The DNSCache package is not a straightforward all-in-one nameserver package. Each function of the name server is its own process, and lives in its own directory with its own configuration; there is a separate program for zone transfers (axfrdns), caching servers (dnscache), and a name server (tinydns). Some othr tools included with the DNSCache package are dnswall (handy when you run split dns. This supplies generic hostnames for reverse/in-addr.arpa queries), pickdns (a load balancing dns server), and rbldns.
The DNSCache program relies on two other packages; daemontools which is a collection of tools for managing processes, ucspi-tcp which are command line tools (tcpserver/tcpclient) used to build TCP client-server apps If you are going to use DNSCache, I suggest you also look at (not necessary but useful) cdb Dan's fast platform independent database format which many of his tools use for storing data.
For my scenario, I wanted to publish a set of zones, provide zone transfers for my secondary name servers, and act as a caching server for my local network. Howerver, I wanted to do this all on one box, like I could with BIND. This is definitely possible, however, the design of DNSCache does not allow for all of this to happen on the same IP address. For example; dnscache (the caching server) allows both tcp and udp lookups, thus it listens to both tcp:53 and udp:53 ports. Thus you cannot run both dnscache and either axfrdns (the zone transfer process) or tinydns (the name server) on the same IP address. In order to do this, I had to set up an aliased IP address on my ethernet interface. Once I had all the software ready to be configured, I took the following steps to get DNSCache working on my machine:
make ; make setup check
tinydns, dnscache, axfrdns,and
dnslogusers and groups.
tinydns-conf tinydns dnslog /var/dnscache/tinydns x.x.x.x axfrdns-conf axfrdns dnslog /var/dnscache/axfrdns /var/dnscache/tinydns x.x.x.x dnscache-conf dnscache dnslog /var/dnscache/dnscache x.x.x.yNote: x.x.x.x is the ip address you would normally register with the domain registrar, and its the same address you supply to your secondary DNS servers. x.x.x.y is the ip address of your caching server, and all your clients will point to this server (x.x.x.y). The clients should not be configured to resolve from x.x.x.x (the tinydns server IP address) since tinydns is not a caching server, and will only resolve records configured in its database.
/var/dnscache/tinydns/rootand modify the data file. Make sure you add PTR (reverse) record entries for x.x.x.x and x.x.x.y, as well as any zones or A (forward) record entries. When done modifying, run
/var/dnscache/dnscache/root/serversand create a file for each domain your tinydns server is responsible for (having one file and using symlinks to that file works as well). This is also necessary if your organization uses a private internal domain structure not registered with a domain registrar or not registered with your internal root servers (such as if you use split dns).
You'll also want to change to
touch the ip address of the clients you wish to grant access to name
resolution. If you want to open dnscache to the world, just touch the numbers
1 through 255.
/var/dnscache/axfrdnsand modify the
tcpfile, then run make. This file contains a list of servers you will allow as well as what domains you will allow the servers to transfer. For example:
z.z.z.z:allow,AXFR="domain1/domain2/reverse.in-addr.arpa"will let server z.z.z.z transfer the specified zones.
mkdir /service ln -s /var/dnscache/tinydns /service ln -s /var/dnscache/dnscache /service ln -s /var/dnscache/axfrdns /service cd /service csh -cf "svscan /service &"
You'll most likely want to add that last command to your system startup sequence.
dig @x.x.x.y yahoo.com soa dig @x.x.x.x mydomain soa *dig @x.x.x.x mydomain axfr*Note: you'll need to add 127.0.0.1 to your tcp file in axfrdns' configuration for this to work.
Now your DNS servers should be fully operational. Thanks to the following people for advice, support, and in some cases, a great deal of patience.