Caching Only Configuration

The caching-only configuration is the foundation of all server configurations because all servers cache answers. The most common caching-only configuration is shown in Listing 4.4. This name.conf file is based on the sample found in the BIND 9 documentation with slight modifications for our imaginary network.

Listing 4.4: A Common Caching-Only Configuration

$ cat /etc/named.conf

// accept queries from the local subnet

options {

directory "/var/named"; allow-query { "subnet12"; };

// a caching only nameserver config

type hint; file "named.ca";

zone "0.0.127.in-addr.arpa" { type master; file "named.local";

The named.conf file in Listing 4.4 opens with an access control list. Use the acl command to assign an arbitrary name to a list of items that will be subsequently referenced by that name. In Listing 4.4, the acl command assigns the name subnet12 to a list of addresses. In this case, the list contains only one network address, but it could have contained more. The name subnet12 is then referenced in the allow-query option in the options statement.

The allow-query option limits the clients from which DNS queries will be accepted. By default, a BIND server accepts queries from any source. However, a caching-only server is not advertised to the outside world, and in general is intended to service only a limited number of local systems. The allow-query option in Listing 4.4 ensures that this server will only provide service to the clients on network 172.16.12.0.

The directory option in the options statement defines the default directory for named. In the sample file, it is /var/named. All subsequent file references in the named.conf file are relative to this directory.

The two zone statements in this caching-only configuration are found in all server configurations. The first zone statement defines the hints file that is used to help the name server locate the root servers during startup. The second zone statement makes the server the master for its own loopback address, and points to the local host file.

Was this article helpful?

0 0

Post a comment