Caching named mini howto. Version 1 (C)opyright 1995 Nicolai Langfeldt. Do not modify without amending copyright, distribute freely but retain copyright message. Please send money, comments and/or questions to janl@ifi.uio.no. I would appreciate it if someone sent me a section 3 for (c)slip users. Contents: 1. Introduction 2. Setting it up 3. Automatic setup when connecting (and disconnecting). 4. Getting a new root.cache file. 5. Of forwarders and slaves. 1. Introduction This mini howto describes how to set up set up a caching name server. This is primarily usefull for people connected to the net with a (dialup) modem, using SLIP, PPP and similar protocols, because name lookups can be slow due to the slownes of modem comunications. A clearification: When I say 'your machine' I mean the macine you dial up to the net from, for most people this is their home machine. There is room for confusion because quite a few people dial up to their own internet connected machine at work, _that_ is not the machine I talk of in this howto, I talk about the machine you call up from, the one you connect to the net with a modem. Before you start on this you should configure your machine so that you can telnet in and out of it, and make successfuly make all kinds of connections to the net, and you should be able to do 'telnet 127.0.0.1' and get your own machine. You also need good /etc/host.conf, /etc/resolve.conf and /etc/hosts files as a starting point. If you don't already have all this set up and working the networking howto explains how to set it up. I also assume you're not behind any kind of firewall that blocks name queries. If you are you will need a special configuration that's mentioned in section 5. Name serving on unix is done by a program called named. This is a part of the bind package that's coordinated by Paul Vixie. This can be gotten on Linux ftp sites, but chances are that you already have a named. It's usualy called /usr/sbin/named. You can use that if you already have it. If you need to set up named for more than just caching, for example for setting up your own internet domain I sugest you get the book "DNS and BIND" by C. Liu and P. Albitz from O'Reilly & Associates, Sebastopol, CA, ISBN 0-937175-82-X 1992. There are also docs in the bind distribution, including a FAQ and a manual as well as papers. 2. Setting it up Tip: Make backup copies of all the files I instruct you to change if you already have them, so if after going thru this nothing works you can get it back to your old, working state. First you need a file called /etc/named.boot. This is read when named starts. For our purpose it should simply contain (remove leading spaces): ; Boot file for nicolais caching name server ; directory /var/named ; ; type domian source file or host cache . root.cache A file named /var/named/root.cache is named in this. /var/named/root.cache should contain this (remove leading spaces again): ; ---- Root cache dump ---- . IN NS NS.INTERNIC.NET. . IN NS AOS.ARL.ARMY.MIL. . IN NS NS1.ISI.EDU. . IN NS C.PSI.NET. . IN NS TERP.UMD.EDU. . IN NS NS.NASA.GOV. . IN NS NIC.NORDU.NET. . IN NS NS.ISC.ORG. ; ; Prep the cache (hardwire the addresses). Order does not matter ; NS.INTERNIC.NET. 999999 IN A 198.41.0.4 AOS.ARL.ARMY.MIL. 999999 IN A 128.63.4.82 AOS.ARL.ARMY.MIL. 999999 IN A 192.5.25.82 NS1.ISI.EDU. 999999 IN A 128.9.0.107 C.PSI.NET. 999999 IN A 192.33.4.12 TERP.UMD.EDU. 999999 IN A 128.8.10.90 NS.NASA.GOV. 999999 IN A 128.102.16.10 NS.NASA.GOV. 999999 IN A 192.52.195.10 NIC.NORDU.NET. 999999 IN A 192.36.148.17 NS.ISC.ORG. 999999 IN A 192.5.5.241 It describes the root name servers in the world. This changes over time, see below for how to get updated data. These two files are supposedly described in the named man page. I say supposedly because that man page is probably one of the least clear man pages in creation if you don't already know how to set up named. Next, when you're connected to the net you need a /etc/resolv.conf looking like this: search subdomain.your-domain.edu your-domain.edu nameserver 127.0.0.1 The 'search' line specifies what domains should be searched for any hostnames want to connect to. The 'nameserver' line specifies what address your machine can reach a nameserver at, in this case your own machine since that is where your named runs. The example assumes you belong in the domain subdomain.your-domain.edu, your machine then, is probably called your-machine.subdomain.your-domain.edu. The search line would normaly not contain your top domain ('edu' in this case). If you frequently need to connect to hosts in another domain you can add that domain to the search line like this: search subdomain.your-domain.edu your-domain.edu other-domain.com and so on. Obviosly you need to put real domain names in instead. The last file you have to fix is /etc/host.conf. There should be a line starting with 'order' and it should look like this: order hosts,bind If there is no order line you should stick one in. It tells the host name resolving routinges to first look in /etc/hosts, then ask the name server (which you in resolve.conf said is at 127.0.0.1) These two latest files are documented in the resolv(8) manpage (do 'man 8 resolv'). That man page is IMHO readable, and everyone should read it. Now you can connect to the world and test your setup. Dial up and establish your connection the usual way. Once the connection is established (and /etc/resolve.conf has the right 'nameserver' line) you start /usr/sbin/named. If you look in your syslog message file (usualy called /var/adm/messages, use the command 'tail /var/adm/messages' to see it's end) after you start named you should see something like: Jan 14 23:13:14 roke named[671]: starting. named 4.9.3-BETA9 Sat Jan 14 21:19:55 MET 1995 janl@roke:/usr/src/bind-4.9.3-BETA9/named Jan 14 23:13:14 roke named[672]: Ready to answer queries. If there is any messages about errors then there is a mistake somewhere in the file named named in the message (one of named.boot and root.cache I hope :-) Kill named and go back and check the files. Once named does not complain you can start querying it. The program designed for this is nslookup. Start it by giving linux the command 'nslookup': $ nslookup Default Server: localhost Address: 127.0.0.1 > Now you can enter a query. Try looking up some machine close to you. mnemosyne.uio.no is a Linux machine I run at the university of Oslo: > mnemosyne.uio.no Server: localhost Address: 127.0.0.1 Name: mnemosyne.uio.no Address: 129.240.21.233 nslookup now asked your named to look for the machine mnemosyne.uio.no. It then contacted one of the name server machines named in your root.cache file, and asked it's way from there. It might take some seconds before you get the result as it searches all the domains you named in /etc/resolve.conf. If you try again you get this: > mnemosyne.uio.no Server: localhost Address: 127.0.0.1 Non-authoritative answer: Name: mnemosyne.uio.no Address: 129.240.21.233 Note 'Non-authoritative answer:'. That means that named did not go out on the network to ask this time, it instead looked in it's cache and found it there. But the cached information _might_ be out of date (also called 'stale'). So you are informed of this by it saying 'Non-authorative answer:'. So when nslookup says this the second time you ask for a host it's a sign it caches the information and the desired effect of setting up the named has been reached. You exit nslookup by giving the command 'exit'. A warning: It is not smart to run named when you are not connected to the net, this is because named will try to send queries to the net and it has a long timeout, and you have to wait for this timeout every time some program tries to resolve a name. The next section explains how I deal with seting up and taking down named when connecting and disconnecting to the net. So now you know how to set up different configuration files so named works. 3. Automatic setup when connecting (and disconnecting). This section explains how I have set things up to automate everything. My way might not suit you at all, but you might get a idea from something I've done. Also, I use ppp for dialup, while many use slip or cslip, so almost everything in your setup can be different from mine. But slip's dip program should be able to do many of the things I do. Normaly, when I'm not connected to the net I have a resolv.conf file simply containing the line domain uio.no This ensures I don't have to wait for the hostname resolving library to try to connect to a nameserver that can't help me. But when I connect I want to start my named and have a resolv.conf looking like the one described above. I have solved this by keeping two resolv.conf 'template' files named resolv.conf.local and resolve.conf.connected. The latter looks like the resolve.conf described before in this document. To automaticaly connect to the net I run a script called 'ppp-on': #!/bin/sh cp -v /etc/resolv.conf.connected /etc/resolv.conf echo calling... pppd pppd has a file called 'options' that tells it the particulars of how to get connected. Once my ppp connection is up the pppd starts a script called ip-up (this is described in the pppd man page). This is parts of the script: #!/bin/sh ... echo 1>&2 PPP: IP upp ... /usr/sbin/named echo PPP: ip-up finished I.e. I start my named there. When ppp is disconnected pppd runs a script called ip-down: #!/bin/sh echo 1>&2 PPP: IP down cp /etc/resolv.conf.local /etc/resolv.conf kill `cat /var/run/named.pid` So this gets things configured and up when connecting and disconfigured and down when disconnecting. 4. Getting a new root.cache file. I mentioned that the root.cache information changes from time to time. So you might want to update it once in a long while. Start nslookup thus: nslookup | tee nslookup.log then nslookup the command > set type=ns This means that nslookup should ask for 'ns' (or NameServer) records, it usualy asks for A, address records. > . This means, get me root information. In a unix filesystem the root is '/', in the name server system the root is '.' and is often written so. The answer to my query was: Server: localhost Address: 127.0.0.1 Non-authoritative answer: (root) nameserver = AOS.ARL.ARMY.MIL (root) nameserver = NS1.ISI.EDU (root) nameserver = C.PSI.NET (root) nameserver = TERP.UMD.EDU (root) nameserver = NS.NASA.GOV (root) nameserver = NIC.NORDU.NET (root) nameserver = NS.ISC.ORG (root) nameserver = NS.NIC.DDN.MIL (root) nameserver = NS.INTERNIC.NET Authoritative answers can be found from: (root) nameserver = AOS.ARL.ARMY.MIL (root) nameserver = NS1.ISI.EDU (root) nameserver = C.PSI.NET (root) nameserver = TERP.UMD.EDU (root) nameserver = NS.NASA.GOV (root) nameserver = NIC.NORDU.NET (root) nameserver = NS.ISC.ORG (root) nameserver = NS.NIC.DDN.MIL (root) nameserver = NS.INTERNIC.NET AOS.ARL.ARMY.MIL internet address = 128.63.4.82 AOS.ARL.ARMY.MIL internet address = 192.5.25.82 NS1.ISI.EDU internet address = 128.9.0.107 C.PSI.NET internet address = 192.33.4.12 TERP.UMD.EDU internet address = 128.8.10.90 NS.NASA.GOV internet address = 128.102.16.10 NS.NASA.GOV internet address = 192.52.195.10 NIC.NORDU.NET internet address = 192.36.148.17 NS.ISC.ORG internet address = 192.5.5.241 NS.NIC.DDN.MIL internet address = 192.112.36.4 It says that the answer is non-authorative, and that an authorative answer can be gotten from one of a list of hosts. We want a authorative answer so we tell nslookup to use one of the named servers. I pick nic.nordu.net because nordunet is the Nordic research network and is thus close to me (I'm in Norway). You can choose any you fancy, terp.umd.edu is probably good in USA. > server nic.nordu.net Default Server: NIC.NORDU.NET Address: 192.36.148.17 Now to ask for the root ns records again: > . Server: NIC.NORDU.NET Address: 192.36.148.17 (root) nameserver = TERP.UMD.EDU (root) nameserver = NS.NASA.GOV (root) nameserver = NIC.NORDU.NET (root) nameserver = NS.ISC.ORG (root) nameserver = NS.NIC.DDN.MIL (root) nameserver = NS.INTERNIC.NET (root) nameserver = AOS.ARL.ARMY.MIL (root) nameserver = NS1.ISI.EDU (root) nameserver = C.PSI.NET (root) nameserver = TERP.UMD.EDU (root) nameserver = NS.NASA.GOV (root) nameserver = NIC.NORDU.NET (root) nameserver = NS.ISC.ORG (root) nameserver = NS.NIC.DDN.MIL (root) nameserver = NS.INTERNIC.NET (root) nameserver = AOS.ARL.ARMY.MIL (root) nameserver = NS1.ISI.EDU (root) nameserver = C.PSI.NET TERP.UMD.EDU internet address = 128.8.10.90 NS.NASA.GOV internet address = 128.102.16.10 NS.NASA.GOV internet address = 192.52.195.10 NIC.NORDU.NET internet address = 192.36.148.17 NS.ISC.ORG internet address = 192.5.5.241 NS.NIC.DDN.MIL internet address = 192.112.36.4 NS.INTERNIC.NET internet address = 198.41.0.4 AOS.ARL.ARMY.MIL internet address = 192.5.25.82 AOS.ARL.ARMY.MIL internet address = 128.63.4.82 NS1.ISI.EDU internet address = 128.9.0.107 Mission acomplished, quit nslookup: > exit You now have the complete nslookup seesion log in a file called nslookup.log. Start a editor and remove all but the results of the last query. To make a named.cache file of the rest you change it in this manner: (root) nameserver = TERP.UMD.EDU should become . IN NS TERP.UMD.EDU. Note the trailing '.'. It specifies that edu is a root domain, and should be there. Then you change lines on the form TERP.UMD.EDU internet address = 128.8.10.90 to TERP.UMD.EDU. 999999 IN A 128.8.10.90 Note the trailing . again. Then save the file again. If you examine the result of the edit and your /var/named/root.cache they should be remarkably alike, so this corresponds to the root.conf file. Move the new file to /var/named/root.cache. Now run /usr/sbin/named.restart and test your new setup by connecting to 5. Of forwarders and slaves. There are one or two enhancements you can make on this setup. One involves asking other close by name servers if they have the name cached, thus (possebly, if we're lucky) avoiding having to wait for a reply from halfway across the globe. You can't use any close by nameserver for forwarding; it has to accept recursive queries (to quote the named manpage). If you don't know any close-by forwarders ask your provider if they know any name servers you can use as forwarder. In My Humble Opinion your provider should be be able to be one of your forwarders. Never, ever use another server as forwarder without the permission of it's admin, it's rude. A forwarders line should be in the named.boot file, and looks like this (DO NOT USE THIS LINE, IT WILL NOT WORK! Use your local forwarders instead): forwarders 127.0.0.2 127.0.0.3 You can list as many forwarders as you like. A line like this slave in named.boot will put your name server in slave mode, this means it will only query it's forwarders. If you're behind a firewall or perhaps have to pay for traffic leaving your provider's net this is usefull.