BIND as a caching forwarder on cable

Kevin Darcy kcd at daimlerchrysler.com
Mon Feb 10 19:11:48 UTC 2003 

Peter S. May wrote:

>Howdy.
>
>[dro at tron etc]$ /usr/sbin/named -v
>BIND 9.2.1
>
>So, I've gotten a NAT setup working on a RedHat 8.0 box.  It works
>now, I just want to improve the setup, and the improvement has nothing
>to do with NAT itself.
>
>I have dhcpcd set up over eth1 to connect to the internet through a
>cable modem, while dhcpd is running over eth0 to hand out IPs to the
>other machines in my house.
>
>Here's the situation: Every time dhcpcd gets client data from my ISP,
>the nameservers in resolv.conf are updated--and they _do_ change from
>time to time.  I have no idea about the Right Way to pass these
>updated nameservers on to the other machines in my network.  What I
>have opted to do so far is set up dhcpd to tell my house machines to
>use my server (192.168.0.1) as their DNS:
>
>( from dhcpd.conf )
>authoritative;
>ddns-update-style none;
>
>subnet 192.168.0.0 netmask 255.255.255.0 {
>    .
>    .
>    .
>    # Default gateway
>    option routers 192.168.0.1;
>    # DNS server
>    option domain-name-servers 192.168.0.1;
>}
>( /from dhcpd.conf )
>
>and then configure BIND to forward requests it can't handle to my
>ISP's nameservers:
>
>( from named.conf )
>options {
>    directory "/var/named";
>    .
>    .
>    .
>    forward first;
>    forwarders {
>        x.x.x.x;    # My ISP's current nameservers
>        x.x.x.x;
>    };
>};
>( /from named.conf )
>
>In past configurations I have even gone as far as writing a Perl
>script to swipe the list of nameservers that dhcpcd got from my ISP
>and inserting them into named.conf (this is a new machine, so I did it
>by hand for now).  That sort of thing feels too hacky, and I know
>there has to be a better way.  Actually, I'm not even sure whether I
>should be looking for that better way in BIND or in DHCP, but I figure
>an answer for BIND may prove more useful should I ever need named for
>anything in the future.
>
>Anybody have an answer for me?
>
Have you tried setting up your box as a pure caching server, i.e. no 
forwarding? You might find that it performs just as well and you're not 
subject to the vicissitudes of your ISP's nameserver infrastructure.

                                                                        
                                        - Kevin

More information about the bind-users mailing list