1) instalace zakladního sw pro kompilaci (install packages needed for compilation)
apt-get install build-essential
2a) instalace daemontools z repozitare (installation from repository)
apt-get install daemontools daemontools-run
2b) nebo kompilace daemontools podle (or compilation from source according to) http://djbdnsrocks.org
mkdir /downloads && cd /downloads wget http://www.djbdnsrocks.org/downloads/djbdnsrocks.tar.gz tar zxvf djbdnsrocks.tar.gz && cd djbdnsrocks tar xvzf daemontools-0.76.tar.gz cd /downloads/djbdnsrocks/admin/daemontools-0.76/src/ patch < /downloads/djbdnsrocks/daemontools_errnopatch cd /downloads/djbdnsrocks/admin/daemontools-0.76 ./package/install
3a) instalace ucspi-tcp z repozitare (installation from repository)
apt-get install ucspi-tcp
3b) nebo kompilace ucspi-tcp podle (or compilation from source according to) http://djbdnsrocks.org
cd /downloads/djbdnsrockspatch < /downloads/djbdnsrocks/ucspi-tcp_errnopatch make make setup check
4) instalace djbdns (setup djbdns)
cd /downloads/djbdnsrocks
tar zxvf djbdns-1.05.tar.gz && cd djbdns-1.05
patch < /downloads/djbdnsrocks/djbdns_errnopatch
make
make setup check
přidat uživatele pro dnscache, tinydns, axfrdns
(add users for dnscache, tinydns, axfrdns)
/usr/sbin/useradd -s /sbin/nologin -d /dev/null dnslog /usr/sbin/useradd -s /sbin/nologin -d /dev/null dnscache /usr/sbin/useradd -s /sbin/nologin -d /dev/null tinydns /usr/sbin/useradd -s /sbin/nologin -d /dev/null axfrdns
5) konfigurace dnscache (dnscache configuration)
priklad pro lokalni sit (example for local network):dnscache-conf dnscache dnslog /etc/dnscache 192.168.1.1
ln -s /etc/dnscache /service
zkontrolovat, jestli běží (check if is running):
ps -aux | grep dnscache
v /etc/dnscache/root/ip nastavit jakym IP/sitim ma odpovidat - napr. pro sit 192.168.1.0/24
in /etc/dnscache/root/ip set which IP/networks should response - eg. for network 192.168.1.0/24):
cd /etc/dnscache/root/ip
touch 192.168.1
restart dnscache:
svc -t /service/dnscache
zajistit, aby /etc/resolv.conf neprepisoval dhclient:
v /etc/dhcp3/dhclient.conf v radku zacinajicim "request ..." smazat nebo zakomentovat "domain-name-servers"
nastavit do /etc/resolv.conf IP adresu dnscache
(insert IP address of dnscache into /etc/resolv.conf):
echo "nameserver 192.168.1.1" > /etc/resolv.conf
pripadne nastavit do konfigurace dhcp serveru, aby klientum nabizel jako DNS server dnscache:
do /etc/dhcp3/dhcpd.conf přidat nebo upravit řádek:
option domain-name-servers 192.168.1.1;
6) konfigurace tinydns (tinydns configuration)
/usr/local/bin/tinydns-conf tinydns dnslog /etc/tinydns 1.3.5.7
přidat záznam(y) do (add lines to) /etc/tinydns/root/data:
# authoritative ns .example.com::ns.example-ns.com:2560 # sekundarni ns &example.com::ns2.example-ns.com:2560 # mail @example.com::mx.example.com::86400 # reverzni zaznam =example.com:193.179.31.76:86400 # aliasy +*.example.com:193.179.31.76:86400
potom v /etc/tinydns/root spustit make (then in /etc/tinydns/root run make)
rict dnscache, aby se na nase domeny ptala primo naseho dns serveru:
echo "1.3.5.7" > /service/dnscache/root/servers/example.com
restart dnscache:
svc -t /service/dnscache
7) konfigurace axfrdns (axfrdns configuration)
axfrdns-conf axfrdns dnslog /etc/axfrdns /etc/tinydns 1.3.5.7
pridat zaznamy do (add lines to) /etc/axfrdns/tcp
3.5.7.9:allow 3.5.7.10:allow :deny
potom v /etc/axfrdns spustit make (then in /etc/axfrdns run make)
otestovat prenos zony z vyse povolenych IP (test zone transfer from allowed IPs):
cd /tmp tcpclient 1.3.5.7 53 axfr-get example.com data data.tmp cat data
připojené soubory: djbdnsrocks.tar.gz