TOPICS
Tutorials

Setup a Local Caching Nameserver (bind9)

In this tutorial, we'll set up a local caching nameserver. This can be used instead of the DNS nameservers that Luna Node virtual machines are assigned via DHCP by default (Google's public DNS at 8.8.8.8/8.8.4.4). Most domain names will take longer to resolve: public DNS providers have lots of users and so caching provides a greater benefit; however, there are still several advantages to resolving domain names locally:

  • Privacy: your DNS queries won't be visible to a central authority
  • Spam RBLs: most real-time blacklists (like SpamHaus, SpamCop, etc.) rate-limit queries, and so will stop responding to public DNS nameservers; they won't be effective without local name resolution
  • Reliability: if the public DNS server goes down, or the route from your machine to the public DNS server becomes congested, then DNS queries will fail; local resolution avoids this problem

Installation

The first step is, of course, to install the nameserver software. On Debian/Ubuntu:

apt-get install bind9

On CentOS:

yum install bind
service named start

By default the packages are already set up for a caching nameserver configuration, so no further bind9 configuration is needed. You can test the nameserver with dig (on CentOS, you'll need to install bind-utils package to use dig):

dig @localhost lunanode.com

You should see the IP address of lunanode.com in the answer section of the output.

Configuring your system to use the local caching nameserver

Some network configuration updates are needed to tell the operating system to use the local caching nameserver for DNS queries.

On Ubuntu/Debian, we edit our DHCP client configuration (Ubuntu: /etc/dhcp/dhclient.conf; Debian: /etc/dhclient.conf). Look for a line like this:

#prepend domain-name-servers 127.0.0.1;

If it exists, then uncomment it; if not, add a line like this to the end of the file:

prepend domain-name-servers 127.0.0.1;

On CentOS, we update /etc/sysconfig/network-scripts/ifcfg-eth0 and add a static DNS parameter at the bottom; this will override the one received from the DHCP server:

DEVICE="eth0"
BOOTPROTO="dhcp"
ONBOOT="yes"
TYPE="Ethernet"
USERCTL="yes"
PEERDNS="yes"
IPV6INIT="no"
PERSISTENT_DHCLIENT="1"
DNS1=127.0.0.1

Now, you can reboot the machine to acquire the new DNS nameserver settings; alternatively, update your /etc/resolv.conf so that it just has a single nameserver line:

nameserver 127.0.0.1

(To verify that it's working after a reboot, you can check the /etc/resolv.conf file for the line above.)