--- Federico Sevilla III <[EMAIL PROTECTED]>
wrote:
> Hi fellow PLUGgers,
>
> {/service,/var/lib/svscan}
> which svscan loads up within 5 minutes.
5 seconds :)
okay i think you made things alot harder than it
should be ( if i understand you correctly)
andy yes tinydns and dnscache will not listen on the
same interface
> >
> a. Configure tinydns to listen to IP 0.0.0.0. It
> listens to port 53 on UDP
> so it won't conflict with any of the other programs.
tinydns should be configured to listen on a
public/live or reachable ip address (if you are using
a public content dns server)
>
> b. Configure dnscache twice (with separate root
> directories,
> /etc/dnscache-lo and /etc/dnscache-lan), because I
> need to listen to both
> localhost and the LAN, but cannot just listen to
> 0.0.0.0 because this will
> bork access from outside which would otherwise be
> received by axfrdns or
> tinydns directly. One listens to 127.0.0.1 and the
> other to 192.168.0.
i think this could be handled by one dnscachex or an
external dnscache
i think the proper configuration would be
1. dnscache-conf dnscache dnslog /etc/dnscachex
xxx.xxx.xxx.xxx (xxx=ip of your dnscachex box)
2. ln -s /etc/dnscachex /your_service_directory
3. add the ips that can use the externdal dnscache
touch /etc/dnscachex/root/ip/192.168.0
this permits 192.168.0.0/24 to use the dnscache
touch /etc/dnscachex/root/ip/127.0.0.1
permits 127.0.0.1 to use the dnscachex so you just
touch ips in that directory to give access to your
dnscache
this is the most secure way of doing things
1. it limits the people who can use the dns cache (
unlike in bind's default that any one can use your
dnscache
2. prevents DOS attacks against your dnscache
3. saves you bandwith :)
if unauthorized people can use your dnscache you are
wasting bandwith for them
and about axfrdns
tinydns and axfrdns can listen on the same interface
tinydns listens on port 53 udp
axfrdns listens on port 53 tcp
my experience with axfr before ( teleglobe being the
slave) is i need to use a script called notify from
http://tinydns.org
okay here are some helpful links
http://cr.yp.to/djbdns/faq.html - (a must read)
http://djbdns.faqts.com - (nice reading )
http://lifewithdjbdns.org - (a walkthrough in
installing djbdns)
http://www.tinydns.org - (you'll find some helpful
patches/scripts here)
> So, I'm officially using djbdns, and will "dpkg
> --purge bind bind-doc"
> now. Yeah! :)
:) good for you hehehehe welcome to the club
-Dek
[EMAIL PROTECTED]
__________________________________________________
Do You Yahoo!?
Make a great connection at Yahoo! Personals.
http://personals.yahoo.com
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
