Results 1 to 29 of 29
  1. #1

    djbdns : tinydns

    hi,

    i need help here.i just installed djbdns, cnfigure dnscache its works.

    after that i configure tinydns which is not works after i check using nslookup.

    it said:

    ;; connection timed out; no servers could be reached


    any idea how make the tinydns work?

    im on freebsd.i got 2 different ip which is the main ip 207.56.170.23 and second ip which is ive 100+ ips 208.56.174.130 - 207.56.174.255

    how to solve this to make all dns work.i already read up djbdns but still not work.

    thankz

  2. #2
    Join Date
    Dec 2004
    Location
    Canada
    Posts
    1,082

  3. #3
    Join Date
    Mar 2003
    Location
    Sacramento, CA
    Posts
    70
    kandai I'm including my own how-to for FreeBSD 5.3 but the sections relevant to setting up dnscache and tinydns will help you. Just realize that the directory structure will be different. Yes I know its not the "DJB Way" but I used the ports instead of his source.

    [EDIT] Just realized you were using FreeBSD. In that case this should be a pretty easy thing to follow.

    Code:
    Installing DJBDNS on a FreeBSD 5.3 server for virtual hosting.
      - tinydns answering querries for domains we own on a public ip.
      - dnscache resolving on a public ip. this setup allows users on the
        same subnet to use it as their DNS server.
       
    Requirements:
      - Minimum 4 public IP addresses.
        * 1 for your public web/mail/ftp server for virtual hosting.
        * 1 for dnscache.
        * 2 for your own nameservers using tinydns.
      - FreeBSD 5.3 server.
      - SSH access with the ability to use the root account.
      
    IP Address Asignments:
      - X.Y.Z.NS1   - NS1 tinydns
      - X.Y.Z.NS2   - NS2 tinydns
      - X.Y.Z.DNS   - dnscache
      - X.Y.Z.PUB   - web/mail/ftp
    
    
    
    #--------------------------------------------------------------------#
    1. Install UCSPI-TCP.
    $ cd /usr/ports/sysutils/ucspi-tcp
    $ make install
    
    
    
    #--------------------------------------------------------------------#
    2. Install daemontools.
    $ cd /usr/ports/sysutils/daemontools
    $ make install
    
    3. Add the appropriate ulimit variables to an rc.conf file. You can
       review some suggested settings in the /usr/local/etc/rc.d/svscan.sh
       file.
       
    $ cp /etc/rc.conf /etc/rc.conf.`date "+%Y-%m%d"`
    $ vi /etc/rc.conf
    
      ADD:
      # Daemontools svscan variables
      MINSEGMENT=10240
      MAXSEGMENT=20480
      MAXFILESIZE=10240
      MAXFD=100
      MAXCHILD=40
      
      # ulimits
      ulimit -d ${MINSEGMENT}
      ulimit -f ${MAXFILESIZE}
      ulimit -m ${MAXSEGMENT}
      ulimit -n ${MAXFD}
      ulimit -s ${MINSEGMENT}
      ulimit -u ${MAXCHILD}
    
    4. Edit the file /usr/local/etc/rc.d/svscan.sh to enable svscan when
       we start the service.
    $ cp /usr/local/etc/rc.d/svscan.sh /usr/local/etc/rc.d/svscan.sh.`date "+%Y-%m%d"`
    $ vi /usr/local/etc/rc.d/svscan.sh
      
      CHANGE:
      svscan_enable=${svscan_enable-"NO"}
      
      TO:
      svscan_enable=${svscan_enable-"YES"}
    
    5. We can now start svscan binary to monitor our /var/service directory
       for services.
    $ /usr/local/etc/rc.d/svscan.sh start
    $ Starting svscan.
    
    
    
    #--------------------------------------------------------------------#
    6. Install djbdns.
    
    $ cd /usr/ports/dns/djbdns
    $ make install
      
    7. Next we need to add a new group and some new users before we
       continue.
    
    $ pw groupadd nofiles -g 101
    $ pw useradd dnslog   -g nofiles -u 101 -d /nonexistent -s /sbin/nologin
    $ pw useradd dnscache -g nofiles -u 102 -d /nonexistent -s /sbin/nologin
    $ pw useradd tinydns  -g nofiles -u 103 -d /nonexistent -s /sbin/nologin
    
    
    
    #--------------------------------------------------------------------#
    8. Configure dnscache to listen on a specific IP address. (Remember to
       use YOUR public IP address reserved for dnscache instead of
       X.Y.Z.DNS).
    
    $ dnscache-conf dnscache dnslog /etc/dnscache X.Y.Z.DNS
    $ touch /etc/dnscache/root/ip/X.Y.Z
    $ ln -s /etc/dnscache /var/service
    $ svc -t /var/service/dnscache
      
    9. Edit your resolv.conf file to reflect your new nameserver.
    
    # vi /etc/resolv.conf
      ADD/CHANGE:
      nameserver X.Y.Z.DNS
      
    
    
    #--------------------------------------------------------------------#
    10. Configure tinydns. This can seem very tricky. Basically because
        we are a one server virtual host set up we want to designate two
        nameservers. To acheive this we run two instances of tinydns both
        serving the same data file. (Remember to use YOUR public IP
        address reserved for NS1 and NS2 instead of X.Y.Z.NS1 and
        X.Y.Z.NS2).
        
    $ tinydns-conf tinydns dnslog /etc/tinydns1 X.Y.Z.NS1
    $ tinydns-conf tinydns dnslog /etc/tinydns2 X.Y.Z.NS2
    $ echo "/etc/tinydns1/root" > /etc/tinydns2/env/ROOT
    $ ln -s /etc/tinydns[1-2] /var/service
    
    11. Next we must tell tinydns the hosts it should resolve. Open up
        /etc/tinydns1/root/data in vi.
    
    $ vi /etc/tinydns1/root/data
    
      ADD:
    #-----
    # Nameserver delegation.
    .example.com:X.Y.Z.NS1:ns1.example.com:1800
    .example.com:X.Y.Z.NS2:ns2.example.com:1800
    
    # MX record.
    @example.com:X.Y.Z.PUB:mail.example.com:10:1800
      
    # A records.
    =example.com:X.Y.Z.PUB:1800
    
    
    # Aliases
    +ftp.example.com:X.Y.Z.PUB
    +ssh.example.com:X.Y.Z.PUB
    +www.example.com:X.Y.Z.PUB
    #-----
    
    12. After saving the file we need to reparse the data.cdb which
        tinydns uses for querries.
    
    $ cd /etc/tineydns1/root
    $ make
    
    13. Congratulations! DJBDNS should now be configured and running.
        Allow an appropriate amount of time for propogation to take effect.
        This would also the time to change your nameservers, if necessary,
        to point to your new DNS.
    
    
    
    #--------------------------------------------------------------------#
    14. Clean up. This last section is for controling the dns processes,
        as well as testing.
    
    15. Create a nice control script to handle all of the djbdns services.
        To do this we will create a new script and save it in
        /usr/local/bin.
        
    $ vi /usr/local/bin/dnsctl
    
      ADD:
    #!/bin/sh
    # file /usr/local/bin/dnsctl
    # Daemontools control script for DJBDNS services.
    #-----
    
    SERVICES="/var/service/dnscache /var/service/dnscache/log \
              /var/service/tinydns1 /var/service/tinydns1/log \
              /var/service/tinydns2 /var/service/tinydns2/log"
    
    case "$1" in
    start)
        echo "Starting djbdns services"
        svc -u ${SERVICES}
        ;;
    stop)
        echo "Stopping djbdns services"
        svc -d ${SERVICES}
        ;;
    restart)
        echo "Restarting djbdns services"
        svc -t ${SERVICES}
        ;;
    status)
        svstat ${SERVICES}
        ;;
    cdb)
        echo "Updating tinydns data"
        cd /var/service/tinydns1/root; tinydns-data
        ;;
    help)
        cat << HELP
      start -- start up djbdns services
       stop -- stop djbdns services
    restart -- restart djbdns services
     status -- view current status of djbdns services
       help -- this screen
    HELP
        ;;
    *)
        echo "Usage: $0 [start|stop|restart|status|help]"
        exit 1
        ;;
    esac
    
    exit 0
    
    #-----
    
    16. Finally restart DJBDNS services :P.
    
    $ /usr/local/bin/dnsctl restart
    
    
    #--------------------------------------------------------------------#
    Jacob Squires , CISSP

    security assesment, network analysis

  4. #4
    oh thankz...ur article help me to understand in deep hows it works.

    ive plenty of domains.how to put them all?and some domain i want to make email for them.

  5. #5
    Join Date
    Mar 2003
    Location
    Sacramento, CA
    Posts
    70
    Here would be an example of multiple domains in your /etc/tinydns1/root/data file. Just remember to run the make command on it after you edit it.

    Notice how newdomain.com uses the same nameservers as example.com. As you add new domains just make sure those domains use ns1 and ns2 of example.com at the registrar.

    Code:
    #----- EXAMPLE.COM
    # Nameserver delegation.
    .example.com:X.Y.Z.NS1:ns1.example.com:1800
    .example.com:X.Y.Z.NS2:ns2.example.com:1800
    
    # MX record.
    @example.com:X.Y.Z.PUB:mail.example.com:10:1800
      
    # A records.
    =example.com:X.Y.Z.PUB:1800
    
    
    # Aliases
    +ftp.example.com:X.Y.Z.PUB
    +www.example.com:X.Y.Z.PUB
    #-----
    
    
    
    #----- NEWDOMAIN.COM
    # Nameserver delegation.
    .newdomain.com:X.Y.Z.NS1:ns1.example.com:1800
    .newdomain.com:X.Y.Z.NS2:ns2.example.com:1800
    
    # MX record.
    @newdomain.com:X.Y.Z.PUB:mail.newdomain.com:10:1800
      
    # A records.
    =newdomain.com:X.Y.Z.PUB:1800
    
    
    # Aliases
    +ftp.newdomain.com:X.Y.Z.PUB
    +www.newdomain.com:X.Y.Z.PUB
    #-----
    
    
    
    #----- EMAILONLY.COM
    # Nameserver delegation.
    .emailonly.com:X.Y.Z.NS1:ns1.example.com:1800
    .emailonly.com:X.Y.Z.NS2:ns2.example.com:1800
    
    # MX record.
    @emailonly.com:X.Y.Z.PUB:mail.emailonly.com:10:1800
      
    # A records.
    =emailonly.com:X.Y.Z.PUB:1800
    #-----
    Hope this helps you out.
    Jacob Squires , CISSP

    security assesment, network analysis

  6. #6
    oh good.its works.before this i dont put :

    #----- NEWDOMAIN.COM
    # Nameserver delegation.
    .newdomain.com:X.Y.Z.NS1:ns1.example.com:1800
    .newdomain.com:X.Y.Z.NS2:ns2.example.com:1800

    djbdns easy than bind.

    thankz.

    anyway i want to mount my old hdd to get my old /home dir.i already read about mount but after try to mount old hdd its not working

  7. #7
    Join Date
    Mar 2003
    Location
    Sacramento, CA
    Posts
    70
    glad you got it working.

    what command are you running to mount your old hdd? when you issue the mount command does it return an error message?
    Jacob Squires , CISSP

    security assesment, network analysis

  8. #8
    Join Date
    Jul 2001
    Location
    Singapore
    Posts
    1,790
    For your step 4, you can also add in /etc/rc.conf instead of editing the /usr/local/etc/rc.d/svscan.sh file:
    Code:
    svscan_enable="YES"
    Just my thoughts... ...
    Giam Teck Choon
    :: Join choon.net Community today to share your tips and tricks on server issues please ::
    :: Singapore Dedicated Servers :: Singapore Virtual Private Servers :: Linux/FreeBSD Server Management ::

  9. #9
    Join Date
    Mar 2003
    Location
    Sacramento, CA
    Posts
    70
    Thanks choon. I'll modify my documentation to list that as an alternative .
    Jacob Squires , CISSP

    security assesment, network analysis

  10. #10
    i wan tto ask how to get my old hdd using mount? i need to get back my old /home dir

  11. #11
    Join Date
    Jul 2001
    Location
    Singapore
    Posts
    1,790
    Originally posted by jsquires
    Thanks choon. I'll modify my documentation to list that as an alternative .
    Welcome and for your step 10... instead of tinydns1 and tinydns2 for each IP... which is very troublesome for maintaining each IP tinydns data file... there is a patch to bind mulitple IP addresses... and here we go:
    Code:
    # cd /usr/ports/dns/djbdns
    # make extract
    # cd work
    # fetch http://www.ohse.de/uwe/patches/djbdns-1.05-multiip.diff
    OR
    # wget http://www.ohse.de/uwe/patches/djbdns-1.05-multiip.diff
    # patch -p0 < djbdns-1.05-multiip.diff
    Hmm...  Looks like a unified diff to me...
    The text leading up to this was:
    --------------------------
    |diff -ur djbdns-1.05/Makefile djbdns-1.05-multiip/Makefile
    |--- djbdns-1.05/Makefile       Sun Feb 11 21:11:45 2001
    |+++ djbdns-1.05-multiip/Makefile       Thu Feb 15 14:49:06 2001
    --------------------------
    Patching file djbdns-1.05/Makefile using Plan A...
    Hunk #1 succeeded at 626.
    Hunk #2 succeeded at 704.
    Hunk #3 succeeded at 774.
    Hunk #4 succeeded at 979.
    Hunk #5 succeeded at 1084.
    Hmm...  The next patch looks like a unified diff to me...
    The text leading up to this was:
    --------------------------
    |diff -ur djbdns-1.05/server.c djbdns-1.05-multiip/server.c
    |--- djbdns-1.05/server.c       Sun Feb 11 21:11:45 2001
    |+++ djbdns-1.05-multiip/server.c       Thu Feb 15 16:30:33 2001
    --------------------------
    Patching file djbdns-1.05/server.c using Plan A...
    Hunk #1 succeeded at 11.
    Hunk #2 succeeded at 27.
    Hunk #3 succeeded at 89.
    done
    # cd ..
    # make install
    Then to run tinydns on multiple IPs, you can simply:
    Code:
    tinydns-conf tinydns dnslog /etc/tinydns IP1,IP2,IP3
    OR
    Code:
    tinydns-conf tinydns dnslog /etc/tinydns IP1
    Then edit /etc/tinydns/env/IP file and add in any additional IPs separated by comma without any space in first line such as:
    IP1,IP2,IP3... ... so on... ...

    After that, as usual... start tinydns or give a HUP signal to tinydns if it is already started.

    Whereby for dnscache, if it is just for the same server usage... you can setup dnscache to bind on 127.0.0.1 instead of public IP and for /etc/resolv.conf, you can simply put nameserver 127.0.0.1 at the first line and the rest is your provider's DNS resolver IP(s) ... ... that is normally how i do

    Cheers

    Kindest regards,
    Giam Teck Choon
    :: Join choon.net Community today to share your tips and tricks on server issues please ::
    :: Singapore Dedicated Servers :: Singapore Virtual Private Servers :: Linux/FreeBSD Server Management ::

  12. #12
    the svscan never start when reboot.i already add to rc.conf n try to reboot but not start the svscan

  13. #13
    Join Date
    Jul 2001
    Location
    Singapore
    Posts
    1,790
    show us:
    Code:
    ls -al /usr/local/etc/rc.d/svscan.sh
    Are you able to start by executing:
    Code:
    /usr/local/etc/rc.d/svscan.sh start
    Giam Teck Choon
    :: Join choon.net Community today to share your tips and tricks on server issues please ::
    :: Singapore Dedicated Servers :: Singapore Virtual Private Servers :: Linux/FreeBSD Server Management ::

  14. #14
    -r-xr-xr-x 1 root wheel 2270 May 7 23:45 /usr/local/etc/rc.d/svscan.sh


    yes i can start using that command.

  15. #15
    Join Date
    Jul 2001
    Location
    Singapore
    Posts
    1,790
    Then how you know it is not started when you reboot? Did you issue something like this to check:
    Code:
    ps auwx|grep svscan
    svstat /var/service/*
    Giam Teck Choon
    :: Join choon.net Community today to share your tips and tricks on server issues please ::
    :: Singapore Dedicated Servers :: Singapore Virtual Private Servers :: Linux/FreeBSD Server Management ::

  16. #16
    Join Date
    Mar 2003
    Location
    Sacramento, CA
    Posts
    70
    kandai if that file is there then a reboot should bring up svscan. Can you paste in the contents of that file?
    Jacob Squires , CISSP

    security assesment, network analysis

  17. #17
    Join Date
    Jul 2001
    Location
    Singapore
    Posts
    1,790
    Or use this to check:
    Code:
    /usr/local/etc/rc.d/svscan.sh rcvar
    It should be showing you something like:
    Code:
    # svscan
    $svscan_enable=YES
    Giam Teck Choon
    :: Join choon.net Community today to share your tips and tricks on server issues please ::
    :: Singapore Dedicated Servers :: Singapore Virtual Private Servers :: Linux/FreeBSD Server Management ::

  18. #18
    ps auwx|grep svscan
    root 504 0.0 0.1 1236 612 p0- S Thu07AM 0:09.29 svscan /service


    svstat /var/service/*
    /var/service/*: unable to chdir: file does not exist

    im using on /service folder
    svstat /service/*
    /service/dnscache: up (pid 42216) 75602 seconds
    /service/qmail-send: up (pid 68649) 1 seconds
    /service/qmail-smtpd: up (pid 47875) 130381 seconds
    /service/tinydns: up (pid 42217) 75602 seconds

  19. #19
    Join Date
    Jul 2001
    Location
    Singapore
    Posts
    1,790
    When you reboot, you need to check whether svscan is running thus the ps auwx|grep svscan will show you once you rebooted without doing any other thing. By default, svscan service directory is /var/service if my memory serves me right and did you modify the /usr/local/etc/rc.d/svscan.sh file besides the svscan_enable from NO to YES which is not necessary if you use /etc/rc.conf file?
    Giam Teck Choon
    :: Join choon.net Community today to share your tips and tricks on server issues please ::
    :: Singapore Dedicated Servers :: Singapore Virtual Private Servers :: Linux/FreeBSD Server Management ::

  20. #20
    Join Date
    Mar 2003
    Location
    Sacramento, CA
    Posts
    70
    Using the FreeBSD ports version of DJB DNS puts the service directory at /var/service. Did you install from source or the ports? I'd still like to see the contents of svscan.sh if you don't mind.
    Jacob Squires , CISSP

    security assesment, network analysis

  21. #21
    im install dhbnd using port on freebsd.what file do you want to see?

  22. #22
    Join Date
    Jul 2001
    Location
    Singapore
    Posts
    1,790
    jsquires is asking for content of /usr/local/etc/rc.d/svscan.sh... ...
    Giam Teck Choon
    :: Join choon.net Community today to share your tips and tricks on server issues please ::
    :: Singapore Dedicated Servers :: Singapore Virtual Private Servers :: Linux/FreeBSD Server Management ::

  23. #23
    cat /usr/local/etc/rc.d/svscan.sh
    #!/bin/sh
    #
    # $FreeBSD: ports/sysutils/daemontools/files/svscan.sh.sample,v 1.10 2004/07/30 17:40:18 roam Exp $
    #

    # PROVIDE: svscan
    # REQUIRE: LOGIN
    # KEYWORD: FreeBSD

    # Define these svscan_* variables in one of these files:
    # /etc/rc.conf
    # /etc/rc.conf.local
    # /etc/rc.conf.d/svscan
    #
    # DO NOT CHANGE THESE DEFAULT VALUES HERE
    #

    # It would really, really be a Good Thing(tm) for you to enable some
    # of the below control variables and the apropriate ulimit.
    # These are only examples.
    # Furthermore, you should think about additional limits you might need.
    # Or, check login.conf(5) for a suitable alternative.
    # If you want to use these examples, please place into /etc/rc.conf.d/svscan.
    #
    # I really do suggest you use /var/service as your service spool directory.
    # Check hier(7) for reasons.

    # 10 Mb
    #MINSEGMENT=10240
    # 20 Mb
    #MAXSEGMENT=20480
    # 10 Mb
    #MAXFILESIZE=10240
    # 100
    #MAXFD=100
    # 40
    #MAXCHILD=40

    # ulimits
    #ulimit -d ${MINSEGMENT}
    #ulimit -f ${MAXFILESIZE}
    #ulimit -m ${MAXSEGMENT}
    #ulimit -n ${MAXFD}
    #ulimit -s ${MINSEGMENT}
    #ulimit -u ${MAXCHILD}

    . /etc/rc.subr

    name="svscan"
    rcvar=`set_rcvar`
    command="/usr/local/bin/svscan"
    svscan_enable=${svscan_enable-"YES"}
    svscan_servicedir=${svscan_servicedir-"/var/service"}

    start_cmd="svscan_start"
    stop_postcmd="svscan_stop_post"

    load_rc_config $name

    required_dirs="${svscan_servicedir}"

    svscan_start () {
    echo "Starting svscan."
    /usr/bin/env \
    PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \
    /usr/sbin/daemon -f /bin/sh -c "$command $svscan_servicedir 2>&1 | /usr/local/bin/readproctitle service errors: ...................................................................................................................................................... ...................................................................................................................................................... .................................................................................................... &" > /dev/null
    }

    svscan_stop_post () {
    echo "Stopping svscan."
    find -L "$svscan_servicedir" -mindepth 1 -maxdepth 2 -type d \( \! -path "$svscan_servicedir/*/*" -or -name 'log' \) -print0 | xargs -0 /usr/local/bin/svc -dx
    }

    run_rc_command "$1"

  24. #24
    Join Date
    Mar 2003
    Location
    Sacramento, CA
    Posts
    70
    okay now what are the contents of your rc.conf file in /etc?
    Jacob Squires , CISSP

    security assesment, network analysis

  25. #25
    this is my second restart server to check did svscan start on startup.and: NO

    this is my rc.conf:

    # -- sysinstall generated deltas -- # Fri May 6 05:11:20 2005
    # Created: Fri May 6 05:11:20 2005
    # Enable network daemons for user convenience.
    # Please make all changes to this file, not to /etc/defaults/rc.conf.
    # This file now contains just the overrides from /etc/defaults/rc.conf.
    defaultrouter="ip"
    hostname="mydomain.com"
    ifconfig_rl0="inet ip netmask 255.255.255.0"
    svscan_enable="YES"
    apache_enable="YES"
    linux_enable="YES"
    sshd_enable="YES"
    usbd_enable="YES"

  26. #26
    Join Date
    Mar 2003
    Location
    Sacramento, CA
    Posts
    70
    Okay if you don an ls -la of /var/service what do you get? If you do not have a /var/service and instead have a /service, please let me know.
    Jacob Squires , CISSP

    security assesment, network analysis

  27. #27
    ls -al /service/
    total 4
    drwxr-xr-x 2 root wheel 512 May 12 20:27 .
    drwxr-xr-x 24 root wheel 512 May 16 16:00 ..
    lrwxr-xr-x 1 root wheel 22 May 7 13:15 dnscache -> /var/dnscache/dnscache
    lrwxr-xr-x 1 root wheel 31 May 12 20:27 qmail-send -> /var/qmail/supervise/qmail-send
    lrwxr-xr-x 1 root wheel 32 May 12 20:27 qmail-smtpd -> /var/qmail/supervise/qmail-smtpd
    lrwxr-xr-x 1 root wheel 21 May 7 14:03 tinydns -> /var/dnscache/tinydns

  28. #28
    Join Date
    Jul 2001
    Location
    Singapore
    Posts
    1,790
    Do a symlink might help you solve your problem:
    Code:
    ln -s /service /var/service
    OR as stated in your /usr/local/etc/rc.d/svscan.sh script which you follow what is stated there thus added:
    Code:
    svscan_servicedir="/service"
    svscan_enable="YES"
    That should solve your problem I guess... ...
    My suggestion would be try not to modify the start up script provided by the package installed from ports.

    Hope this helps
    Giam Teck Choon
    :: Join choon.net Community today to share your tips and tricks on server issues please ::
    :: Singapore Dedicated Servers :: Singapore Virtual Private Servers :: Linux/FreeBSD Server Management ::

  29. #29
    ok but i will restart server soon maybe next week then i will let u know.yeah thats make sense that my dir shud be /var/service but im just installed it in /service any way thankz

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •