Caching DNS server problem.

Mark_Andrews at isc.org Mark_Andrews at isc.org
Mon Jan 13 03:27:24 UTC 2003 

> Hi all,
> 
> I have set up named to run on Redhat 7.2 using caching nameserver & bind
> & bind-utils. and running ip forwarding using iptables.
> 
> The only difference so far is that Ihave put some extra logging in.
> using
> 
>   logging {
>          channel "lookups"
>                  {
>                  file "queries_log" versions 3 size 20m;
>                  severity info;
>                  print-time yes;
>                  print-category yes;
>                  };
> 
>          category "queries" {"lookups"; };
>          category "default" {"default_syslog"; "default_debug"; };
> 
> What I need to do is provide this caching but look at the host file first.
> 
> example.
> 
> client trys to look up spamsite.co.uk (listed in etc/hosts as 127.0.0.1)
> on localhost the resolution fails as resolv.conf lists 127.0.0.1 ,
> while on a remote client the real 204.xxx.xxx.xxx address is returned.
> 
> the remote machine is definitely querying the named server as the look 
> up fails when named is stopped.
> 
> i'm stuck, how can I get named to return the value in hosts for a query 
> if one is present for a given host.

	You can't.  Named does not look at /etc/hosts.

	You can create a zone to mask the real entry in the DNS
	*and* any names below the real entry.

	zone "spamsite.co.uk" {
		type master;
		notify no;
		file "empty.db";
	}

	empty.db:
	@ 0 SOA name.of.your.nameserver. your.real.email.address. (
			1 3600 1200 604800 0 )
	  0 NS name.of.your.nameserver.

	Zero TTL's minimise any damage caused by leaking records.
	You could add loopback records if you want or some other
	address that will just answer the HTTP queries.  I would
	however give the file a different name if you do this.
	
	@ 0 SOA name.of.your.nameserver. your.real.email.address. (
			1 3600 1200 604800 0 )
	  0 NS name.of.your.nameserver.
	  0 A 127.0.0.1
	  0 AAAA ::1

	Mark

> nsswitch.conf
> hosts: files dns
> 
> resolv.conf
> search localdomain
> nameserver 127.0.0.1
> 
> hosts.conf
> order hosts,bind
> 
> 
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at isc.org

More information about the bind-users mailing list