Caching Only Name Server 2

[zinja]

Please help. I am a novice at Linux administration. What I need to do is setup my server so that it will cache DNS lookups so that if the main DNS server is down (or lost internet connectivity), it will remember the addresses.

Let me explain...

I wrote a web based point of sale system that uses names for identifying devices (receipt printer, check scanner, etc). The nameserver is not the same server as the webserver that runs the app. When the Internet connection is down, these lookups fail to happen and the cash register doesn't work. What I need is for the webserver to remember the address that goes with the devices so it will use that cached info in case the dns server is unavailable. I have tried following the instructions on this site:

http://mars.netanya.ac.il/~unesco/cdrom/LDP/DNS/HTML_FORMAT/DNS-HOWTO-3.html

but it didn't work. I think it is looking in /etc/bind/named.conf instead of /etc/named.conf when named starts. When I copy the modified named.conf to /etc/bind/ I get errors.

Any ideas?



LJ Wilson

My personal saying - Just remember, it can always get worse, and usually will.

 

[LawnBoy]

You could put the names and addresses of those devices into the webserver's HOSTS file, then it won't use DNS to look them up.

 

[zinja]

I have tried that, but it doesn't work all the time, and then there would be another thing for me to maintain (when the addresses change or new devices are added). Is there a way to have the server remember the address associated with a name?

Thanks,

LJ Wilson

My personal saying - Just remember, it can always get worse, and usually will.

 

[elgrandeperro]

The "directory" directive says all the files (in the example) are in /var/named:
root.hints
a file in directory /var/named/pz/127.0.0 (how stupid)
Just change that to a file called localhost.rev in /var/named.

That isn't the real problem, however.

You can always call any config file with the -c option, I usually uses:

strings named | grep named.conf

to figure out the default location. One can always symbolic link from there to a named.conf specified in the directory directive, so all your bind files are together.

What is wrong is the the doc doesn't say to change /etc/resolv.conf so that your apps will actually USE the local nameserver for resolution:

/etc/resolv.conf:
search your_domains
nameserver 127.0.0.1 <<< This is first
nameserver (your other DNS servers)

eugene

 

[zinja]

I think I tried what you indicated. I made changes and it is still not working.

Can you tell me what to put in each file to get this going?

The main DNS server for us is 10.XX.XX.5

Thanks for the help thus far.

LJ Wilson

My personal saying - Just remember, it can always get worse, and usually will.

 

[elgrandeperro]

Here is sample named.conf. I think everything else in the link you had is right:

options {
directory "/usr/local/bind";
forwarders {
10.XX.XX.5;
};
};

zone "." {
type hint;
file "root.hints";
};


zone "0.0.127-addr.arpa" {
type master ;
file "127.rev" ;
};


Obviously, I have the root file in root.hints and
local 127 reverse in 127.rev.

Please look at your /var/log/messages when you bring up named for errors. "not working" isn't much to go on.

I use this to debug:

nslookup - 127.0.0.1
> set debug
>

http://www.yahoo.com

(make sure this resolves)
>

http://www.somethingprivate.com

(if that is the case)
>

eugene

 

[zinja]

Ok. I made the changes you mentioned. The one thing I did different was put the file in /var/named and changed the line in your named.conf from:

directory "/usr/local/bind";

to

directory "/var/named";


Here is the output from /var/log/messages:

When starting named:

Jan 11 09:33:58 xac02 named[19335]: starting BIND 9.4.1-P1 -u named -n 1
Jan 11 09:33:58 xac02 named[19335]: found 2 CPUs, using 1 worker thread
Jan 11 09:33:58 xac02 named[19335]: loading configuration from '/etc/bind/named.conf'
Jan 11 09:33:58 xac02 named[19335]: listening on IPv4 interface lo, 127.0.0.1#53
Jan 11 09:33:58 xac02 named[19335]: automatic empty zone: 254.169.IN-ADDR.ARPA
Jan 11 09:33:58 xac02 named[19335]: automatic empty zone: 2.0.192.IN-ADDR.ARPA
Jan 11 09:33:58 xac02 named[19335]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
Jan 11 09:33:58 xac02 named[19335]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Jan 11 09:33:58 xac02 named[19335]: automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Jan 11 09:33:58 xac02 named[19335]: automatic empty zone: D.F.IP6.ARPA
Jan 11 09:33:58 xac02 named[19335]: automatic empty zone: 8.E.F.IP6.ARPA
Jan 11 09:33:58 xac02 named[19335]: automatic empty zone: 9.E.F.IP6.ARPA
Jan 11 09:33:58 xac02 named[19335]: automatic empty zone: A.E.F.IP6.ARPA
Jan 11 09:33:58 xac02 named[19335]: automatic empty zone: B.E.F.IP6.ARPA
Jan 11 09:33:58 xac02 named[19335]: command channel listening on 127.0.0.1#953
Jan 11 09:33:58 xac02 named[19335]: zone 127.in-addr.arpa/IN: loading from master file localhost.rev failed: file not found
Jan 11 09:33:58 xac02 named[19335]: running


After doing a the nslookup tests:

Jan 11 09:34:58 xac02 named[19335]: checkhints: b.root-servers.net/A (192.228.79.201) missing from hints
Jan 11 09:34:58 xac02 named[19335]: checkhints: b.root-servers.net/A (128.9.0.107) extra record in hints
Jan 11 09:34:58 xac02 named[19335]: checkhints: j.root-servers.net/A (192.58.128.30) missing from hints
Jan 11 09:34:58 xac02 named[19335]: checkhints: j.root-servers.net/A (198.41.0.10) extra record in hints
Jan 11 09:34:58 xac02 named[19335]: checkhints: l.root-servers.net/A (199.7.83.42) missing from hints
Jan 11 09:34:58 xac02 named[19335]: checkhints: l.root-servers.net/A (198.32.64.12) extra record in hints

It looked up

http://www.yahoo.com

fine, but not the other private one.

Here is the output from that:

xac02 named # nslookup - 127.0.0.1
> set debug
>

http://www.yahoo.com

Server: 127.0.0.1
Address: 127.0.0.1#53

------------
QUESTIONS:

http://www.yahoo.com,

type = A, class = IN
ANSWERS:
->

http://www.yahoo.com

canonical name =

http://www.yahoo-ht3.akadns.net.

->

http://www.yahoo-ht3.akadns.net

internet address = 209.191.93.52
AUTHORITY RECORDS:
-> akadns.net
nameserver = use4.akadns.net.
-> akadns.net
nameserver = zd.akadns.org.
-> akadns.net
nameserver = use3.akadns.net.
-> akadns.net
nameserver = za.akadns.org.
-> akadns.net
nameserver = zb.akadns.org.
-> akadns.net
nameserver = zc.akadns.org.
-> akadns.net
nameserver = eur1.akadns.net.
-> akadns.net
nameserver = usw2.akadns.net.
-> akadns.net
nameserver = asia9.akadns.net.
ADDITIONAL RECORDS:
------------
Non-authoritative answer:

http://www.yahoo.com

canonical name =

http://www.yahoo-ht3.akadns.net.

Name:

http://www.yahoo-ht3.akadns.net

Address: 209.191.93.52
> ac19.i2software.com
Server: 127.0.0.1
Address: 127.0.0.1#53

------------
QUESTIONS:
ac19.i2software.com, type = A, class = IN
ANSWERS:
AUTHORITY RECORDS:
-> i2software.com
origin = i2software.com
mail addr = dnsadmin.ezclick.net
serial = 2007100301
refresh = 10800
retry = 3600
expire = 604800
minimum = 86400
ADDITIONAL RECORDS:
------------
** server can't find ac19.i2software.com: NXDOMAIN
Server: 127.0.0.1
Address: 127.0.0.1#53

------------
QUESTIONS:
ac19.i2software.com.i2software.com, type = A, class = IN
ANSWERS:
AUTHORITY RECORDS:
-> i2software.com
origin = i2software.com
mail addr = dnsadmin.ezclick.net
serial = 2007100301
refresh = 10800
retry = 3600
expire = 604800
minimum = 86400
ADDITIONAL RECORDS:
------------
** server can't find ac19.i2software.com.i2software.com: NXDOMAIN

Why does it have i2software.com twice there?

Thanks so much for the help though, I am beginning to understand how this works.



LJ Wilson

My personal saying - Just remember, it can always get worse, and usually will.

 

[elgrandeperro]

Because it was not ended with a dot, it appends the search path settings to fully qualify the name on failure (the NXDOMAIN error code says "try again") It does not make the assumption that because a dot is present it must be fully qualified. (think about it, if my machine was

http://www.east

I would want it to search to make it

http://www.east.testdomain.com)

so my search list would probably include east.testdomain.com and testdomain.com)

I assume you added the forward line, but if the forwarded server did know about "ac19.i2software.com" (which I assume is an internal name) it should have responded. Yet it didn't.

So now test:

nslookup

http://www.yahoo.com

10.XX.XX.5

nslookup ac19.i2software.com 10.XX.XX.5

If both fail (timeout, that is) then I suspect a firewall restriction.

If you don't get a timeout and yahoo worked and software.com didn't I would look at that nameservers setup.

eugene

 

[zinja]

Ok. Both things work when the machine is plugged into the network. But when I unplug the ethernet cable and try, it says "connection timed out; no servers could be reached".

Shouldn't it look to itself for cached names?

Thanks,

LJ Wilson

My personal saying - Just remember, it can always get worse, and usually will.

 

[elgrandeperro]

It should never say that if you are using the server at 127.0.0.1, because it should always be able to connect to that (whether it can get an answer is another issue).

So are you testing using "nslookup - 127.0.0.1" or through your application or other means?

 

[zinja]

I was testing using nslookup ac19.i2software.com (with the ethernet cable unplugged). I also tested using nslookup 127.0.0.1 and both came up with the same result - "connection timed out; no servers could be reached".

Any ideas?


LJ Wilson

My personal saying - Just remember, it can always get worse, and usually will.

 

[elgrandeperro]

First, you did use:
nslookup - 127.0.0.1
not
nslookup 127.0.0.1

The first is talking directly to your dns server at 127.0.0.1
The second is asking the "configured" dns server for the host corresponding to the IP 127.0.0.1.

What is the first nameserver configured in /etc/resolv.conf?

eugene

 

[zinja]

I had tried nslookup 127.0.0.1

Here is /etc/resolv.conf

#Generated by dhpcdd for interface eth0
search i2software.com
nameserver 10.XX.XX.5

Thanks for your patience with this.


LJ Wilson

My personal saying - Just remember, it can always get worse, and usually will.

 

[elgrandeperro]

You are still using your old nameserver. When you don't specify the 2nd argument, it uses the nameservers in /etc/resolv.conf. So when you went:

nslookup 127.0.0.1
it executed essentially:
nslookup 127.0.0.1 10.XX.XX.5
not
nslookup 127.0.0.1 127.0.0.1
which is the nameserver on your machone. Therefore
it timed out.


Since you are now forwarding to 10.XX.XX.5 in /etc/named.conf,
It should look like:

search i2software.com
nameserver 127.0.0.1
nameserver 10.XX.XX.5

(we put the other one in just in case the local named isn't restarted. Although TCP will have to timeout on the local one first (for every query), it will continue to work until you can bring the caching one up.

After this change, you should be able to:

nslookup OR nslookup - 127.0.0.1
>

http://www.google.com

> returns stuff for google.
> exit

disconnect cable

nslookup
>

http://www.google.com

> should return stuff from cache.
> exit

 

[zinja]

That parts works great now! Worked just as described. The only thing it is not doing now is looking up an address that is private (like ac19.i2software.com).

It isn't doing that with the cable plugged in.

Thanks!

LJ Wilson

My personal saying - Just remember, it can always get worse, and usually will.

 

[elgrandeperro]

Hmmm. That is strange.

So something with the forwarding is not working if 10.XX.XX.5 can resolve i2software.com but 127.0.0.1 can't.

The other possibility is that you need that "query-source port 53"
uncommented in named.conf if a firewall is the issue. Check who runs the firewall on that.

According to your previous output, named.conf is supposed to be in:

/etc/bind/named.conf
make sure that is either the correct file or symlinked to the correct file. It seems to reference localhost.rev which doesn't exist (which should be what I called 127.rev).

Once named sees "directory", all those files are relative
to that path.

I have a feeling you are running a cache server, but the forwarding isn't working.

eugene

 

[zinja]

Well, it works great. Thanks so much for all the help - I learned alot and have a good solution for handling ISP failures. The one thing that was causing the failure of private name lookups (like ac19.i2software.com) was that the forwarders line in /etc/bind/named.conf was commented out. Once I got that right, it worked great. The named.conf file in /etc had the forwarders in there, but named wasn't looking at that file.

In any event, it works great!

Thanks again,


LJ Wilson

My personal saying - Just remember, it can always get worse, and usually will.