Name resolution

From freebsd.xn--wesstrm-f1a.se

Jump to: navigation, search

Contents

Overview

A DNS server (or Domain Name Server) is responsible for translating domain names into IP addresses. Although you probably don't have any domain of your own that you need name resolution for, you can still benefit in several ways from having a name server activated on your router:

  • You don't have to keep track of your ISP's name servers but can always refer to the IP address of your router's internal interface.
  • The name server will cache requests making name resolution slightly faster for your internal computers as well as reducing DNS traffic on the Internet.
  • This name server will bypass your ISP's name servers all together and query the root servers directly. If your ISP is one of many who are using name resolution to censor certain web sites, this will effectively circumvent that censorship.

Instructions

Bind

The name server application is called Bind and is by far the most common name server in use. Its configuration file is /etc/namedb/named.conf but this is for technical reasons a symlink to /var/named/etc/namedb/named.conf and since they are the same physical file, you can load any of them into the editor.

# ee /etc/namedb/named.conf

Find this row:

        listen-on       { 127.0.0.1; };

Change it to:

        listen-on       { 127.0.0.1; 192.168.69.1; };

This will make the name server respond to name queries from your internal LAN and you do of course adjust that IP address to match your own. When done, exit the editor and save the file. To make Bind start automatically at boot you add it to /etc/rc.conf:

# echo 'named_enable="YES"' >> /etc/rc.conf

Start Bind manually for now and make sure there are no errors reported.

# /etc/rc.d/named start
wrote key file "/var/named/etc/namedb/rndc.key"
Starting named.

dhclient.conf

You probably want the router itself to also use the Bind-server you've just configured. The router will use the name-servers listed in /etc/resolv.conf but you can't edit this file because it's being constantly overwritten by the DHCP client every time it renews the IP address on the router's external interface from your ISP. You need to intervene slightly in that process and the right file to edit is /etc/dhclient.conf so load it in the editor.

# ee /etc/dhclient.conf

Add the following row:

prepend domain-name-servers 127.0.0.1;

This will insert 127.0.0.1 (the router's loopback address) first in the list of name servers to query. It will keep the name servers provided by your ISP as a backup. Exit the editor and save the file.

hosts

Before you reboot the router to check that the name resolution is working correctly you should edit one more file. Before querying any name server the router will always look in /etc/hosts first. This is the place you put any names belonging to computers on your internal LAN, including the router itself, since they can't be resolved easily through DNS. You should at least put an entry for the router in this file. Load it in the editor:

# ee /etc/hosts

Find the following lines:

::1                     localhost localhost.my.domain
127.0.0.1               localhost localhost.my.domain

Change them to:

::1                     localhost localhost.pp.dyndns.biz
127.0.0.1               localhost localhost.pp.dyndns.biz

Add the following line:

192.168.69.1		gatekeeper gatekeeper.pp.dyndns.biz

As always you replace the IP address and domain name with your own and in this case you also need the name you gave your router. Exit the editor and save the file. Now you can reboot.

# shutdown -r now

Testing the name resolution

When the router comes back online you should check a few things.

# cat /etc/resolv.conf
search your.isp's.domain
nameserver 127.0.0.1
nameserver 195.54.122.199
nameserver 81.26.227.3
nameserver 195.54.122.204
nameserver 81.26.228.3

/etc/resolv.conf should now contain 127.0.0.1 on the second row. The rest of the rows are occupied by the IP addresses of your ISP's name servers.

# ping -c 1 gatekeeper
PING gatekeeper (192.168.69.1): 56 data bytes
64 bytes from 192.168.69.1: icmp_seq=0 ttl=64 time=0.059 ms

Pinging the hostname of your router should return an answer from the IP address of the internal interface.

# ping -c 1 www.freebsd.org
PING www.freebsd.org (69.147.83.33): 56 data bytes
64 bytes from 69.147.83.33: icmp_seq=0 ttl=46 time=193.040 ms

Pinging an external host should of course also return an answer.

Summary

  • /etc/namedb/named.conf is the configuration file for Bind and it's symlinked to /var/named/etc/namedb/named.conf.
  • /etc/rc.d/named is the start/stop script for Bind.
  • Adding named_enable=YES" to /etc/rc.conf will launch Bind automatically at boot time.
  • /etc/dhclient.conf is the configuration file for the DHCP client.
  • /etc/resolv.conf contains the list of name servers the router should query.
  • /etc/hosts is a plain text file with a list of known hosts on the network. It's queried before any DNS by default (this behaviour is controlled by /etc/nsswitch.conf.

Unresolved issues

  • The search directive in /etc/resolv.conf is highly irritating. I want it removed without hacking dhclient-script!

References


Next guide: Providing IP addresses on your LAN
Personal tools