PDA

View Full Version : Setting up your own Bind caching nameserver



skip to my lou
01-08-2005, 12:36 AM
I am really fed up with bigponds and nearly any ISPs DNS. They are simply crap, often overloaded, or not working at all.

I set up my own, in about 5 minutes. You'll need a linux box..


w ge t ftp://ftp.isc.org/isc/bind9/9.3.1/bind-9.3.1.tar.gz
t ar -xvzf bind-9.3.1.tar.gz
cd bind-9.3.1
./conf igure
ma ke
m ake insta ll

Please note, the above contains random spaces to break up the real command, I can't submit the actual command as Apache mod_security is blocking me with a 403.

Now we need to set up named.conf and a root-server list.


cd /etc
vim named.conf

sample named.conf (from BIND manual):


acl "corpnets" { 192.168.0.0/24; };
options {
directory "/etc/namedb"; // Working directory
pid-file "named.pid"; // Put pid file in working dir
allow-query { "corpnets"; };
};
// Root server hints
zone "." { type hint; file "/etc/root.hint"; };
// Provide a reverse mapping for the loopback address 127.0.0.1
zone "0.0.127.in-addr.arpa" {
type master;
file "localhost.rev";
notify no;
};

If your local network is 192.168.1.0/24 then be sure to edit the above to reflect that.

We need to set up the root.hint file, so simply do:


wg et ftp://ftp.rs.internic.net/domain/named.cache
mv named.cache root.hint

To start:


/usr/local/sbin/named

If you are getting any error messages, do 'tail /var/log/messages' and it will probably give a good reason if it's failing to start.

Do an nslookup and see if the server responds, for WinXP, it's something like "nslookup host server".

If it's working well, modify /etc/resolv.conf and take out any ISP nameservers that might be there by default.

Remember: This can serve your home network no matter what OS, not just your linux desktop.

To clear cache, simply restart named.

shaun
01-08-2005, 06:30 PM
Don't forget to run this out of "chroot jail".

skip to my lou
04-08-2005, 02:42 PM
If you've blocked off external access then chroot isn't required, but it's better to be safe if allowing external access.