A caching server helps when a host name is asked for many times
by local clients. For example, google.com, neerajsain.com and nsain.in are
all requested many times by most users. By caching the dns query your
dns server can respond with the results quickly and without having to
use any external bandwidth.
Bind has the ability to locally cache dns queries as well as serve authoritative name resolution. By using a locally cached dns server you can significantly speed up local dns resolution of commonly resolved names.
How to Install Bind DNS Server.
1.#sudo apt-get install bind9
2.Edit "named.conf.options" located at "/etc/bind/named.conf.options"
3.Now you need to edit "named.conf" file.
#sudo vi /etc/bind/named.conf
Then, change the file so it looks like the following :
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local
include "/etc/bind/named.conf.options";
// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/etc/bind/db.root";
};
// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912
zone "localhost" {
type master;
file "/etc/bind/db.local";
allow-update{none;};
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
allow-update{none;};
};
zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};
4.Now restart you bind server.
#sudo /etc/init.d/bind9 restart
5.How to test DNS server.
#dig google.com
You should get output that is similar to the following:-
; <<>> DiG 9.7.3 <<>> google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20729
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 4, ADDITIONAL: 4
;; QUESTION SECTION:
;google.com. IN A
;; ANSWER SECTION:
google.com. 900 IN A 74.125.235.51
google.com. 900 IN A 74.125.235.52
google.com. 900 IN A 74.125.235.48
google.com. 900 IN A 74.125.235.49
google.com. 900 IN A 74.125.235.50
;; AUTHORITY SECTION:
google.com. 120481 IN NS ns3.google.com.
google.com. 120481 IN NS ns2.google.com.
google.com. 120481 IN NS ns4.google.com.
google.com. 120481 IN NS ns1.google.com.
;; ADDITIONAL SECTION:
ns3.google.com. 104413 IN A 216.239.36.10
ns2.google.com. 104413 IN A 216.239.34.10
ns4.google.com. 104413 IN A 216.239.38.10
ns1.google.com. 104413 IN A 216.239.32.10
;; Query time: 366 msec
;; SERVER: 208.67.222.222#53(208.67.222.222)
;; WHEN: Wed Jan 11 09:43:49 2012
;; MSG SIZE rcvd: 244
Now, run the exact same 'dig' command again should result in something similar to the following:-
; <<>> DiG 9.7.3 <<>> google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25043
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 4, ADDITIONAL: 4
;; QUESTION SECTION:
;google.com. IN A
;; ANSWER SECTION:
google.com. 790 IN A 74.125.235.51
google.com. 790 IN A 74.125.235.52
google.com. 790 IN A 74.125.235.48
google.com. 790 IN A 74.125.235.49
google.com. 790 IN A 74.125.235.50
;; AUTHORITY SECTION:
google.com. 120371 IN NS ns3.google.com.
google.com. 120371 IN NS ns2.google.com.
google.com. 120371 IN NS ns4.google.com.
google.com. 120371 IN NS ns1.google.com.
;; ADDITIONAL SECTION:
ns3.google.com. 104303 IN A 216.239.36.10
ns2.google.com. 104303 IN A 216.239.34.10
ns4.google.com. 104303 IN A 216.239.38.10
ns1.google.com. 104303 IN A 216.239.32.10
;; Query time: 1 msec
;; SERVER: 208.67.222.222#53(208.67.222.222)
;; WHEN: Wed Jan 11 09:45:39 2012
;; MSG SIZE rcvd: 244
You'll notice the query time is much faster the second time around; that's because the first time, the results were cached on the DNS server! Feel free to try this with several domains, they should all return similar speed-ups for query time!
Now you have a local DNS Server.You can now point all your internet servers(
Proxy or ISA) to use your local DNS server for internet DNS query.
Bind has the ability to locally cache dns queries as well as serve authoritative name resolution. By using a locally cached dns server you can significantly speed up local dns resolution of commonly resolved names.
How to Install Bind DNS Server.
1.#sudo apt-get install bind9
2.Edit "named.conf.options" located at "/etc/bind/named.conf.options"
// Your local network and any IP address range you want to allow to query the DNS server
acl internal { any; };
options {
directory "/var/cache/bind";
// Disable all zone transfer requests
allow-transfer {"none";};
// Closed DNS; permit only allowed IP addresses specified above to issue queries
allow-query { internal; };
// If there is a firewall between you and nameservers you want
// to talk to, you might need to uncomment the query-source
// directive below. Previous versions of BIND always asked
// questions using port 53, but BIND 8.1 and later use an unprivileged
// port by default.
// query-source address * port 53;
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
// forwarders {
// 0.0.0.0;
// };
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};3.Now you need to edit "named.conf" file.
#sudo vi /etc/bind/named.conf
Then, change the file so it looks like the following :
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local
include "/etc/bind/named.conf.options";
// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/etc/bind/db.root";
};
// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912
zone "localhost" {
type master;
file "/etc/bind/db.local";
allow-update{none;};
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
allow-update{none;};
};
zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};
4.Now restart you bind server.
#sudo /etc/init.d/bind9 restart
5.How to test DNS server.
#dig google.com
You should get output that is similar to the following:-
; <<>> DiG 9.7.3 <<>> google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20729
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 4, ADDITIONAL: 4
;; QUESTION SECTION:
;google.com. IN A
;; ANSWER SECTION:
google.com. 900 IN A 74.125.235.51
google.com. 900 IN A 74.125.235.52
google.com. 900 IN A 74.125.235.48
google.com. 900 IN A 74.125.235.49
google.com. 900 IN A 74.125.235.50
;; AUTHORITY SECTION:
google.com. 120481 IN NS ns3.google.com.
google.com. 120481 IN NS ns2.google.com.
google.com. 120481 IN NS ns4.google.com.
google.com. 120481 IN NS ns1.google.com.
;; ADDITIONAL SECTION:
ns3.google.com. 104413 IN A 216.239.36.10
ns2.google.com. 104413 IN A 216.239.34.10
ns4.google.com. 104413 IN A 216.239.38.10
ns1.google.com. 104413 IN A 216.239.32.10
;; Query time: 366 msec
;; SERVER: 208.67.222.222#53(208.67.222.222)
;; WHEN: Wed Jan 11 09:43:49 2012
;; MSG SIZE rcvd: 244
Now, run the exact same 'dig' command again should result in something similar to the following:-
; <<>> DiG 9.7.3 <<>> google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25043
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 4, ADDITIONAL: 4
;; QUESTION SECTION:
;google.com. IN A
;; ANSWER SECTION:
google.com. 790 IN A 74.125.235.51
google.com. 790 IN A 74.125.235.52
google.com. 790 IN A 74.125.235.48
google.com. 790 IN A 74.125.235.49
google.com. 790 IN A 74.125.235.50
;; AUTHORITY SECTION:
google.com. 120371 IN NS ns3.google.com.
google.com. 120371 IN NS ns2.google.com.
google.com. 120371 IN NS ns4.google.com.
google.com. 120371 IN NS ns1.google.com.
;; ADDITIONAL SECTION:
ns3.google.com. 104303 IN A 216.239.36.10
ns2.google.com. 104303 IN A 216.239.34.10
ns4.google.com. 104303 IN A 216.239.38.10
ns1.google.com. 104303 IN A 216.239.32.10
;; Query time: 1 msec
;; SERVER: 208.67.222.222#53(208.67.222.222)
;; WHEN: Wed Jan 11 09:45:39 2012
;; MSG SIZE rcvd: 244
You'll notice the query time is much faster the second time around; that's because the first time, the results were cached on the DNS server! Feel free to try this with several domains, they should all return similar speed-ups for query time!
Now you have a local DNS Server.You can now point all your internet servers(
Proxy or ISA) to use your local DNS server for internet DNS query.
Comments
Post a Comment