Installing the Wyse 2: dnrd

The new Wyse machine should serve as a caching DNS for the internal network. This will enable us to resolve host names on the internet (e.g. www.google.com) and local hostnames (e.g. localhostname.earth). My old router used dnrd to accomplish this, so I will use dnrd again. You could use a full blown DNS server, such as bind but bind has always suffered some security issues and is harder to configure (but not impossible).
So, first we need to download and extract dnrd:

# wget http://downloads.sourceforge.net/dnrd/dnrd-2.20.3.tar.gz
# tar xvfz dnrd-2.20.3.tar.gz

Next, install a compiler:

# apt-get install gcc
# apt-get install g++
# apt-get install make

Next, configure the package:

# ./configure

Compile and install the package:

# make
# make install

Create a startup script (/etc/init.d/dnrd)
#! /bin/sh
set -e

PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DESC="Domain Name Relay Daemon"
NAME=dnrd
DAEMON=/usr/local/sbin/$NAME
PIDFILE=/var/run/$NAME.pid

OPTIONS="-s 195.130.131.10 -s 195.130.130.5 -a 192.168.1.254"

# Gracefully exit if the package has been removed.
test -x $DAEMON || exit 0

#
# Function that starts the daemon/service.
#
d_start() {
 start-stop-daemon --start --quiet --pidfile $PIDFILE \
  --exec $DAEMON -- $OPTIONS
}

#
# Function that stops the daemon/service.
#
d_stop() {
 start-stop-daemon --stop --quiet --pidfile $PIDFILE \
  --name $NAME
}

#
# Function that sends a SIGHUP to the daemon/service.
#
d_reload() {
 start-stop-daemon --stop --quiet --pidfile $PIDFILE \
  --name $NAME --signal 1
}

case "$1" in
  start)
 echo -n "Starting $DESC: $NAME"
 d_start
 echo "."
 ;;
  stop)
 echo -n "Stopping $DESC: $NAME"
 d_stop
 echo "."
 ;;
  restart|force-reload)
 echo -n "Restarting $DESC: $NAME"
 d_stop
 sleep 1
 d_start
 echo "."
 ;;
  *)
 # echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2
 echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2
 exit 1
 ;;
esac

exit 0

Add a user for dnrd

# adduser --system dnrd

Configure dnrd; create and edit /usr/local/etc/dnrd/master

domain earth
192.168.1.1 localhostname
192.168.1.254 firewyse

Start dnrd using the script we created earlier:

/etc/init.d/dnrd

Test your nameserver:

# nslookup firewyse

Server:         192.168.1.254
Address:        192.168.1.254#53

Non-authoritative answer:
Name:   firewyse.earth
Address: 192.168.1.254

As you can see, dnrd is able to resolve the earth domain. Adding additional hosts from your local network is accomplished by adding additional entries in the /usr/local/etc/dnrd/master file. All you need to do is maintain one single configuration file. Configuring bind to do this, requires a lot more additional steps and configuration files.
Finally, we need to make sure dnrd starts when the system is booted:

# update-rc.d dnrd defaults
 Adding system startup for /etc/init.d/dnrd ...
   /etc/rc0.d/K20dnrd -> ../init.d/dnrd
   /etc/rc1.d/K20dnrd -> ../init.d/dnrd
   /etc/rc6.d/K20dnrd -> ../init.d/dnrd
   /etc/rc2.d/S20dnrd -> ../init.d/dnrd
   /etc/rc3.d/S20dnrd -> ../init.d/dnrd
   /etc/rc4.d/S20dnrd -> ../init.d/dnrd
   /etc/rc5.d/S20dnrd -> ../init.d/dnrd

Comments

Post a Comment

Popular posts from this blog

Remove copy protection from PDF documents

This is probably illegal, so use it at your own risk. Some PDFs on the internet have a copy protection to make sure you cannot copy-paste any content from the PDF into a document you're writing. To circumvent this protection there are several tools available on the internet. I haven't tried any of them, because they're not free ;) There is however a procedure that will enable you to circumvent the copy protection using free tools. The trick is to convert the PDF to a PS (PostScript) document first and then convert it back into a PDF. So, download Ghostview en Ghostscript from: http://www.cs.wisc.edu/~ghost/ . Next, open your PDF in Ghostview. Next, from the "File" menu, select "Convert" (a dialog will pop up) Press "Ok" Fill in the name of the "converted" file. Press "Save" Tada, you can now copy content from your newly created PDF ;)
Read more

The story of the Cobalt Qube

Image
The other week, a friendly colleague of mine brought me a small present. He gave me one of his Cobalt Qube s (for free!) which was collecting dust at his home. He was certain that I could give it a better use. I think I can still remember the days these things hit the market (somewhere in the late 90's). This was a home / office server appliance way before the people of Microsoft thought up their Windows Home Server . It was running some modified version of Linux RedHat, featuring a web interface for all administrative tasks. It also had 2 network cards, so you could easily turn it into a gateway / firewall. The RedHat version running on the Qube was known to be notoriously insecure. It was also running an older 2.0.x kernel which was outdated, even at that time. The Qube 2700 and Qube 2 were both equipped with a MIPS processor. Later models had an i386 architecture. Mine was a Qube 2. Getting the serial connection to work The Qube does not have any VGA adapter, so if you want to s
Read more

Jori Hulkkonen feat. Jerry Valuri - Lo-Fiction

If someone would ask me to compile a list of 10 personal favorites, Lo-Fiction would definitely be ranked very high. I don't think anyone would disagree with this statement. P.S. If someone is able to find the lyrics for this song, please be so kind to post a link. Even though it's English I don't always understand what he's singing about :(
Read more