[Server-devel] adding custom dns entries on XS
Michael Stone
michael at laptop.org
Tue Mar 17 18:52:15 EDT 2009
On Tue, Mar 17, 2009 at 04:04:06PM -0400, Daniel Drake wrote:
>2009/3/17 Martin Langhoff <martin.langhoff at gmail.com>:
>> It's in my plans to have a means to do what you're doing. I was wondering about
>>
>> - a conf.d approach
>> - a pre-processor for the .in files that handles ifdef-style blocks
>> - whether dnsmasq or djbdns can help us here
>>
>> I sure hope BIND won't be with us for ever.
>
>dnsmasq can certainly help. With dnsmasq you just have to add an entry
>in /etc/hosts on the server, and then dnsmasq automatically picks it
>up.
>Michael says that djbdns also can do what we want, and pointed me to
>some documentation, but it looked a lot more complicated than dnsmasq.
Here's a rough outline of how you might redirect "antitheft.laptop.org" with
djbdns on Debian Lenny. I can't promise that it's bulletproof, but it seems to
do approximately the right thing in simple testing.
sudo su -
apt-get install djbdns
useradd -s /bin/false dnslog
useradd -s /bin/false tinydns
useradd -s /bin/false dnscache
export YOUR_IP=...
# create empty dnscache and tinydns configurations
dnscache-conf dnscache dnslog /etc/dnscache
tinydns-conf tinydns dnslog /etc/tinydns 127.0.0.1
# tell dnscache where to bind, when to reply, and to proxy queries for at.l.o
echo $YOUR_IP > /etc/dnscache/env/IP
touch /etc/dnscache/root/ip/10 # answer 10.0.0.0/24
echo 127.0.0.1 > /etc/dnscache/root/servers/antitheft.laptop.org
# give tinydns a zone containing at.l.o
cd /etc/tinydns/root
./add-ns antitheft.laptop.org $YOUR_IP
./add-host antitheft.laptop.org $YOUR_IP
make
# tell supervise to run our services; see also "update-service" on debian
ln -s /etc/dnscache /etc/service
ln -s /etc/tinydns /etc/service
# check that we're running and bound to proper ports
svstat /etc/dnscache /etc/tinydns
netstat -nulp | grep ':53 '
# read logs
tail -f /etc/dnscache/log/main/current
cat /etc/tinydns/log/main/current | tai64nlocal | less
# optional -- resolve against your local dnscache
echo domain schoolserver > /etc/resolv.conf
echo nameserver $YOUR_IP >> /etc/resolv.conf
Questions?
Michael
P.S. - Is there a wiki page where this sort of thing is supposed to go?
More information about the Server-devel
mailing list