DNS Cache-Only Config Advice Post: 302356460

Sponsored Content

Special Forums IP Networking DNS Cache-Only Config Advice Post 302356460 by danny.hudson on Friday 25th of September 2009 03:35:51 PM

09-25-2009

Registered User

DNS Cache-Only Config Advice

Hi Chaps and Chappettes,

I've had a short period of time recently to learn and implement DNS cache-only in our organisation. Trouble is, according to my tcpdumps, the amount of traffic on port 53 has increased. This is of course the exact opposit of the desired effect. Would y'all mind looking over my config?

FYI, the machine is an Exim MTA handling mail traffic. There are 2 internal and 2 external DNS servers as well as this machine. resolv.conf is pointed to local. Stuff I dig appears in the cache dump. I'm not sure if I should have the zone specified as there is no zonefile on this machine, but it did seem to get the internal traffic going again.

RHEL 5 2.6.18-128.1.6.el5PAE
BIND 9.3.4-10.P1.el5

Many, many thanks for any help.

named.conf:

Code:

options {
  forwarders { ip_of_external_1; ip_of_external_2; };
  forward first;
  directory "/var/named" ;
  dump-file "dump/named_dump.db";
  allow-query { any; };
  allow-recursion { any; };
  allow-transfer { none; };
  allow-notify { none; };
  listen-on-v6 { none; };
  recursive-clients 3500;
  version none;
  zone-statistics yes;
  notify no;
  auth-nxdomain no;
  };

logging{
  channel simple_log {
    file "named.log" versions 3 size 5m;
    severity dynamic;
    print-time yes;
    print-severity yes;
    print-category yes;
  };
  category default{
    simple_log;
  };
  category lame-servers {
    null;
  };
};

zone "orgname.com" {
        type forward;
        forwarders { ip_of_internal_1; 2ip_of_internal_2; ip_of_internal_1_service_ip; ip_of_internal_2_service_ip; };
};

zone "0.0.127.in-addr.arpa" {
        type master;
        file "db.127.0.0";
};

db.127.0.0:

Code:

$TTL 345600
@               IN      SOA     localhost. root.localhost.      (
                                00      ; Serial
                                86400   ; Refresh
                                7200    ; Retry
                                2592000 ; Expire
                                345600) ; Minimum

                IN      NS      localhost.
1               IN      PTR     localhost.

danny.hudson

View Public Profile for danny.hudson

Find all posts by danny.hudson

7 More Discussions You Might Find Interesting

1. Solaris

DHCP DNS Config

I'm running Solaris 9 and I need my box to request it's DNS servers off a DHCP server - can I do this?

2. Ubuntu

Linux Redhat ES 4.0 - DNS Config Issues

Hello all, I've a very strange thing hapenning in my Sys, I've configured the IP, DNS eveything for my internat connection, but Im only able to browse Redhat.com websites. I cant open anyother site!!! :eek: Im sure the internet is configured 'coz it displays the list of avail updates for...

3. Cybersecurity

Dns cache poisoning upgrade to bind9.5.0p2

Hi again guys, It seems this is a global thing affecting all the DNS bind versions prior to July 28 2008. I have my work cut out for me very soon, I see at least a handful of servers in my list that either need to patching or upgrading. How many of you guys are affected? Anybody successfully...

4. Red Hat

Path of the DNS Cache file

We have a DNS server that is only using as a cache DNS of parent server. I wonder where it the cache file that it created from parent DNS? Please tell me where will be the cache file?

5. Solaris

DNS Cache Problem-Urgent !!!!!!

I have DNS Server running in solaris 10 . There is website called exaple.com ,whcih was hosted in this dns server with IP 1.2.3.4 ,now we deleted the DNS entry of that website from our DNS Server (db.exmaple.com is deleted from named.conf ) and it is hosted with some other name server with IP...

6. IP Networking

How to add intranet sites to DNS cache?

Hi all, I'm hosting a site for my team in my LAN, for which my team mates should type my hosting server IP address in the web browser, example: http://192.168.134.213:78/testteam/ This is really hectic to type the ip address always, is there anyway where i can create a site name mapping to...

7. IP Networking

DNS config preventing mail delivery

Hi Please can you help on this: the Net Admins decided to use DNS to resolve names, so this is preventing mail being delivered when using commands like date | mailx -s "test" abc.xyz@asdf.xx.yy. What we were asked was to edit /etc/resolv.confand add 3 entries, in all servers

LEARN ABOUT MOJAVE

net::dns::rr::srv5.18

Net::DNS::RR::SRV(3)					User Contributed Perl Documentation				      Net::DNS::RR::SRV(3)

NAME

       Net::DNS::RR::SRV - DNS SRV resource record

SYNOPSIS

	   use Net::DNS;
	   $rr = new Net::DNS::RR('name SRV priority weight port target');

DESCRIPTION

       Class for DNS Service (SRV) resource records.

METHODS

       The available methods are those inherited from the base class augmented by the type-specific methods defined in this package.

       Use of undocumented package features or direct access to internal data structures is discouraged and could result in program termination or
       other unpredictable behaviour.

   priority
	   $priority = $rr->priority;

       Returns the priority for this target host.

   weight
	   $weight = $rr->weight;

       Returns the weight for this target host.

   port
	   $port = $rr->port;

       Returns the port number for the service on this target host.

   target
	   $target = $rr->target;

       Returns the domain name of the target host.

COPYRIGHT

       Copyright (c)1997-2002 Michael Fuhr.

       Portions Copyright (c)2005 Olaf Kolkman, NLnet Labs.

       Package template (c)2009,2012 O.M.Kolkman and R.W.Franks.

       All rights reserved.

       This program is free software; you may redistribute it and/or modify it under the same terms as Perl itself.

SEE ALSO

       perl, Net::DNS, Net::DNS::RR, RFC2782

perl v5.18.2							    2014-01-16						      Net::DNS::RR::SRV(3)