Tech/Protocols/DNS/DNS Resolvers
Intro
GLIBC comes with some tools and one that is often confused is resolvconf or the gethostbyname call. These can be used for various directory queries like LDAP but today we will discuss DNS.
Example /etc/resolv.conf
search lathama.net domain lathama.net nameserver 8.8.4.4 nameserver 8.8.8.8 option rotate
Some versions have features like domain and options like rotate used above. Always confirm the features and options of your installed version.
resolvconf service
A service called resolveconf exists to manage the resolv.conf file. This is mainly used by network management tools.
Caching Queries
GLIBC does have a tool to cache queries. The nscd tool can cache many items for a system like passwd and LDAP lookups. For DNS it can be useful for caching repeating DNS queries. In the past there was once an issue with nscd failing it will cause a mix of results when you want to learn more. Be prepared for Internet Opinions when reading about nscd. If you have an application that sends hundreds or thousands of queries and does not respect TTL then try using the /etc/hosts file to define the answer.
DNS Resolver on Localhost
Some individuals create solutions to DNS issues by adding a local resolver to the system to listen on localhost. If doing this please configure it correctly. Only listen on 127.0.0.53 when possible so it becomes obvious what is going on. The resolve.conf if empty will query localhost/127.0.0.1 by default.
Local DNS Resolver Setup
BIND
- Debian quick example
apt-get -qq update && apt-get -qq install bind9 bind9utils dnsutils && apt-get clean
sed -i "/directory/a allow-query { any; };" /etc/bind/named.conf.options
/usr/sbin/named -g
KNOT
- https://knot-resolver.readthedocs.io/en/stable/quickstart-install.html
- https://knot-resolver.readthedocs.io/en/stable/quickstart-startup.html