[11.1]Caching-only DNS

How to properly set-up caching-only DNS in 11.1?

I’m getting confused by different policies - currently I have eth0 interface for external access with dhcp running on it (ifup).
I would like to cache dns requests, as I understood I have to enter dns servers under forwarders (yast → DNS server).

What policy should I use under network settings and DNS server?

atomixkriko wrote:
> How to properly set-up caching-only DNS in 11.1?
>
> I’m getting confused by different policies - currently I have eth0
> interface for external access with dhcp running on it (ifup).
> I would like to cache dns requests, as I understood I have to enter dns
> servers under forwarders (yast → DNS server).
>
> What policy should I use under network settings and DNS server?

I can only help you with the config file settings I have.
First /etc/named.conf
This file already exists when you install BIND.


options {
directory "/var/lib/named";
dump-file "/var/log/named_dump.db";
statistics-file "/var/log/named.stats";
forwarders { aa.bb.cc.dd; aa.bb.cc.ee; }; # put your ISP's nameserver addresses here.
forward first;
listen-on port 53 { 127.0.0.1; ww.xx.yy.00/24; }; # put you local LAN network here.
allow-query { 127.0.0.1; ww.xx.yy.0/24; }; # put you local LAN network here.
notify no;
};
logging {
channel syslog_errors {
syslog user;
severity error;
};
category default { syslog_errors;  };
category lame-servers { null; };
};
zone "." in {
type hint;
file "root.hint";
};

zone "localhost" in {
type master;
file "localhost.zone";
};

zone "0.0.127.in-addr.arpa" in {
type master;
file "127.0.0.zone";
};

Then /etc/resolv.conf


search domain.tld
# the domain you like to be tried first. So if you put e.g. 'example.com' here, and you type
# 'server' in your browser, the browser will try 'server.example.com' first.
nameserver localhost
# All queries go through localhost

The files /var/lib/named/localhost.zone and /var/lib/named/127.0.0.zone are also installed with
BIND, but you probably need to update the root.hint file.

I’ve written a small script that tries to do that once a week.


#!/bin/bash
RootHint="/var/lib/named/root.hint"

ModTime () {
stat $1 |grep Modify|cut -f2-3 -d' '; }

/usr/bin/ncftpget  -p '' ftp://ftp.internic.net/domain/named.root

if  "$(ModTime named.root)" != "$(ModTime $RootHint)" ]; then
cp named.root $RootHint;
echo -e "root.hint file has been updated
"
cat $RootHint
fi

Try it out with


host -t a www.google.com localhost
Using domain server:
Name: localhost
Address: localhost#53
Aliases:

www.google.com is an alias for www.l.google.com.
www.l.google.com has address 64.233.183.147
www.l.google.com has address 64.233.183.99
www.l.google.com has address 64.233.183.103
www.l.google.com has address 64.233.183.104

Thanks, I’ve setup my bind server correctly - nslookup works via localhost.
When I get home, will try to do the next step - modify nameserver to localhost.
This is where I mostly break my connection, probably because the new introduced policies.

Update: setting DNS policy to STATIC and now it seems to work properly.