ubuntu-use Pdnsd-tcp method to obtain ip-deny DNS pollution

That, since the domestic technology has appeared the DNS pollution problem, often caused a lot of foreign site access is not normal, so by reference to some blog to avoid DNS pollution method, decided to build an Ubuntu JeOS DNS cache server, the server uses TCP to obtain IP resolution, This avoids the problem of DNS pollution.

First, enter the root permission:

sudo –i

Then enter the password for the user name and enter the root command line.

Install the required software PDNSD using the following instructions:

apt-get install pdnsd

After installation, select the ok,manual manual configuration file.

vim /etc/pdnsd.conf

Enter the vim edit configuration file, press I to enter the edit mode, modify the following code (mainly note the content under Global and server, the other default):

Global {perm_cache=1024;cache_dir= "/VAR/CACHE/PDNSD"; run_as= "PDNSD"; server_ip = eth0;  Use eth0 this if you want to allow other//machines on your network to query pdnsd.status_ctl = on;  Paranoid=on;       query_method=tcp_only;//PDNSD must is compiled with tcp//query support for this to work.min_ttl=1d;   Retain cached entries at least minutes.max_ttl=1w;        One week.timeout=10;        Global timeout option (seconds). Don ' t enable if you don ' t recurse yourself, can leads to problems//delegation_only= "com", "Net";}  /* with Status_ctl=on and resolvconf installed, this would work out from the box this is the recommended setup for mobile Machines *///This section was meant for resolving from root servers.server {label = "root-servers"; root_server=on;ip = 8.      8.8.8,208.67.222.222,208.67.220.220;timeout = 5;uptest = Query;interval = 30m;  Test every half hour.ping_timeout = 300; Seconds.purge_cache = Off;exclude =. Localdomain;policy = IncludeD;preset = Off;} SOURCE {owner=localhost;//serve_aliases=on;file= "/etc/hosts";} RR {name=localhost;reverse=on;a=127.0.0.1;owner=localhost;soa=localhost,root.localhost,42,86400,900,86400,86400 ;}   /*neg {name=doubleclick.net;types=domain; This would also block xxx.doubleclick.net, etc.}   *//*neg {name=bad.server.com; Badly behaved server you don t want to connect TO.TYPES=A,AAAA;} *//* vim:set ft=c: * *

After editing, press ESC to exit edit mode, shift+: Outgoing command line, enter wq! save to exit.

Edit the native DNS server below

vim resolv.conf

Enter the vim edit profile, press I to enter edit mode, clear all content, write the following content:

nameserver 127.0.0.1

After editing, press ESC to exit edit mode, shift+: Outgoing command line, enter wq! save to exit.

Modify the Start_daemon section below

vim /etc/default/pdnsd

Enter the vim edit configuration file, press I to enter edit mode, modify the code:

START_DAEMON=no为START_DAEMON=yes

After editing, press ESC to exit edit mode, shift+: Outgoing command line, enter wq! save to exit.

Restart PDNSD

/etc/init.d/pdnsd restart

After that, you can let other computers use your Linux IP as the DNS server to avoid DNS pollution.

Now the problem is that the server I set up to start normal, and then not normal, dig hint connection timed out; No servers could be reached, sigh ...

ubuntu-use Pdnsd-tcp method to obtain ip-deny DNS pollution