Clean djbDNS DNS Server On CentOS - dnscache And tinydns - A To Z

What is djbDNS? And why do we use djbDNS? There is a new point of view to serve
the dns service - each of the dns server functionalities is a separate service,
like authority, cache, forward and so on. The other difference is the daemon-too
ls which will rapidly restart services to prevent zombies.

Requirements:
CentOS 5.4 clean installation
Log in as root.
# yum update
# yum install gcc
# mkdir pkg
# cd pkg
The first step is to install the daemon-tools:
# cd ~/pkg
# wget http://cr.yp.to/daemontools/daemontools-0.76.tar.gz
# gunzip daemontools-0.76.tar
# tar -xpf daemontools-0.76.tar
# rm -f daemontools-0.76.tar
# cd admin/daemontools-0.76
# vi src/conf-cc
Append the following line at the end of the gcc line:
-include /usr/include/errno.h
# ./package/install
One other package we need to prepare for djbdns to be functional is ucspi:
# cd ~/pkg
# wget http://cr.yp.to/ucspi-tcp/ucspi-tcp-0.88.tar.gz
# gunzip ucspi-tcp-0.88.tar
# tar -xf ucspi-tcp-0.88.tar
# cd ucspi-tcp-0.88
# vi src/conf-cc
Append the following line at the end of the gcc line:
-include /usr/include/errno.h
# make
# make setup check
The next step is the document publication:
# cd ~/pkg
# wget http://cr.yp.to/djbdns/doc.tar.gz
Next we will unzip docs under /doc:

# gunzip < doc.tar.gz | (cd /; tar -xf -)

Use the following script to merge in system docs:
#!/bin/sh
for i in packages commands cfunctions fileformats
do
sort -f /dev/null `find /doc/merge -name $i.html` > /doc/$i.new
mv /doc/$i.new /doc/$i.html
done
Save script into a file: script.sh
# chmod +x script.sh
# ./script.sh
# cd ~/pkg
# wget http://cr.yp.to/djbdns/djbdns-1.05.tar.gz
# gunzip djbdns-1.05.tar
# tar -xf djbdns-1.05.tar
# cd djbdns-1.05
# vi src/conf-cc
Append the following line at the end of the gcc line:
-include /usr/include/errno.h
# make
# make setup check
All compiling gets done.
The next step is the dns server configuration.

DNSCACHE
Create two system user accounts:
# useradd -d /var/dnscache -s /bin/false dnscache
# useradd -d /var/dnscache -s /bin/false dnslog
Configure the cache:
# dnscache-conf dnscache dnslog /var/dnscache/dnscache <listen-IP>
Example: dnscache-conf dnscache dnslog /var/dnscache/dnscache 192.168.20.1
Allow the rest of your network to query dnscache:
# touch /var/dnscache/dnscache/root/ip/<Net-ID>
Example: touch /var/dnscache/dnscache/root/ip/192.168
Add dnscache to the list of services to be monitored by svscan:
# ln -sf /var/dnscache/dnscache /service/
If you like ms-windows... you can make a reboot to be sure that all the world is
in place.
There is a point here that your are still not able to query from your cache serv
er, because your clients are now able to be resolved in reverse mode.
As mentioned before it's one of the dns-cache security features to reverse-check
clients. So in the next step we will work on tinydns to act for us.

DNSTINY
Once again, we need two system user accounts:
# useradd -d /var/dnscache -s /bin/false tinydns
# useradd -d /var/dnscache -s /bin/false tinylog
# tinydns-conf tinydns tinylog /var/dnscache/tinydns 127.0.0.1
Now it's time to add nodes into dns database:
# cd /var/dnscache/tinydns/root
# ./add-ns internal 192.168.20.1
# ./add-ns 20.168.192.in-addr.arpa 192.168.20.1
# ./add-mx internal 192.168.20.2
# ./add-host ns.internal 192.168.20.1
# ./add-host mail.internal 192.168.20.2
# ./add-alias unagi.internal 192.168.20.2
# make
These nodes with go to the database file /var/dnscache/tinydns/root/data that yo
u are able to edit manually.
The last step is the dns service startup:
# ln -sf /var/dnscache/tinydns /service