Installing the Wyse 2: dnrd

The new Wyse machine should serve as a caching DNS for the internal network. This will enable us to resolve host names on the internet (e.g. www.google.com) and local hostnames (e.g. localhostname.earth). My old router used dnrd to accomplish this, so I will use dnrd again. You could use a full blown DNS server, such as bind but bind has always suffered some security issues and is harder to configure (but not impossible).
So, first we need to download and extract dnrd:

# wget http://downloads.sourceforge.net/dnrd/dnrd-2.20.3.tar.gz
# tar xvfz dnrd-2.20.3.tar.gz

Next, install a compiler:

# apt-get install gcc
# apt-get install g++
# apt-get install make

Next, configure the package:

# ./configure

Compile and install the package:

# make
# make install

Create a startup script (/etc/init.d/dnrd)
#! /bin/sh
set -e

PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DESC="Domain Name Relay Daemon"
NAME=dnrd
DAEMON=/usr/local/sbin/$NAME
PIDFILE=/var/run/$NAME.pid

OPTIONS="-s 195.130.131.10 -s 195.130.130.5 -a 192.168.1.254"

# Gracefully exit if the package has been removed.
test -x $DAEMON || exit 0

#
# Function that starts the daemon/service.
#
d_start() {
 start-stop-daemon --start --quiet --pidfile $PIDFILE \
  --exec $DAEMON -- $OPTIONS
}

#
# Function that stops the daemon/service.
#
d_stop() {
 start-stop-daemon --stop --quiet --pidfile $PIDFILE \
  --name $NAME
}

#
# Function that sends a SIGHUP to the daemon/service.
#
d_reload() {
 start-stop-daemon --stop --quiet --pidfile $PIDFILE \
  --name $NAME --signal 1
}

case "$1" in
  start)
 echo -n "Starting $DESC: $NAME"
 d_start
 echo "."
 ;;
  stop)
 echo -n "Stopping $DESC: $NAME"
 d_stop
 echo "."
 ;;
  restart|force-reload)
 echo -n "Restarting $DESC: $NAME"
 d_stop
 sleep 1
 d_start
 echo "."
 ;;
  *)
 # echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2
 echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2
 exit 1
 ;;
esac

exit 0

Add a user for dnrd

# adduser --system dnrd

Configure dnrd; create and edit /usr/local/etc/dnrd/master

domain earth
192.168.1.1 localhostname
192.168.1.254 firewyse

Start dnrd using the script we created earlier:

/etc/init.d/dnrd

Test your nameserver:

# nslookup firewyse

Server:         192.168.1.254
Address:        192.168.1.254#53

Non-authoritative answer:
Name:   firewyse.earth
Address: 192.168.1.254

As you can see, dnrd is able to resolve the earth domain. Adding additional hosts from your local network is accomplished by adding additional entries in the /usr/local/etc/dnrd/master file. All you need to do is maintain one single configuration file. Configuring bind to do this, requires a lot more additional steps and configuration files.
Finally, we need to make sure dnrd starts when the system is booted:

# update-rc.d dnrd defaults
 Adding system startup for /etc/init.d/dnrd ...
   /etc/rc0.d/K20dnrd -> ../init.d/dnrd
   /etc/rc1.d/K20dnrd -> ../init.d/dnrd
   /etc/rc6.d/K20dnrd -> ../init.d/dnrd
   /etc/rc2.d/S20dnrd -> ../init.d/dnrd
   /etc/rc3.d/S20dnrd -> ../init.d/dnrd
   /etc/rc4.d/S20dnrd -> ../init.d/dnrd
   /etc/rc5.d/S20dnrd -> ../init.d/dnrd

Comments

Post a Comment

Popular posts from this blog

Remove copy protection from PDF documents

This is probably illegal, so use it at your own risk. Some PDFs on the internet have a copy protection to make sure you cannot copy-paste any content from the PDF into a document you're writing. To circumvent this protection there are several tools available on the internet. I haven't tried any of them, because they're not free ;) There is however a procedure that will enable you to circumvent the copy protection using free tools. The trick is to convert the PDF to a PS (PostScript) document first and then convert it back into a PDF. So, download Ghostview en Ghostscript from: http://www.cs.wisc.edu/~ghost/ . Next, open your PDF in Ghostview. Next, from the "File" menu, select "Convert" (a dialog will pop up) Press "Ok" Fill in the name of the "converted" file. Press "Save" Tada, you can now copy content from your newly created PDF ;)
Read more

The story of the Cobalt Qube

Image
The other week, a friendly colleague of mine brought me a small present. He gave me one of his Cobalt Qube s (for free!) which was collecting dust at his home. He was certain that I could give it a better use. I think I can still remember the days these things hit the market (somewhere in the late 90's). This was a home / office server appliance way before the people of Microsoft thought up their Windows Home Server . It was running some modified version of Linux RedHat, featuring a web interface for all administrative tasks. It also had 2 network cards, so you could easily turn it into a gateway / firewall. The RedHat version running on the Qube was known to be notoriously insecure. It was also running an older 2.0.x kernel which was outdated, even at that time. The Qube 2700 and Qube 2 were both equipped with a MIPS processor. Later models had an i386 architecture. Mine was a Qube 2. Getting the serial connection to work The Qube does not have any VGA adapter, so if you want to s...
Read more

The end of vinyl records

Vinyl records have been there for ages. My dad still has a couple of old records but he has no turntable anymore to play them. This is because _I_ claimed his turntable a long time ago, which he thought had become old fashioned. I started buying vinyl records about 12 years ago. I remember saving all my pocket money and buying the latest records with it, instead of visiting pubs with friends. I remember everyone thinking vinyl records belonged to the past and MP3's and CD's were taking over. In fact, this was not true. DJ's playing at parties and clubs never stopped buying records and from my experience, about 80% of their music came from plain old vinyl and a tiny 20% from other media like CD's or MP3's. The reasoning behind this is simple, if you wanted something new, something not popular (yet), you bought it on vinyl. If it became popular, some record company would probably be so kind to put it on some CD and sell it. But then again, ages, if not decades ( :) ) ...
Read more