|
|
< Day Day Up > |
|
Recipe 24.15. Running a Local Caching Name Server with BIND24.15.1 ProblemYou want to set up a local BIND caching name server for your LAN to speed up DNS lookups, which in turn will speed up all of your Internet services. 24.15.2 SolutionInstall BIND on a Linux machine with a static IP address. Be sure you get the latest version, which is currently BIND 9.2.3. Don't mess with older versions, as they are buggy and exploitable. After installation, you'll have four configuration files to edit or create:
In this recipe, all of these files are in /var/named, except for /etc/named.conf. named.conf is the standard name for BIND's configuration file; all the others you can name to suit yourself. Here is a sample named.conf: //BIND configuration file
//named.conf for caching server
options {
// where all zone files are
directory "/var/named";
// accept queries only from local subnet
listen-on {
127.0.0.1;
10.11.12.1;
};
allow-recursion {
127.0.0.0/8;
10.11.12.0/24;
};
};
zone "." IN {
type hint;
file "named.root";
};
// location of the zone file for localhost
zone "localhost" IN {
type master;
file "zone.localhost";
allow-update { none; };
};
// reverse pointer file for localhost
zone "0.0.127.in-addr.arpa" IN {
type master;
file "revp.127.0.0";
allow-update { none; };
};Now add named.root. This is the master list of the root name servers; simply fetch the current version from ftp://ftp.internic.net/domain/named.root, and put it in /var/named. Now create zone.localhost: ; zone.localhost
; loopback/localhost zone file
;
$TTL 1D
$ORIGIN localhost.
@ IN SOA @ root (
1 ; Serial
8H ; Refresh
15M ; Retry
1W ; Expire
1D) ; Minimum TTL
IN NS @
IN A 127.0.0.1Finally, create revp.127.0.0: ; revp.127.0.0
; reverse pointers for localhost
;
$TTL 1D
$ORIGIN 0.0.127.in-addr.arpa.
@ IN SOA localhost. root.localhost. (
1 ; serial
8H ; refresh
15M ; retry
1W ; expire
1D ) ; minimum
IN NS localhost.
1 IN PTR localhost.Then start up BIND: # /etc/init.d/named startYou now have a local caching name server. See Recipe 24.10 to learn how to connect client PCs to your caching server. 24.15.3 Discussionnamed is short for "name daemon." BIND configuration files can grow and multiply like weeds, so using a naming convention like the one shown here will save your sanity. Zone files each start with "zone," and reverse pointer files start with "revp." You may call them anything you want, as long as you use a consistent naming scheme. You can use each one of these sample files exactly as they are shown. The only change you might need to make is the listen-on directive in named.conf—be sure to use your own network IP addresses. Leave localhost exactly as it is shown, unless you're using some exotic networking voodoo, in which case you already know what to do. Do not allow traffic from outside your network! There is no reason for you to supply caching services to the world. The named.root file does not change very often. Check it every few months just for kicks. You may call it anything you like, as long as you record the filename in named.conf. zone.localhost tells named that the address of localhost is 127.0.0.1. revp.127.0.0 does the opposite of zone.localhost—it tells named that the hostname associated with the IP address 127.0.0.1 is localhost. Paul Heinlein wrote much of the gnarly BIND stuff for this chapter. Thank you, Paul! You can find Paul on madboa.com. 24.15.4 See Also
|
|
|
< Day Day Up > |
|