• DNS

DNS

There are two DNS servers set up in the department

• Vayu (10.101.1.1)
• Shakti (10.101.1.2)

DNS server is configured using DJBDNS. There are two types of servers configured for DNS.

• Tinydns is the primary dns server which maintains the database for iitb.ac.in zone

• Dnscache is the caching dns server which resolves internal (within IIT) and external names.

Vayu and Shakti run both DNS servers (tinydns and dnscache). DNS servers are run at the boot time using daemontools. These tools are installed under /command. The service scanner svscanboot is started from /etc/inittab; it keeps scanning services configured under /service. Any service found in /service is automatically started.

To manage the services started from /service, use svc command.

• $ svc d /service/dnscache (to stop dnscache service)

• $ svc t /service/dnscache (to terminate / restart dnscache service)

Tinydns

The configuration of tinydns is stored in /home/dns/tinydns.

Primary DNS server for iitb.ac.in zone is idns.iitb.ac.in (10.200.12.151).

$ dig iitb.ac.in ns

To be able to run primary DNS server for iitb.ac.in zone on vayu or shakti, a dummy interface with IP address 10.200.12.151 is created. This dummy interface is configured as virtual loopback interface (lo:0).

# ifconfig lo:0

This is to ensure that in case the server idns.iitb.ac.in is down or unreachable due to network problem, all iitb.ac.in names can be resolved locally on vayu or shakti.

The master database for iitb.ac.in zone is copied using rsync every hour from lists.iitb.ac.in via cron.

# crontab -l

Configuration Files (/usr/local/tinydns)

• env/IP - IP address on which to run tinydns service (10.200.12.151)

• env/ROOT - Configuration directory for tinydns (/home/dns/tinydns/root)

• root/data - Master database for iitb.ac.in zone

Dnscache

The configuration of dnscache is stored in /home/dns/dnscache.

Dnscache DNS server resolves all hostnames. For iitb.ac.in names, it forwards the request to tinydns server running on the same machine (as mentioned on top). For other names, it send the request to dnscache.iitb.ac.in (10.200.1.11). In this setup, dnscache only forwards the requests to other dns servers.

Configuration Files (/usr/local/dnscache)

• env/IP - IP address on which to run dnscache service (10.101.1.1 or 10.101.1.2)

• env/ROOT - Configuration directory for dnscache (/home/dns/dnscache/root)

• env/FORWARDONLY - Configure dnscache as the forward only DNS server (1)

• root/ip/ - This directory holds the IP addresses which are allowed to access this DNS server. File 10 will allow access to IP address 10.xx.yy.zz.

• root/servers/ - This directory holds the primary DNS servers for specific domains. File cse.iitb.ac.in contains the IP address of the primary DNS server for cse.iitb.ac.in zone (10.105.1.200). File @ contains the IP address of the DNS server to which all requests are forwarded to.

  • root/servers/@

  • root/servers/105.10.in-addr.arpa

  • root/servers/10.in-addr.arpa

  • root/servers/cse.iitb.ac.in

  • root/servers/iitb.ac.in