RHEL6 – How to Setup a Caching-Only DNS Server


26868_1First off lets get this straight, all DNS Servers cache. However, some DNS Servers intended to only provide the caching function. Which is what we are going to configure today.

A Caching-only DNS server does not contain zone information or a zone database. Its cache only contains information based on the results of queries that it has already performed. In this case, the cache takes the place of the zone database file for the lookups that you are already doing.

Here’s how its done

First step you need to install bind via yum.

# yum install bind && chkconfig bind

Now configure named to start at boot and start it up

# chkconfig named on && service named start

Then modify /etc/named.conf and change these two lines

listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };

to this

listen-on port 53 { any; };
listen-on-v6 port 53 { any; };

then change this the dnssec-validation line to no as seen below.

dnssec-validation no;

Then configure named to accept lookups from its local network by changing the line below

allow-query     { localhost; };

To what you see below, note that 10.1.224.0 is my local network

allow-query     { localhost; 10.1.224.0/24; };

Now don’t forget to insert a forwarders entry to forward requests to your local dns server. Look in your resolv.conf for this info.

forwarders { 10.100.4.16; };

Then modify your /etc/resolv.conf so that your machine uses itself for name lookups, you do this by adding the line below as the first nameserver.

nameserver localhost

Now start named and do an nslookup, the server and address should point back to local host.

# nslookup fatmin.com
Server:         127.0.0.1
Address:        127.0.0.1#53

Non-authoritative answer:
Name:   fatmin.com
Address: 64.202.189.170

5 thoughts on “RHEL6 – How to Setup a Caching-Only DNS Server

  1. Thank you for this easy to understand tutorial!
    One remark: On my RHEL6.1, I had to add “nameserver 127.0.0.1” instead of “nameserver localhost” to my “/etc/resolv.conf” file.
    Otherwise a “ssh user@” would return an error, whereas a simple “dig @localhost ” or “host ” both are working.

    Like

  2. Thank you, I like this solution. On a test bed this seems to work just fine and I intend using it on a minor commercial install that the company I work for has won.
    Trouble is, my company has more project managers than techies, and we all know PM’s read the book yet understand nothing. I personally have limited DNS experience. However I am being asked the questions.
    1) Where is the cache located (assuming there is a file system for the data)
    2) what is the persistence of that cache
    3) How or can the cache be manually cleared.
    I would appreciate your insight.

    Like

  3. thank you very much sir your post is awesome and solve my issue you r great.
    sir i have a question i just installed squid server and the problem is when i check the logs then i got TCP_MISS 200 i don’t know why there is no any MEM_HIT and ssl is also ignored by squid so what is the issue kindly help me i’ll be highly thankful to you

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s