is usually one or more domain names - for example, you might set up a zone with entries for www.loc, mail.loc, and media.loc. .com by itself is a (top-level) domain, but a zone might define several subdomains of .com.

I never answered your question about resolving non-worldwide domains... the root servers may not themselves know much about the .ca domain, but when they receive a request for it, they will point your server to the server that does know, so only knowing the root servers will not restrict you (I'm sure you found that out anyway).

Thanks for the info. Also I checked in the /var/named and there are files (the ones I put) but no new files are being created. I don't even know if it's actually caching stuff anywhere since the log keeps showing entries for domains I even went to before, if I get this correctly it means that it's creating a new entry for that domain right?

Sep 25 20:09:23.771 resolver: debug 1: createfetch: www.linuxquestions.org A

I still can't figure out where it actually stores the cache and how long it keeps it. Where does it go?

Name servers like bind will store cached queries in RAM. As the cache grows in size, so does the size of the name server process. i.e. ps aux

How long a name server keeps its cached values in RAM is based on the TTL (Time to Live) value set for that resource record (RR) by the authoritative DNS server

If you want to view (dump to a file) what is in cache, use rndc. Just make sure you define the dump file name in named.conf using the "dump-file" global option. If you want to flush what is in cache, use rndc. See the pattern?

I also don't understand the main difference between a zone and a domain. In tutorials I read it says it's important to know and I bet it is, but none of the explainations make any sense.

According to the DNS and Bind book... "The difference between a zone and a domain is subtle. A zone contains the domain names and data that a domain contains, except for domain names and data which are delegated elsewhere. For example, the top-level domain ca (for Canada) may have the subdomains ab.ca, on.ca, and qb.ca for the provinces Alberta, Ontario, and Quebec. Authority for the ab.ca, on.ca, and qb.ca domains may be delegated to organizations in each of the provinces."

Geez! I just re-read the above. :( The key to understanding the above is in understanding the term delegation. Within the scope of DNS, delegation refers to a Top-Level DNS server (like the dns server for ca) delegating the SOA for a subdomain (like ab.ca) to another DNS server. Each DNS server loads a zone that contains only the domain name and specific data (resource records) for which it is authoritative. So the DNS server for the domain ca would contain delegation records for ab.ca, but not the address resource record like www.ab.ca. Only the authoritative DNS servers for the domain ab.ca could answer the www.ab.ca query.

Long pause...
Well I tried. Hopefully the above can clear up a few blackholes. BTW: The process of a name server following all the delegation records by querying the root-name server, then the ca name server, then the ab.ca name server to find the answer to the query www.ab.ca is called "recursion".

"I also can't seem to find any info on how to setup my own top level domain. (for LAN only). I want to be able to type www.server.loc and make it go to a local server."

FWIW: I'm currently working on some bind template files that I plan on publishing to my website. These templates should be able to help anyone who wants to setup a simple DNS server (like you) with very little editing along with templates for a multi-view DNS server. i.e. A query that originates from a private lan for www.mydomain.com returns the private IP address, but a query that originates from the Internet returns the public IP address for www.mydomain.com. Unfortunately, my time is limited, so its going to be few days.

If it stores it in ram... what happends when I reboot? And ram is very limited resource, I have a nice 200GB drive waiting plus the existing 120GB, is there a way to make it so it uses disk space instead? Would be much more efficient, and much more permanent. I mean how often does a domain name like google.ca change IP? I rather set the expiary to at least a week or so.

Also when I try rndc I get "not implimented". But if there's a way to make the cache use hard disk space then I won't have to worry about it. It's silly that they even programmed it to use ram. Ram is erased when you shut down the machine, or even reboot it. So if I wanted to edit a specific domain... it would not really last long.

Sounds like you might be slightly confused.

The authoritative zone files you create for your domain name in which named loads into ram through references in named.conf are stored on your harddrive. So this data is not lost during a reboot. But your DNS server is also going to resolve other non-authoritave queries like yahoo.com. The answer to these queries will also be cached in ram. Only these non-authoritative cached queries would be lost during a reboot. To put this in the proper perpesctive - even if your DNS server was not rebooted for months, these cached queries would be removed from ram once the TTL for that resource record expires. So the ram is reused.

FWIW: I just dumped my cache from my DNS server and the resulting text file (named.dump) was <250K. My query logs (named.log) reach 10-12MB a week. Which is nothing compared to what an ISP's name server might log if query logging was ON.

For reference:

[root@excelsior named]# rndc status
number of zones: 25
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 2
query logging is ON
server is up and running

[root@excelsior named]# rndc dumpdb
[root@excelsior named]# ls -l named.dump
-rw-r--r-- 1 named named 228118 Sep 25 22:12 named.dump

[root@excelsior named]# ls -l named.log
-rw-r--r-- 1 named named 10912232 Sep 25 22:13 named.log

[root@excelsior named]# uptime
22:15:32 up 41 days, 11:48, 1 user, load average: 0.27, 0.22, 0.18

As for whether or not named can be configured to use your harddrive instead of RAM. I don't know. But I would think the performance would suck if named had to use your harddrive to resolve queries. If you enable DDNS (Dynamic DNS) named will create journal files to store DHCP registrations/releases, but only for the authoritative zones, not for non-authoritative queries like yahoo.com.

Hmm so cache is probably not what I need in my case then... but it will probably get too complicated to go another way so I'll stick with how it is now. At least it relies on the root servers so it's still fairly reliable.

What I wanted is to basically have all the DNS records of every domain/subdomain (or at least the ones I visit) so that even if I can't connect to another dns server, mine would have those records. So it would be faster. But that would be complicated to setup right?

So I think I'll keep it how it is anyway and just look into creating my own top level domain which was a different issue I wanted this DNS server for and for that I'll look at the tutorial when I get a chance.

Thanks for clearing things up and for the help!