Admins eHow SysAdmin Tips & Tricks

December 2, 2022

Redirect all DNS requests to local caching DNS server

Filed under: dns,linux — Tags: , , , , — admin @ 2:44 am

For caching DNS Server, I use PowerDNS recursor server. Install it first :

apt install pdns-recursor

By default it listens on 127.0.0.1:53 and should work right after the installation, but for faster performance I want it to forward all queries to 8.8.8.8 which is Google’s public DNS server. so change /etc/powerdns/recursor.conf and add the following line :

forward-zones-recurse= .=8.8.8.8;

Restart the service after config change :

systemctl restart pdns-recursor.service

Now you can test it :

dig yahoo.com @127.0.0.1

You should get a valid response.
Now lets redirect all DNS queries to our local server :

iptables -t nat -I OUTPUT -m owner --uid-owner pdns -j RETURN
iptables -t nat -I POSTROUTING -m owner --uid-owner pdns -j RETURN
iptables -t nat -A OUTPUT -p udp --dport 53 -j DNAT --to 127.0.0.1:53
iptables -t nat -A POSTROUTING -p udp --dport 53 -j SNAT --to-source 127.0.0.1

The first two iptables rules prevent a loop in redirecting pdns queries to outside world (8.8.8.8 in our case).
Done. Easy 😉

January 9, 2022

Linux DNS dig utility for Windows x64 (update)

Filed under: dns,Windows — Tags: , , — admin @ 12:10 am

This installer installs the dig utility in Windows directory by default.
Download installer : Dig-x64-9.16.24-setup.exe

March 22, 2015

Linux dig utility for Windows x64

Filed under: dns,General,linux,Windows — Tags: , , , — admin @ 5:00 pm

I have created an installer for Linux DNS dig utility for Windows x64. it is extracted from BIND 9.10.2.x64.
It installs dig into system32 folder of Windows so it is already included in PATH and can be invoked from anywhere in command prompt.

Download : DIG_9.10.2.x64

May 17, 2010

How to check domain NS glue records using dig

Filed under: dns — Tags: , , , , , — admin @ 11:52 am

Lets check microsoft.com NS glue records by dig command.

As it is a .com domain first we should check root servers for .com by the following command :

dig NS com

Result :

com.                    22124   IN      NS      d.gtld-servers.net.
com.                    22124   IN      NS      f.gtld-servers.net.
com.                    22124   IN      NS      a.gtld-servers.net.
com.                    22124   IN      NS      c.gtld-servers.net.
com.                    22124   IN      NS      g.gtld-servers.net.
com.                    22124   IN      NS      i.gtld-servers.net.
com.                    22124   IN      NS      l.gtld-servers.net.
com.                    22124   IN      NS      m.gtld-servers.net.
com.                    22124   IN      NS      k.gtld-servers.net.
com.                    22124   IN      NS      e.gtld-servers.net.
com.                    22124   IN      NS      h.gtld-servers.net.
com.                    22124   IN      NS      b.gtld-servers.net.
com.                    22124   IN      NS      j.gtld-servers.net.

We can choose any root server for next query , I will choose m.gtld-servers.net :

dig NS microsoft.com @m.gtld-servers.net

Result :

;; AUTHORITY SECTION:
microsoft.com.          172800  IN      NS      ns1.msft.net.
microsoft.com.          172800  IN      NS      ns2.msft.net.
microsoft.com.          172800  IN      NS      ns3.msft.net.
microsoft.com.          172800  IN      NS      ns4.msft.net.
microsoft.com.          172800  IN      NS      ns5.msft.net.

;; ADDITIONAL SECTION:
ns1.msft.net.           172800  IN      A       65.55.37.62
ns2.msft.net.           172800  IN      A       64.4.59.173
ns3.msft.net.           172800  IN      A       213.199.161.77
ns4.msft.net.           172800  IN      A       207.46.75.254
ns5.msft.net.           172800  IN      A       65.55.226.140

OK we are done , the ADDITIONAL SECTION in last query contains the glue records :

ns1.msft.net.           172800  IN      A       65.55.37.62
ns2.msft.net.           172800  IN      A       64.4.59.173
ns3.msft.net.           172800  IN      A       213.199.161.77
ns4.msft.net.           172800  IN      A       207.46.75.254
ns5.msft.net.           172800  IN      A       65.55.226.140

May 12, 2009

How to install a caching only dns server using powerdns on debian lenny

Filed under: Debian,General — Tags: , , , — admin @ 3:50 pm

I just noted my caching bind9 dns server is using 306MB of my precious memory ! what the hell is it doing !? go to hell bind !

/etc/init.d/bind9 stop
apt-get remove bind9

so I decided to install another caching dns server , after some research I found PowerDNS. it uses MySQL for storing its zones , but hopefully its caching component doesnt need mysql , so great , lets go and install it.
My favourite OS is debian lenny , so I ran the following command :

apt-get install pdns-recursor

WOW , it was very simple ! it is already working on localhost , but I needed it to listen on all IPs on my box and accept queries from everyone 😀 I wanted to serve public :p so I went to /etc/powerdns and opened “recursor.conf” file and made the following changes :

allow-from=
local-address=0.0.0.0

and restarted the service by :

/etc/init.d/pdns-recursor restart

it’s done 😀 now it is working as a public caching name server.

Powered by WordPress