On Tue, Mar 17, 2009 at 04:04:06PM -0400, Daniel Drake wrote:
>2009/3/17 Martin Langhoff <martin.langh...@gmail.com>:
>> It's in my plans to have a means to do what you're doing. I was wondering 
>> about
>>
>>  - a conf.d approach
>>  - a pre-processor for the .in files that handles ifdef-style blocks
>>  - whether dnsmasq or djbdns can help us here
>>
>> I sure hope BIND won't be with us for ever.
>
>dnsmasq can certainly help. With dnsmasq you just have to add an entry
>in /etc/hosts on the server, and then dnsmasq automatically picks it
>up.
>Michael says that djbdns also can do what we want, and pointed me to
>some documentation, but it looked a lot more complicated than dnsmasq.

Here's a rough outline of how you might redirect "antitheft.laptop.org" with
djbdns on Debian Lenny. I can't promise that it's bulletproof, but it seems to
do approximately the right thing in simple testing.

sudo su -
apt-get install djbdns
useradd -s /bin/false dnslog
useradd -s /bin/false tinydns
useradd -s /bin/false dnscache

export YOUR_IP=...

# create empty dnscache and tinydns configurations
dnscache-conf dnscache dnslog /etc/dnscache
tinydns-conf tinydns dnslog /etc/tinydns 127.0.0.1

# tell dnscache where to bind, when to reply, and to proxy queries for at.l.o
echo $YOUR_IP > /etc/dnscache/env/IP
touch /etc/dnscache/root/ip/10   # answer 10.0.0.0/24
echo 127.0.0.1 > /etc/dnscache/root/servers/antitheft.laptop.org

# give tinydns a zone containing at.l.o
cd /etc/tinydns/root
./add-ns antitheft.laptop.org $YOUR_IP
./add-host antitheft.laptop.org $YOUR_IP
make

# tell supervise to run our services; see also "update-service" on debian
ln -s /etc/dnscache /etc/service
ln -s /etc/tinydns /etc/service

# check that we're running and bound to proper ports
svstat /etc/dnscache /etc/tinydns
netstat -nulp | grep ':53 '

# read logs
tail -f /etc/dnscache/log/main/current
cat /etc/tinydns/log/main/current | tai64nlocal | less

# optional -- resolve against your local dnscache
echo domain schoolserver > /etc/resolv.conf
echo nameserver $YOUR_IP >> /etc/resolv.conf

Questions?

Michael

P.S. - Is there a wiki page where this sort of thing is supposed to go?
_______________________________________________
Server-devel mailing list
server-de...@lists.laptop.org
http://lists.laptop.org/listinfo/server-devel

Reply via email to