Return-Path: owner-linux-activists@Niksula.hut.fi Received: from funet.fi (pp@funet.fi [130.230.1.1]) by keos.Helsinki.FI (8.6.9/H46) with ESMTP id JAA01637 for ; Mon, 6 Mar 1995 09:35:30 +0200 Received: from joker.cs.hut.fi by funet.fi with SMTP (PP); Sun, 5 Mar 1995 08:22:12 +0200 Received: from joker.cs.hut.fi by niksula.hut.fi id <55327-1>; Sun, 5 Mar 1995 02:39:01 +0200 From: Linux Activists To: Linux-Activists Reply-To: Linux-Activists X-Note1: Remember to put 'X-Mn-Key: DOC' to your mail body or header Subject: Linux-Activists - DOC Channel digest. 95-2-4-20:58 X-Mn-Key: DOC Sender: owner-linux-activists@Niksula.hut.fi Message-Id: <95Mar5.023901eet.55327-1@niksula.hut.fi> Date: Sun, 5 Mar 1995 02:38:56 +0200 Content-Length: 14142 Status: RO X-Status: Topics: caching named howto ---------------------------------------------------------------------- From: "Nicolai Langfeldt" Subject: caching named howto Date: Sat, 04 Mar 1995 18:53:18 +0100 I've written a caching named mini howto. This is useful for anyone running thru a modem connection with slip/ppp or other ip connection. I've gotten a few ppl to use it and all but one (which had a TOTAL failure to get anything to work) have reported that it's good. Before I submit it to general public I'd like some more ppl to test it, so if you would read it, and maybe even follow the instructions... And then e-mail me some feedback, and please - reply only to janl@ifi.uio.no, not the whole list of recipients. Thanks Nicolai Here it is: - - ------------------------------------------------------------------ Caching named mini howto. Version 0.3 (C)opyright 1995 Nicolai Langfeldt. Do not modify without amending copyright, distribute freely but retain copyright message. Please send money, comments and/or questions to janl@ifi.uio.no. I would appreciate it if someone sent me a section 3 for (c)slip users. 1. Introduction This mini howto describes how to set up set up a caching name server. This is primarily usefull for people connected to the net with a (dialup) modem because name lookups can be slow due to the slownes of modem comunications. Just to be clear: When I say 'your machine' I mean the macine/host you dial up to the net from, for most people this is their home machine. There is room for confusion because quite people dial up to their own internet connected machine at work, _that_ is not the machine I talk of in this howto. Not at all. Before you start on this you should configure your machine so that you can telnet in and out of it, and make successfuly make all kinds of connections to the net. This includes having good /etc/host.conf, /etc/resolve.conf and /etc/hosts files. If you don't already have this working the networking howto explains how to set it up. Name serving on unix is done by a program called named. This is a part of the bind package that's coordinated by Paul Vixie. This can be gotten on Linux ftp sites, but chances are that you already have a named. It's usualy called /usr/sbin/named. You can use that if you already have it. If you need to set up named for more than just caching, for example for setting up your own internet domain I sugest you get the book "DNS and BIND" by C. Liu and P. Albitz from O'Reilly & Associates, Sebastopol, CA, ISBN 0-937175-82-X 1992. There are also docs in the bind distribution, including a FAQ and a manual as well as papers. 2. Setting it up Tip: Make backup copies of all the files I instruct you to change if you already have them, so if after going thru this nothing works you can get it back to your old, working state. First you need a file called /etc/named.boot. This is read when named starts. For our purpose it should simply contain (remove leading spaces): ; Boot file for nicolais caching name server ; directory /etc ; ; type domian source file or host cache . root.cache A file named /etc/root.cache is named in this. /etc/root.cache should contain this (remove leading spaces again): ; ---- Root cache dump ---- . IN NS NS.INTERNIC.NET. . IN NS AOS.ARL.ARMY.MIL. . IN NS NS1.ISI.EDU. . IN NS C.PSI.NET. . IN NS TERP.UMD.EDU. . IN NS NS.NASA.GOV. . IN NS NIC.NORDU.NET. . IN NS NS.ISC.ORG. ; ; Prep the cache (hardwire the addresses). Order does not matter ; NS.INTERNIC.NET. 999999 IN A 198.41.0.4 AOS.ARL.ARMY.MIL. 999999 IN A 128.63.4.82 AOS.ARL.ARMY.MIL. 999999 IN A 192.5.25.82 NS1.ISI.EDU. 999999 IN A 128.9.0.107 C.PSI.NET. 999999 IN A 192.33.4.12 TERP.UMD.EDU. 999999 IN A 128.8.10.90 NS.NASA.GOV. 999999 IN A 128.102.16.10 NS.NASA.GOV. 999999 IN A 192.52.195.10 NIC.NORDU.NET 999999 IN A 192.36.148.17 NS.ISC.ORG 999999 IN A 192.5.5.241 It describes the root name servers in the world. This changes over time, see below for how to get updated data. These two files are supposedly described in the named man page. I say supposedly because that man page is probably one of the least clear man pages in creation if you don't already know how to set up named. Next, when you're connected to the net you need a /etc/resolv.conf looking like this: search ifi.uio.no uio.no math.uio.no nameserver 127.0.0.1 The 'search' line tells the name resolving routines in libc to search for the host names in the domains ifi.uio.no, uio.no and math.uio.no. It would normaly not contain your top domain ('no' in my case). I have math.uio.no in the list because I regularly log into machines there. If you belong in 'ots.utexas.edu' you would probably want to put 'ots.utexas.edu' and 'utexas.edu' in the list. But you can put any domains you like in the list. The 'nameserver' line says that the nameserver is at 127.0.0.1 (the loopback address, i.e. your own machine). The last file you have to fix is /etc/host.conf. There should be a line starting with 'order' and it should look like this: order hosts,bind If there is no order line you should stick one in. It tells the host name resolving routinges to first look in /etc/hosts, then ask the name server (which you in resolve.conf said is at 127.0.0.1) These two latest files are documented in the resolv(8) manpage (do 'man 8 resolv'). That man page is IMHO readable, and everyone should read it. Now you can connect to the world and test your setup. Dial up and establish your connection the usual way. Once the connection is established (and /etc/resolve.conf has the right 'nameserver' line) you start /usr/sbin/named. If you look in your syslog message file (usualy called /var/adm/messages, use the command 'tail /var/adm/messages' to see it's end) after you start named you should see something like: Jan 14 23:13:14 roke named[671]: starting. named 4.9.3-BETA9 Sat Jan 14 21:19:55 MET 1995 janl@roke:/usr/src/bind-4.9.3-BETA9/named Jan 14 23:13:14 roke named[672]: Ready to answer queries. If there is any messages about errors then there is a mistake somewhere in the file named named in the message (one of named.boot and root.cache I hope :-) Kill named and go back and check the files. Once named does not complain you can start querying it. The program designed for this is nslookup. Start it by giving linux the command 'nslookup': $ nslookup Default Server: localhost Address: 127.0.0.1 > Now you can enter a query. Try looking up some machine close to you. mnemosyne.uio.no is a Linux machine I run at the university: > mnemosyne.uio.no Server: localhost Address: 127.0.0.1 Name: mnemosyne.uio.no Address: 129.240.21.233 nslookup now asked your named to look for the machine mnemosyne.uio.no. It then contacted one of the name server machines named in your root.cache file, and asked it's way from there. It might take some seconds before you get the result as it searches all the domains you named in /etc/resolve.conf. If you try again you get this: > mnemosyne.uio.no Server: localhost Address: 127.0.0.1 Non-authoritative answer: Name: mnemosyne.uio.no Address: 129.240.21.233 Note 'Non-authoritative answer:'. That means that named did not go out on the network to ask this time, it instead looked in it's cache and found it there. But the cached information _might_ be out of date (also called 'stale'). So you are informed of this by it saying 'Non-authorative answer:'. So when nslookup says this the second time you ask for a host it's a sign it caches the information and the desired effect of setting up the named has been reached. You exit nslookup by giving the command 'exit'. A warning: It is not smart to run named when you are not connected to the net, this is because named will try to send queries to the net and it has a long timeout, and you have to wait for this timeout every time some program tries to resolve a name. The next section explains how I deal with seting up and taking down named when connecting and disconnecting to the net. So now you know how to set up different configuration files so named works. 3. Automatic setup when connecting (and disconnecting). This section explains how I have set things up to automate everything. My way might not suit you at all, but you might get a idea from something I've done. Also, I use ppp for dialup, while many use slip or cslip, so almost everything in your setup can be different from mine. But slip's dip program should be able to do many of the things I do. Normaly, when I'm not connected to the net I have a resolv.conf file simply containing the line domain uio.no This ensures I don't have to wait for the hostname resolving library to try to connect to a nameserver that can't help me. But when I connect I want to start my named and have a resolv.conf looking like the one described above. I have solved this by keeping two resolv.conf 'template' files named resolv.conf.local and resolve.conf.connected. The latter looks like the resolve.conf described before in this document. To automaticaly connect to the net I run a script called 'ppp-on': #!/bin/sh cp -v /etc/resolv.conf.connected /etc/resolv.conf echo calling... pppd pppd has a file called 'options' that tells it the particulars of how to get connected. Once my ppp connection is up the pppd starts a script called ip-up (this is described in the pppd man page). This is parts of the script: #!/bin/sh ... echo 1>&2 PPP: IP upp ... /usr/sbin/named echo PPP: ip-up finished I.e. I start my named there. When ppp is disconnected pppd runs a script called ip-down: #!/bin/sh echo 1>&2 PPP: IP down cp /etc/resolv.conf.local /etc/resolv.conf kill `cat /var/run/named.pid` So this gets things configured and up when connecting and disconfigured and down when disconnecting. 4. Getting a new root.cache file. I mentioned that the root.cache information changes from time to time. So you might want to update it once in a long while. Start nslookup and give the command > set type=ns Which means that nslookup should ask for 'ns' (or NameServer) records (it usualy asks for A, or address records). > . Which means, get me root information. In a unix filesystem the root is '/', in the name server system the root is '.' and is often written so. The answer to my query was: Server: localhost Address: 127.0.0.1 Non-authoritative answer: (root) nameserver = AOS.ARL.ARMY.MIL (root) nameserver = NS1.ISI.EDU (root) nameserver = C.PSI.NET (root) nameserver = TERP.UMD.EDU (root) nameserver = NS.NASA.GOV (root) nameserver = NIC.NORDU.NET (root) nameserver = NS.ISC.ORG (root) nameserver = NS.NIC.DDN.MIL (root) nameserver = NS.INTERNIC.NET Authoritative answers can be found from: (root) nameserver = AOS.ARL.ARMY.MIL (root) nameserver = NS1.ISI.EDU (root) nameserver = C.PSI.NET (root) nameserver = TERP.UMD.EDU (root) nameserver = NS.NASA.GOV (root) nameserver = NIC.NORDU.NET (root) nameserver = NS.ISC.ORG (root) nameserver = NS.NIC.DDN.MIL (root) nameserver = NS.INTERNIC.NET AOS.ARL.ARMY.MIL internet address = 128.63.4.82 AOS.ARL.ARMY.MIL internet address = 192.5.25.82 NS1.ISI.EDU internet address = 128.9.0.107 C.PSI.NET internet address = 192.33.4.12 TERP.UMD.EDU internet address = 128.8.10.90 NS.NASA.GOV internet address = 128.102.16.10 NS.NASA.GOV internet address = 192.52.195.10 NIC.NORDU.NET internet address = 192.36.148.17 NS.ISC.ORG internet address = 192.5.5.241 NS.NIC.DDN.MIL internet address = 192.112.36.4 It says that the answer is non-authorative, and that an authorative answer can be gotten from one of a list of hosts. We want a authorative answer so we tell nslookup to use one of the named servers. I pick nic.nordu.net because nordunet is the Nordic research network and is thus close to me (I'm in Norway). You can choose any you fancy. > server nic.nordu.net Default Server: NIC.NORDU.NET Address: 192.36.148.17 Now to ask for the root ns records again: > . Server: NIC.NORDU.NET Address: 192.36.148.17 (root) nameserver = TERP.UMD.EDU (root) nameserver = NS.NASA.GOV (root) nameserver = NIC.NORDU.NET (root) nameserver = NS.ISC.ORG (root) nameserver = NS.NIC.DDN.MIL (root) nameserver = NS.INTERNIC.NET (root) nameserver = AOS.ARL.ARMY.MIL (root) nameserver = NS1.ISI.EDU (root) nameserver = C.PSI.NET (root) nameserver = TERP.UMD.EDU (root) nameserver = NS.NASA.GOV (root) nameserver = NIC.NORDU.NET (root) nameserver = NS.ISC.ORG (root) nameserver = NS.NIC.DDN.MIL (root) nameserver = NS.INTERNIC.NET (root) nameserver = AOS.ARL.ARMY.MIL (root) nameserver = NS1.ISI.EDU (root) nameserver = C.PSI.NET TERP.UMD.EDU internet address = 128.8.10.90 NS.NASA.GOV internet address = 128.102.16.10 NS.NASA.GOV internet address = 192.52.195.10 NIC.NORDU.NET internet address = 192.36.148.17 NS.ISC.ORG internet address = 192.5.5.241 NS.NIC.DDN.MIL internet address = 192.112.36.4 NS.INTERNIC.NET internet address = 198.41.0.4 AOS.ARL.ARMY.MIL internet address = 192.5.25.82 AOS.ARL.ARMY.MIL internet address = 128.63.4.82 NS1.ISI.EDU internet address = 128.9.0.107 If you change '(root) nameserver =' to '. IN NS' then the first part is exactly like the first part of the root.cache file and if you change 'internet address =' with '999999 IN A' in the second part you have something exactly like the second part of the root.cache file. So, this corresponds to the root.conf file. Run /usr/sbin/named.reload or restart named once you have updated the root.cache file. ------------------------------ End of DOC Digest ***************** ------- .