Providing local DNS service behind a cheap router/gateway

Adam Tkac atkac at redhat.com
Thu Jan 3 08:57:57 UTC 2008


On Wed, Jan 02, 2008 at 09:16:25PM -0500, Steven Stromer wrote:
> 
> On Jan 2, 2008, at 6:22 PM, Steven Stromer wrote:
> 
> > I appreciate your warnings regarding use of a query-source statement
> > and of specifying port 53, but this is not really the problem that
> > I'm trying to seek assistance for. Again, the recent changes I have
> > described in this thread have left me with a nameserver that can do
> > nothing but forward queries. Though I could be wrong, I don't think
> > that this has anything to do with my router or firewalling; this
> > router has permitted such queries to pass through for years without a
> > problem. I remain lost to the reasons for the real problem I am
> > experiencing, despite experimentation and many fruitless hours of  
> > work.
> >
> > I am starting to question whether my newfound problem might have
> > something to do with having installed the caching-nameserver package.
> > I don't fully understand what this package does, especially when I've
> > read all over the web that "an authoritative nameserver also caches
> > by default". I have a feeling that it doesn't belong anywhere near a
> > nameserver that is authoritative for a domain. (Again, the server in
> > question provides recursive services for local users, and is
> > authoritative for a domain publicly.) I see that the caching-
> > nameserver package adds a file, 'named.caching-nameserver.conf'. I
> > can't seem to find documentation that clearly explains what this
> > package contains, what changes its installation makes to the
> > installed bind service, or how named.caching-nameserver.conf
> > interacts with the standard named.conf. If I wanted to uninstall the
> > caching-nameserver package, would this be possible? What would have
> > to be done beside 'yum remove caching-nameserver'?
> >
> > Is it possible that it was the installation of the caching-nameserver
> > package that has created my newfound problems? Again, any help
> > regarding this problem would be VERY, VERY much appreciated!
> 
> 
> Trying to be self sufficient, I tried the following:
> 
> 1. Listed the files in the caching-nameserver package:
> # rpm -q -p http://download.fedora.redhat.com/pub/fedora/linux/core/ 
> updates/6/i386/caching-nameserver-9.3.4-8.P1.fc6.i386.rpm -l
> 
> 2. Compared each of the files contained in the caching-nameserver  
> package (all of which are listed below) with an archive of the files  
> from my bind server, line by line. In parens below, I first list  
> whether the install of the caching-nameserver package altered the  
> original named file, and then, how I handled the change to get back  
> to my previously working configuration.)
> 
> /etc/named.caching-nameserver.conf (NEVER EXISTED, AND WAS NOT CREATED)
> /etc/named.conf (UNCHANGED)
> /etc/named.rfc1912.zones (NEVER EXISTED, AND WAS NOT CREATED)
> /usr/share/doc/caching-nameserver-9.3.4 (WAS REMOVED WITH 'yum remove  
> caching-nameserver')
> /usr/share/doc/caching-nameserver-9.3.4/Copyright (WAS REMOVED WITH  
> 'yum remove caching-nameserver')
> /usr/share/doc/caching-nameserver-9.3.4/rfc1912.txt (WAS REMOVED WITH  
> 'yum remove caching-nameserver')
> /var/named/chroot/etc/named.caching-nameserver.conf (DID NOT  
> PREVIOUSLY EXIST - RENAMED EXTENSION - SHOULD BE DELETED...)
> /var/named/chroot/etc/named.conf (UNCHANGED)
> /var/named/chroot/etc/named.rfc1912.zones (DID NOT PREVIOUSLY EXIST -  
> RENAMED EXTENSION - SHOULD BE DELETED...)
> /var/named/chroot/var/named/localdomain.zone (CHANGED - RENAMED AND  
> RECOVERED ORIGINAL FROM BACKUP)
> /var/named/chroot/var/named/localhost.zone (UNCHANGED)
> /var/named/chroot/var/named/named.broadcast (UNCHANGED)
> /var/named/chroot/var/named/named.ca(DID NOT PREVIOUSLY EXIST -  
> RENAMED EXTENSION - SHOULD BE DELETED...)
> /var/named/chroot/var/named/named.ip6.local (CHANGED - RENAMED AND  
> RECOVERED ORIGINAL FROM BACKUP)
> /var/named/chroot/var/named/named.local (CHANGED - RENAMED AND  
> RECOVERED ORIGINAL FROM BACKUP)
> /var/named/chroot/var/named/named.zero (UNCHANGED)
> /var/named/localdomain.zone (RENAMED localdomain.zone.rpmorig -  
> RENAMED BACK TO ORIGINAL FILENAME)
> /var/named/localhost.zone (RENAMED localhost.zone.rpmorig - RENAMED  
> BACK TO ORIGINAL FILENAME)
> /var/named/named.broadcast (RENAMED named.broadcast.rpmorig - RENAMED  
> BACK TO ORIGINAL FILENAME)
> /var/named/named.ca (NEVER EXISTED, AND WAS NOT CREATED)(I thought  
> this had been replaced by named.root a long time ago.)
> /var/named/named.ip6.local (RENAMED named.ip6.local.rpmorig - RENAMED  
> BACK TO ORIGINAL FILENAME)
> /var/named/named.local (RENAMED named.local.rpmorig - RENAMED BACK TO  
> ORIGINAL FILENAME)
> /var/named/named.zero (RENAMED named.zero.rpmorig - RENAMED BACK TO  
> ORIGINAL FILENAME)
> 
> 
> Further, according to RedHat, 'If you have installed the caching- 
> nameserver package, the default configuration file is /etc/ 
> named.caching-nameserver.conf. To override this default  
> configuration, you can create your own custom configuration file in / 
> etc/named.conf. BIND will use the /etc/named.conf custom file instead  
> of the default configuration file after you restart.' I'm assuming  
> that they mean, 'restart the named service', and not the actual  
> hardware...
> 
> 
> How can I tell what else the installation of the caching-nameserver  
> package affected? I have never created my own rpm packages, and don't  
> know how to access the installer script within the package.
> 
> Thanks again,
> Steven Stromer
> 

I still don't know what you expect. caching-nameserver package was
here for people who knows nothing about bind, nothing about bind
configuration and always says "Please ship default configuration, I
want working named". So if you install caching-nameserver you could
have only local caching nameserver, nothing else. If you need more
advanced configuration (authoritative server, non local caching server
etc.) you have to create your /etc/named.conf. Also please read
http://marc.info/?l=bind-users&m=119877114122822&w=2 - I wrote there
something about caching-nameserver confusions. And as I wrote about
week ago on this list please do not use Fedora Core 6. It is EOL, you
will not get any update. Upgrade to Fedora 7 at least.

Adam

-- 
Adam Tkac, Red Hat, Inc.



More information about the bind-users mailing list