Differences between revisions 3 and 4
| Deletions are marked like this. | Additions are marked like this. |
| Line 10: | Line 10: |
| DNS server is configured using [http://cr.yp.to/djbdns.html DJBDNS]. There are two types of servers configured for DNS. | DNS server is configured using [[http://cr.yp.to/djbdns.html|DJBDNS]]. There are two types of servers configured for DNS. |
| Line 14: | Line 14: |
| Vayu and Shakti run both DNS servers (tinydns and dnscache). DNS servers are run at the boot time using [http://cr.yp.to/daemontools.html daemontools]. These tools are installed under `/command`. | Vayu and Shakti run both DNS servers (tinydns and dnscache). DNS servers are run at the boot time using [[http://cr.yp.to/daemontools.html|daemontools]]. These tools are installed under `/command`. |
DNS
There are two DNS servers set up in the department
- Vayu (10.101.1.1)
- Shakti (10.101.1.2)
DNS server is configured using DJBDNS. There are two types of servers configured for DNS.
Tinydns is the primary dns server which maintains the database for iitb.ac.in zone
Dnscache is the caching dns server which resolves internal (within IIT) and external names.
Vayu and Shakti run both DNS servers (tinydns and dnscache). DNS servers are run at the boot time using daemontools. These tools are installed under /command. The service scanner svscanboot is started from /etc/inittab; it keeps scanning services configured under /service. Any service found in /service is automatically started.
To manage the services started from /service, use svc command.
$ svc d /service/dnscache (to stop dnscache service)
$ svc t /service/dnscache (to terminate / restart dnscache service)
Tinydns
The configuration of tinydns is stored in /home/dns/tinydns.
Primary DNS server for iitb.ac.in zone is idns.iitb.ac.in (10.200.12.151).
$ dig iitb.ac.in ns
To be able to run primary DNS server for iitb.ac.in zone on vayu or shakti, a dummy interface with IP address 10.200.12.151 is created. This dummy interface is configured as virtual loopback interface (lo:0).
# ifconfig lo:0
This is to ensure that in case the server idns.iitb.ac.in is down or unreachable due to network problem, all iitb.ac.in names can be resolved locally on vayu or shakti.
The master database for iitb.ac.in zone is copied using rsync every hour from lists.iitb.ac.in via cron.
# crontab -l
Configuration Files (/usr/local/tinydns)
env/IP - IP address on which to run tinydns service (10.200.12.151)
env/ROOT - Configuration directory for tinydns (/home/dns/tinydns/root)
root/data - Master database for iitb.ac.in zone
Dnscache
The configuration of dnscache is stored in /home/dns/dnscache.
Dnscache DNS server resolves all hostnames. For iitb.ac.in names, it forwards the request to tinydns server running on the same machine (as mentioned on top). For other names, it send the request to dnscache.iitb.ac.in (10.200.1.11). In this setup, dnscache only forwards the requests to other dns servers.
Configuration Files (/usr/local/dnscache)
env/IP - IP address on which to run dnscache service (10.101.1.1 or 10.101.1.2)
env/ROOT - Configuration directory for dnscache (/home/dns/dnscache/root)
env/FORWARDONLY - Configure dnscache as the forward only DNS server (1)
root/ip/ - This directory holds the IP addresses which are allowed to access this DNS server. File 10 will allow access to IP address 10.xx.yy.zz.
root/servers/ - This directory holds the primary DNS servers for specific domains. File cse.iitb.ac.in contains the IP address of the primary DNS server for cse.iitb.ac.in zone (10.105.1.200). File @ contains the IP address of the DNS server to which all requests are forwarded to.
root/servers/@
root/servers/105.10.in-addr.arpa
root/servers/10.in-addr.arpa
root/servers/cse.iitb.ac.in
root/servers/iitb.ac.in