How to create a high-speed DNS Cache Server under FreeBSD 6.0-RELEASE

Some time ago, I changed the server to using ipfilter + ipnat + dhcp -- ipfilter + ipnat packet filtering, forwarding, and DHCP server architecture notes under freebsd5.4. However, I recently felt that the server is always offline, I opened another dns Cache service on the server, hoping to alleviate the current situation through caching.

First, we will introduce how to create a high-speed dns Cache Server on freebsd, which is referenced in the freebsd Chinese manual:

The cache Domain Name Server is a Domain Name Server that does not provide authoritative resolution for any domain. It simply completes the query and remembers the query for future use. To create such a server, you only need to configure a Domain Name Server as usual, without configuring a domain.

The installation is as follows:

The software used is BIND. After freebsd6.0 is installed, BIND is automatically installed. The version is BIND9 and the path is usually/etc/namedb. Freebsd5.2 and earlier versions can download BIND9.3 from the ISC website. Currently, BIND is maintained by the Internet Software Consortium http://www.isc.org.

1. Create a local DNS reverse resolution domain File

Proxy4bak # cd/etc/namedb
Proxy4bak # sh make-localhost

The localhost. rev file is generated in the/etc/namedb/master Directory.

2. Edit the dns configuration file/etc/namedb/named. conf.

The content is as follows:

Options {
Directory "/etc/namedb ";
Pid-file "/var/run/named/pid ";
Dump-file "/var/dump/named_dump.db ";
Statistics-file "/var/stats/named. stats ";

// Forwarders {
// 221.228.255.1; 218.2.135.1;
//};
};

Zone "."{
Type hint;
File "named. root ";
};

Zone "0.0.127.IN-ADDR. ARPA "{
Type master;
File "master/localhost. rev ";
};

Forwarders (forwarding) is not used here. The freebsd Chinese manual contains the following paragraph:

To benefit from the superior cache, you can enable it hereForwarders. In general, the domain name server will query the Internet step by step to find a specific domain name server until the answer is obtained. Enabling this will allow it to first query the upper-level domain name server (or another Domain Name Server provided) and obtain results from their cache. If the load on the higher-level domain name server is heavy, enabling it on a faster Domain Name Server will help improve service quality.

3. Change/etc/resolv. conf

Change resolv. conf:

Nameserver 127.0.0.1

3. Enable named

Edit/etc/rc. conf and add the startup content as follows:

Proxy4bak # cd/etc
Proxy4bak # ee rc. conf
Join
Named_enable = "YES"

Run the top command to check whether the named process is started. You can also use nslookup to query a URL. If yes, the cache has been created and is displayed as follows:

Proxy4bak # nslookup
> Set type = any
> Www.google.com
Server: 127.0.0.1
Address: 127.0.0.1 #53

Non-authoritative answer:
Www.google.com canonical name = www.l.google.com.

Authoritative answers can be found from:
Google.com nameserver = ns4.google.com.
Google.com nameserver = ns1.google.com.
Google.com nameserver = ns2.google.com.
Google.com nameserver = ns3.google.com.

I also found a dns Cache software, djbdns, which is already in use. I used BIND directly for convenience, because it was included during freebsd installation. However, we do not know which one is better in terms of performance.

The first time you create a dns Cache Server, please note that there is an error in writing. I hope this note will be useful to anyone who wants to build a high-speed dns cache server on the LAN.