i'd rather use bind..i don't have to go outside the Centos tree that way and can easily maintain it with yum update. Thanks for the suggestion though.
Feizhou wrote:
If you only need caching, then try using something simpler, and more secure, than bind. Try dnsmasq (it can run a dhcp-server too, but that is easily disabled) or dns-cache (a djb software utility).
dnscache - simple and secure
However you need some supporting software, namely, daemontools
see http://cr.yp.to/daemontools.html for more information.
wget http://cr.yp.to/daemontools/daemontools-0.76.tar.gz tar zxf daemontools-0.76.tar.gz cd admin/daemontools-0.76 echo 'gcc -Os -include /usr/include/errno.h -Wimplicit -Wunused -Wcomment -Wchar-subscripts -Wuninitialized -Wshadow -Wcast-qual -Wcast-align -Wwrite-strings' > src/conf-cc ./package/install cd ../..
(The above will get you a running daemontools installation right away)
djbdns -- see http://cr.yp.to/djbdns.html
wget http://cr.yp.to/djbdns/djbdns-1.05.tar.gz tar zxf djbdns-1.0.5.tar.gz cd djbdns-1.05.tar.gz echo 'gcc -Os -include /usr/include/errno.h -Wimplicit -Wunused -Wcomment -Wchar-subscripts -Wuninitialized -Wshadow -Wcast-qual -Wcast-align -Wwrite-strings' > conf-cc make setup check dnscache-conf nobody nobody /var/dnscache 192.168.0.[?] touch /var/dnscache/root/ip/192.168.0
(This will get you an installation that listens only on 192.168.0.[?] and that is installed under /var/dnscache. The dnscache program will run under nobody and log files will be generated under nobody uid/gid in /var/dnscache/log/main/current.
By default, it will only use 1MB of RAM for caching. To increase, edit /var/dnscache/env/DATALIMIT and /var/dnscache/env/CACHESIZE. DATALIMIT must be slighty larger than CACHESIZE. At least two megabytes larger seems to be a good value. -- see http://cr.yp.to/djbdns/cachesize.html.
Regarding last step, only queries from 192.168.0.x will be entertained. This is a non-forwarding setup)
To activate: cd /service; ln -s /var/dnscache
If you change anything under /var/dnscache/env or /var/dnscache/root/servers, you need to restart to take effect.
To restart: svc -t /service/dnscache To stop: svc -d /service/dnscache To start: svc -u /service/dnscache (note: daemontools will automatically start on boot and it will also automatically start dnscache) _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos .