Lighten Your DNS Load with TinyDNS

The Answer is 42

Now that you’re raring to go, all you need are some answers to the queries that your name server will receive. In TinyDNS terms, that means constructing a data.cdb file. In reality, that simply means typing some config information (or creating it using scripts such as add-mx ), saving it in the /etc/tinydns/root/data file, and then running make to transform it into data.cdb . If your system doesn’t respond well to make from inside the aforementioned directory, just try apt-get install make .

As you can imagine, you have a magnitude of options and types of queries to consider, but I’ll just look at constructing a few basics so you can serve some email and a website from your shiny new name server with, in this case, mydomainname.com as an example.

Start Of Authority (SOA)

Your SOA should pass DNS testing tools (such as IntoDNS) if its syntax resembles this:

mydomainname.com:postmaster.mydomainname.com.:2012111503:1228731457:1800:604800:3600

SOA entries are important, so have a read about them if in doubt.

Create Your NS Entries

Say you have three name servers for mydomainname.com called ns1 , ns2 , and ns3 . For the example domain name, create them like this:

.mydomainname.com:1.1.1.1:ns1.mydomainname.com:900
.mydomainname.com:2.2.2.2:ns2.mydomainname.com:900
.mydomainname.com:3.3.3.3:ns3.mydomainname.com:900

Another Domain

Now that you’ve told TinyDNS which IP addresses you want your name servers to work on (1.1.1.1, 2.2.2.2, and 3.3.3.3, as above), if you add another domain name, you can just create the config like this

.myotherdomainname.com::ns1.mydomainname.com:3600
.myotherdomainname.com::ns2.mydomainname.com:3600
.myotherdomainname.com::ns3.mydomainname.com:3600

to create your NS records. Note the two colons where your IP addresses previously were (showing an empty config parameter of sorts).

Moving Forward

A forward DNS entry looks like this, with a simple plus sign at the front:

+www.mydomainname.com:5.5.5.5:1200

Moving Backward

A reverse DNS entry (where you pass the name server an IP address and ask for a DNS name, as opposed to asking which IP address a domain name refers to) is a little trickier at first and looks like this with backward IP address notation:

^78.56.34.12.in-addr.arpa:chris.mydomainname.com:3600

Note the IP address answered when queried is 12.34.56.78 in this example.

Email Records

The following lines configure three mail servers for the MX records discussed at the top of this article:

+mx.mydomainname.com:7.7.7.7:300
@mydomainname.com::mail.mydomainname.com:10:300
+mx2.mydomainname.com:8.8.8.8:300
@mydomainname.com::mydomainname.com:20:300
+mx3.mydomainname.com:9.9.9.9:300
@mydomainname.com::mx3.mydomainname.com:30:300

Although you have other ways to configure IP addresses, this way should illustrate how it works, in the same way as the NS records above, in a less confusing way. Essentially you announce your A record with an IP address first (the first line where mx.mydomainname.com   points to IP address 7.7.7.7 with a prefixed plus sign). The actual MX record entries are those with different priorities – each line starting with an @ sign. You can shorten this configuration in other ways, but this is the clearest way to explain the methodology.

CNAMEs

The last basic, but sometimes hugely useful, type of query is the CNAME, which looks like this using TinyDNS’s syntax:

Cblog.mydomainname.com:www.mydomainname.com:1800

Starting Services

Now that you have the basics under your belt, you can try it out. Different versions of Ubuntu, and indeed Debian, have various ways to start and stop services, but on Lucid Lynx, you use:

initctl start svscan

swapping stop in place of start if needed.

Come in Tokyo

To list open ports, you use lsof -i ; to see if your name server is listening, you can check its logging (with the use of less here):

less /etc/tinydns/log/main/current

At first glance, the logging that TinyDNS produces isn’t for the faint of heart, as you can see in Figure 2.

Figure 2: TinyDNS log shows some bizarre time and date entries.

All you need to do to read the logfile content is pipe it through a filtering program called tai64nlocal (Figure 3), then you need to convert the TAI64N timestamps into a human-readable format.

Figure 3: Logging that actually makes sense.

In addition to checking the logging, you can try querying your name server remotely with the host command:

host yourdomain.com <your IP>

While you’re at it, try tailing the logfile like this

tail -f /etc/tinydns/log/main/current | tai64nlocal

to see logging updates in real time.

The End

Relative to BIND, your new friend, TinyDNS, is superfast, minuscule, and (arguably) significantly more secure. Having stumbled past the new type of config file formatting that challenges new users, die-hard BIND fans might even be persuaded to give it a try.

Related content

comments powered by Disqus