On 4/30/07, Bob Goodwin - W2BOD <bobgoodwin@xxxxxxxxxxxx> wrote:
Fennix wrote:
>
> Tim, I am also curious about this question. Previously I had tried
> enabling logging via the named.caching-nameserver.conf file and had
> creeated empty files for the logs but these files have never been
> updated by named. From your message I have tried running the mdc
> command but it is not found. Tried to 'locate mdc' and no useful
> result. I do have the caching-name-server installed...
> named 2364 1 0 Apr27 ? 00:00:09 /usr/sbin/named -u
> named -c /etc/named.caching-nameserver.conf
> which should be the same basic setup as Bob Goodwin's. Now I am
> trying to see where the mdc command should come from using "yum
> whatprovides mdc".
>
> My logging (which is not working as yet) configuration from
> named.caching-nameserver.conf is as follows:
>
> # specify log files for different categories
> #
> logging {
> channel ch_default {
> file "/var/named/log_default";
> severity info;
> print-category yes;
> print-severity yes;
> print-time yes;
> };
> channel ch_security {
> file "/var/named/log_security";
> severity info;
> print-severity yes;
> print-time yes;
> };
> channel ch_queries {
> file "/var/named/log_queries";
> severity info;
> print-time yes;
> };
> category default { ch_default; };
> category security { ch_security; };
> category lame-servers { null; };
> category xfer-in { null; };
> category queries { ch_queries; };
> };
>
>
Where did these lines come from? I don't see the in my conf file,
thought they might be there commented out but no.
>
> UPDATE: I have finaly figured out the logging issue as being an
> ownership problem with the log files. Now I have changed them to
> named user and group. Bob, using logging may be a partial answer
> for for you about what queries are hitting your nameserver. This will
> not tell you what information is still current in your cache though.
> I do hope that this may be of some help to you. (Still am waiting for
> the results of my yum query....)
>
>
And the following did not make it to this list:
On Sat, Apr 28, 2007 at 14:44:33 -0400,
Bob Goodwin - W2BOD <bobgoodwin@xxxxxxxxxxxx> wrote:
> >
> > After a lot of groping around I finally realized that while they use the
> > dns provided by Wildblue our isp I use some different servers that I
> > found, open dns or some such, and apparently they have collected the
> > data before the isp's server?
>
Each ISP will have its own caching servers. You don't even need to use
those if you don't want. If you are running your own caching nameserver
locally, you can just use that. It can be configured to search from
the root down instead of going through your ISP's caching server.
However some ISP's will set up hidden proxies and force you to use their
caches. This can cause problems if you want to use one of the alternate
DNS roots.
> > Does the data collected by the caching-nameserver survive a shutdown and
> > reboot over night? If the computer is not shutdown how long do the
> > records remain? Presumably they are deleted at some point in time since
> > they are subject to change?
>
Whether the cached data survives a reboot depends on the cache. However,
there may not be much point if you shut down overnight. Many DNS records
have a timeout in the range of minutes to hours and they would need to be
fetched again in any case.
> > I've been reading whatever I can find but haven't found the answers to
> > these questions. Again there is no real problem, just questions.
>
You can read some stuff about DNS at:
http://cr.yp.to/djbdns.html
Now another question comes to mind, my resolv.conf is as follows:
cat /etc/resolv.conf
nameserver 127.0.0.1
nameserver 208.67.222.222 # OPENDNS.COM
nameserver 208.67.220.220 # OPENDNS.COM
nameserver 12.189.32.61 # Wildblue dns
I am assuming that it will go through the local cache first, then drop down through the servers specified sequentially until it hits? Am I right in that assumption?
This computer finds the new .com web address, but from my daughters Mac and the others on the Wildblue dns they still have to enter the address numerically. The hosting company said it should work within 48 hours, worst case 72 ... Mine worked almost immediately.
Whatever this seems to be working well especially since getting /var/named/chroot/etc/blocking.conf populated with bothersome advertisers. Initially it would take a minute or so to display a news item and now that's reduced to 3 to 6 seconds typically without collecting all those ad's [which were not displayed but still sent].
Other than that I am overwhelmed with information on this subject and it will take me some time to sort it out. Thanks to everyone.
Bob Goodwin
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Bob,
Those lines I had added (found via google) to to enable logging for tracking what queries were hitting my DNS server along with the 3 log files in /etc/named/ to capture the data. The rest of my configuration I have left as the stock install. My only other change was to resolv.conf to insert the server directive to point to 127.0.0.1.
I also really had wanted to add Tim's configuration for blocking.conf but I seem to have missed some important detail in his instructions to do this successfully.