setup daemontools, ucspi-tcp, tinydns, dnscache, axfrdns



1) instalace zakladního sw pro kompilaci (install packages needed for compilation)

apt-get install build-essential

2a) instalace daemontools z repozitare (installation from repository)

apt-get install daemontools daemontools-run

2b) nebo kompilace daemontools podle (or compilation from source according to) http://djbdnsrocks.org

mkdir /downloads && cd /downloads
wget http://www.djbdnsrocks.org/downloads/djbdnsrocks.tar.gz
tar zxvf djbdnsrocks.tar.gz && cd djbdnsrocks 
tar xvzf daemontools-0.76.tar.gz
cd /downloads/djbdnsrocks/admin/daemontools-0.76/src/
patch < /downloads/djbdnsrocks/daemontools_errnopatch
cd /downloads/djbdnsrocks/admin/daemontools-0.76
./package/install

3a) instalace ucspi-tcp z repozitare (installation from repository)

apt-get install ucspi-tcp

3b) nebo kompilace ucspi-tcp podle (or compilation from source according to) http://djbdnsrocks.org

cd /downloads/djbdnsrocks
patch < /downloads/djbdnsrocks/ucspi-tcp_errnopatch
make
make setup check

4) instalace djbdns (setup djbdns)

cd /downloads/djbdnsrocks
tar zxvf djbdns-1.05.tar.gz && cd djbdns-1.05
patch < /downloads/djbdnsrocks/djbdns_errnopatch
make
make setup check

přidat uživatele pro dnscache, tinydns, axfrdns
(add users for dnscache, tinydns, axfrdns)

/usr/sbin/useradd -s /sbin/nologin -d /dev/null dnslog
/usr/sbin/useradd -s /sbin/nologin -d /dev/null dnscache
/usr/sbin/useradd -s /sbin/nologin -d /dev/null tinydns
/usr/sbin/useradd -s /sbin/nologin -d /dev/null axfrdns

5) konfigurace dnscache (dnscache configuration)

priklad pro lokalni sit (example for local network):
dnscache-conf dnscache dnslog /etc/dnscache 192.168.1.1

ln -s /etc/dnscache /service

zkontrolovat, jestli běží (check if is running):

ps -aux | grep dnscache

v /etc/dnscache/root/ip nastavit jakym IP/sitim ma odpovidat - napr. pro sit 192.168.1.0/24
in /etc/dnscache/root/ip set which IP/networks should response - eg. for network 192.168.1.0/24):

cd /etc/dnscache/root/ip

touch 192.168.1

restart dnscache:

svc -t /service/dnscache

zajistit, aby /etc/resolv.conf neprepisoval dhclient:
v /etc/dhcp3/dhclient.conf v radku zacinajicim "request ..." smazat nebo zakomentovat "domain-name-servers"

nastavit do /etc/resolv.conf IP adresu dnscache
(insert IP address of dnscache into /etc/resolv.conf):

echo "nameserver 192.168.1.1" > /etc/resolv.conf

pripadne nastavit do konfigurace dhcp serveru, aby klientum nabizel jako DNS server dnscache:
do /etc/dhcp3/dhcpd.conf přidat nebo upravit řádek:

option domain-name-servers 192.168.1.1;

6) konfigurace tinydns (tinydns configuration)

/usr/local/bin/tinydns-conf tinydns dnslog /etc/tinydns 1.3.5.7

přidat záznam(y) do (add lines to) /etc/tinydns/root/data:

# authoritative ns
.example.com::ns.example-ns.com:2560
# sekundarni ns
&example.com::ns2.example-ns.com:2560
# mail
@example.com::mx.example.com::86400
# reverzni zaznam
=example.com:193.179.31.76:86400
# aliasy
+*.example.com:193.179.31.76:86400

potom v /etc/tinydns/root spustit make (then in /etc/tinydns/root run make)

rict dnscache, aby se na nase domeny ptala primo naseho dns serveru:

echo "1.3.5.7" > /service/dnscache/root/servers/example.com

restart dnscache:

svc -t /service/dnscache

7) konfigurace axfrdns (axfrdns configuration)

axfrdns-conf axfrdns dnslog /etc/axfrdns /etc/tinydns 1.3.5.7

pridat zaznamy do ( add lines to) /etc/axfrdns/tcp

3.5.7.9:allow
3.5.7.10:allow
:deny

potom v /etc/axfrdns spustit make (then in /etc/axfrdns run make)

otestovat prenos zony z vyse povolenych IP (test zone transfer from allowed IPs):

cd /tmp
tcpclient 1.3.5.7 53 axfr-get example.com data data.tmp
cat data

Attached files: djbdnsrocks.tar.gz

Tags: daemontools djbdns tinydns dnscache
Last update:
2010-11-11 14:21
Author:
Daniel
Revision:
1.87
Average rating:0 (0 Votes)

You can comment this FAQ

Chuck Norris has counted to infinity. Twice.