Total Pageviews

Friday 6 May 2016

用bind9在桌面操作系统搭建一个本地的缓存nameserver

In this tutorial, we'll set up a local caching nameserver. This can be used instead of the DNS nameservers that Luna Node virtual machines are assigned via DHCP by default (Google's public DNS at 8.8.8.8/8.8.4.4). Most domain names will take longer to resolve: public DNS providers have lots of users and so caching provides a greater benefit; however, there are still several advantages to resolving domain names locally:
  • Privacy: your DNS queries won't be visible to a central authority
  • Spam RBLs: most real-time blacklists (like SpamHaus, SpamCop, etc.) rate-limit queries, and so will stop responding to public DNS nameservers; they won't be effective without local name resolution
  • Reliability: if the public DNS server goes down, or the route from your machine to the public DNS server becomes congested, then DNS queries will fail; local resolution avoids this problem

Installation

The first step is, of course, to install the nameserver software. On Debian/Ubuntu:
apt-get install bind9
On CentOS:
yum install bind
service named start
By default the packages are already set up for a caching nameserver configuration, so no further bind9 configuration is needed. You can test the nameserver with dig (on CentOS, you'll need to install bind-utils package to use dig):
dig @localhost lunanode.com
You should see the IP address of lunanode.com in the answer section of the output.

Configuring your system to use the local caching nameserver

Some network configuration updates are needed to tell the operating system to use the local caching nameserver for DNS queries.
On Ubuntu/Debian, we edit our DHCP client configuration (Ubuntu: /etc/dhcp/dhclient.conf; Debian: /etc/dhclient.conf). Look for a line like this:
#prepend domain-name-servers 127.0.0.1;
If it exists, then uncomment it; if not, add a line like this to the end of the file:
prepend domain-name-servers 127.0.0.1;
On CentOS, we update /etc/sysconfig/network-scripts/ifcfg-eth0 and add a static DNS parameter at the bottom; this will override the one received from the DHCP server:
DEVICE="eth0"
BOOTPROTO="dhcp"
ONBOOT="yes"
TYPE="Ethernet"
USERCTL="yes"
PEERDNS="yes"
IPV6INIT="no"
PERSISTENT_DHCLIENT="1"
DNS1=127.0.0.1
Now, you can reboot the machine to acquire the new DNS nameserver settings; alternatively, update your /etc/resolv.conf so that it just has a single nameserver line:
nameserver 127.0.0.1
(To verify that it's working after a reboot, you can check the /etc/resolv.conf file for the line above.)

from  https://www.lunanode.com/tutorial/local_caching_nameserver
----------
在mac,命令为brew install bind,安装完毕后,显示:
To have launchd start bind at startup:
  sudo cp -fv /usr/local/opt/bind/*.plist /Library/LaunchDaemons
  sudo chown root /Library/LaunchDaemons/homebrew.mxcl.bind.plist
Then to load bind now:
  sudo launchctl load /Library/LaunchDaemons/homebrew.mxcl.bind.plist
==> Summary
🍺  /usr/local/Cellar/bind/9.10.2-P4: 405 files, 46M, built in 3.9 minutes。

运行这三条命令:
sudo cp -fv /usr/local/opt/bind/*.plist /Library/LaunchDaemons
sudo chown root /Library/LaunchDaemons/homebrew.mxcl.bind.plist
sudo launchctl load /Library/LaunchDaemons/homebrew.mxcl.bind.plist

yudeMacBook-Air:~ brite$ ps aux|grep bind (查看bind是否在运行中)
yuming          64089   0.0  0.0  2423356     24 s000  R+   10:56下午   0:00.00 grep bind
root            64086   0.0  0.4  2477520  16000   ??  Ss   10:56下午   0:00.06 /usr/local/opt/bind/sbin/named -f -c /usr/local/etc/named.conf
yudeMacBook-Air:~ brite$

bind果然在运行中。
Posted by at
Labels: