caching_only_dns
Inhaltsverzeichnis
Caching only DNS
Installation auf Ubuntu 24.04
- 1. Prüfen ob systemd-resolved bereits aktiv ist:
systemctl status systemd-resolved
- 2. Konfiguration anpassen:
sudo vim /etc/systemd/resolved.conf
- 3. Diese Einstellungen aktivieren:
[Resolve] DNS=8.8.8.8 1.1.1.1 Cache=yes DNSStubListener=yes
- 4. Service neu starten:
sudo systemctl restart systemd-resolved sudo systemctl enable systemd-resolved
- 5. DNS-Konfiguration aktualisieren:
sudo ln -sf /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf
Installation auf Ubuntu 16.04
> apt install bind9 bind9utils
- /etc/default/bind9
# run resolvconf? RESOLVCONF=no # startup options for the server OPTIONS="-4 -u bind"
- /etc/bind/named.conf.options
// // Caching only DNS Server // https://fxdata.cloud/tutorials/configure-bind-as-a-caching-or-forwarding-dns-server-on-ubuntu-14-04 // //acl goodclients { // 10.10.0.9; // 127.0.1.1; // 127.0.0.1; // localhost; // localnets; //}; acl goodclient { localhost; localnets; }; options { directory "/var/cache/bind"; // If there is a firewall between you and nameservers you want // to talk to, you may need to fix the firewall to allow multiple // ports to talk. See http://www.kb.cert.org/vuls/id/800113 // If your ISP provided one or more IP addresses for stable // nameservers, you probably want to use them as forwarders. // Uncomment the following block, and insert the addresses replacing // the all-0's placeholder. // forwarders { // 0.0.0.0; // }; recursion yes; // allow-query { // goodclients; // }; forwarders { 8.8.8.8; // Google DNS 1 4.4.4.4; // Google DNS 2 1.1.1.1; // popular DNS }; forward only; //======================================================================== // If BIND logs error messages about the root key being expired, // you will need to update your keys. See https://www.isc.org/bind-keys //======================================================================== //dnssec-validation auto; dnssec-enable yes; dnssec-validation yes; auth-nxdomain no; # conform to RFC1035 //listen-on-v6 { any; }; listen-on-v6 { none; }; #----------------------------------------------------------------------# query-source address * port 53; listen-on { 127/8; }; allow-query { goodclient; }; };
> service bind9 restart
Installation auf Ubuntu 14.04
> apt install bind9 bind9utils
- /etc/default/bind9
# run resolvconf? RESOLVCONF=no # startup options for the server OPTIONS="-4 -u bind"
- /etc/bind/named.conf.options
// // Caching only DNS Server // https://fxdata.cloud/tutorials/configure-bind-as-a-caching-or-forwarding-dns-server-on-ubuntu-14-04 // //acl goodclients { // 10.10.0.9; // 127.0.1.1; // 127.0.0.1; // localhost; // localnets; //}; options { directory "/var/cache/bind"; // If there is a firewall between you and nameservers you want // to talk to, you may need to fix the firewall to allow multiple // ports to talk. See http://www.kb.cert.org/vuls/id/800113 // If your ISP provided one or more IP addresses for stable // nameservers, you probably want to use them as forwarders. // Uncomment the following block, and insert the addresses replacing // the all-0's placeholder. // forwarders { // 0.0.0.0; // }; recursion yes; // allow-query { // goodclients; // }; forwarders { 8.8.8.8; }; //forward only; //======================================================================== // If BIND logs error messages about the root key being expired, // you will need to update your keys. See https://www.isc.org/bind-keys //======================================================================== //dnssec-validation auto; dnssec-enable yes; dnssec-validation yes; auth-nxdomain no; # conform to RFC1035 //listen-on-v6 { any; }; listen-on-v6 { none; }; #----------------------------------------------------------------------# query-source address * port 53; listen-on { 127/8; }; };
> service bind9 restart
/home/http/wiki/data/pages/caching_only_dns.txt · Zuletzt geändert: von manfred