enable DNS
Rodolfo J. Paiz
rpaiz at simpaticus.com
Sat Jun 12 20:13:50 UTC 2004
At 20:37 6/11/2004, Kenneth Porter wrote:
>--On Friday, June 11, 2004 2:55 PM -0400 David Collantes
><david at bus.ucf.edu> wrote:
>
>>You do not need to run DNS to do what you are trying to do, but you need
>>to list a valid (or more than one) DNS on your /etc/resolv.conf, which
>>should contain:
>>
>>search dnsdomainname.com
>>nameserver XXX.XXX.XXX.XXX
>>nameserver XXX.XXX.XXX.XXX
>>
>>Of course, XXX.XXX.XXX.XXX are the IP of the DNS you are going to use.
>>Done!
>
>But it's nice to run your own caching server to reduce traffic and you
>eliminate dependence on your ISP's servers. To do this, install the
>caching-nameserver RPM package. It's a config file for BIND (named) that
>runs it only as a caching server. Then enable and start the named service.
>
>Finally, in /etc/resolv.conf, set the nameserver to 127.0.0.1 so that it
>will consult your new caching nameserver.
Note that this is *only* beneficial when there are at least several, and
hopefully lots, of machines in your local network. For just one or two
machines it's an additional point of failure, an additional hop/step in
name resolution, and just plain more work. I generally do not recommend it
unless you are service *at least* five machines and you also *like* to do
additional work (masochism, the learning experience, whatever).
Also, simply installing and configuring a caching nameserver without
additional configuration means that every two-bit network out there is
harassing the root servers directly which is incredibly rude. Nameservers
are set up hierarchically *specifically* to spread out load and reduce
duplicate requests, and your ISP's DNS servers likely serve up name
resolution for 10,000 machines or more. You should always have your own
caching-nameserver set up to forward queries to your ISP's servers *FIRST*
and only query the root servers if that fails.
Not only is that the correct, courteous, proper way to do it, it's actually
faster on average since in many cases your ISP's servers *will* have the
name you want in their cache so you'll get a fast, one-hop response. Even
if the ISP's servers are down, then your named process will still
transparently and automatically query the root servers directly, so it's
more fault-tolerant as well. Add this to your named.conf at the top in the
"options" section where the directory is set:
forward first;
forwarders { 111.111.111.111; 222.222.222.222; };
and you're done! Simple, very simple, and much better in every possible way.
Cheers,
--
Rodolfo J. Paiz
rpaiz at simpaticus.com
http://www.simpaticus.com
More information about the fedora-list
mailing list