dnscache (8) - Linux Manuals

dnscache: djbdns DNS cache daemon.

NAME

dnscache - djbdns DNS cache daemon.

SYNOPSIS

dnscache [OPTIONS]

DESCRIPTION

dnscache is used to map a domain name to its IP address and vice versa. Upon invocation, dnscache reads from its configuration file and listens on TCP/UDP port 53 for incoming requests. Typically dnscache accepts incoming requests only from localhost(127.0.0.1). To accept requests from external machine or subnet, create a file, named after the IP address of a machine or subnet from which to accept requests, under the `ip/' directory. Ie. dnscache would accept requests from IP address 1.2.3.4, if there is a file named 1.2.3.4 OR 1.2.3 OR 1.2 OR 1. under the `ip/' directory.

To resolve a domain name, dnscache contacts the name servers listed in files under the `servers/' directory. File `roots' lists the root name servers. dnscache would contact servers listed in the `servers/mydomain.com' file, to resolve domain names that end with mydomain.com, like say: mail.mydomain.com or irc.mydomain.com etc. Note: these files list IP addresses of name servers one on each line.

From version 1.05.9, dnscache introduced support for the DNS(or Domain) Block List. DNS Block List is a list of domain names which are to be blocked by the resolver. Client requests querying for such domain names are dropped by the resolver. This would add an additional layer of security for DNS clients and also help to reduce malicious traffic.

DNS block list is a 'cdb' database created using tinydns-data(1) tool. List the malicious domain names into a 'data' file as generic domain records, one on each line, as:


 :bad.domain.com:284::::

Number '284' is not used, it can be any number between 256...65535. tinydns-data(1) would create a 'data.cdb' database from this 'data' file. Rename data.cdb to dnsbl.cdb, because that is the file read by dnscache server.


 mv data.cdb dnsbl.cdb

dnscache would read 'dnsbl.cdb' from its working($ROOT) directory defined in the 'dnscache.conf' file.

OPTIONS

-d <value>

 print debug messages as per the debug level 1, 2 or 3.
-D

 run as a daemon.
-h --help

 print this help.
-v --version

 print version information.

FILES


 /etc/ndjbdns/ip/
 /etc/ndjbdns/servers/
 /etc/ndjbdns/dnscache.conf


 /var/log/dnscached.log

BUGS

Report bugs to <pj.pandit [at] yahoo.co.in>

AUTHOR

Prasad J Pandit