Tag Archives: resolver

PDNSD Reclaimed

Posted on September 2, 2012 | Leave a comment

!Update – In addition to the servers provided by my isp, I added Google’s and OpenNICs public dns servers. I found the links to these here.

I recently had some issues with my windows machines. At times I found that DNS lookups were taking too long – which is why I’d installed PDNSD on my Linux server in the first place.

And coincidentally a friend complained that she was unable to access “Microsoft.com” and other Microsoft websites. Odd eh? After some online research I had two probable causes, and the simplest fix was to disable the windows client DNS cache resolver. I looked up how to do it and from the command line (with admin privileges) the command is simple

sc stop dnscache

And that fixed the issue for her and for me after a restart!

After that I decided that since I hadn’t really worked on my PDNSD config for a long while, I needed to revisit it. After some poking around here’s the final version of my conf file. I’ve set the name servers of my provider here as 1.1.1.1 and my server as 192.168.1.1  for confidentiality, so you’ll have to fix these before you’re able to use this file.

Here’s the reference I used to work on my pdnsd.conf.

/* Note: this file is overridden by automatic config files when
   /etc/default/pdnsd AUTO_MODE is set and that
   /usr/share/pdnsd/pdnsd-$AUTO_MODE.conf exists
 */

global {
    perm_cache=12048;
    cache_dir="/var/cache/pdnsd";
    run_as="pdnsd";
    server_ip = 192.168.1.1;  // Use eth0 here if you want to allow other 
                // machines on your network to query pdnsd.
    status_ctl = on;
      paranoid=on;
//    query_method=tcp_udp;    // pdnsd must be compiled with tcp
                // query support for this to work.
    min_ttl=90m;       // Retain cached entries at least 15 minutes.
    max_ttl=1w;       // One week.
    neg_ttl=5;        // for bad queries
    timeout=0;        // Global timeout option (10 seconds).

        // Don't enable if you don't recurse yourself, can lead to problems
        // delegation_only="com","net";

// additional settings from archwiki https://wiki.archlinux.org/index.php/Pdnsd#Initial_preparation
    neg_rrs_pol=on;
    par_queries=1;
}


// This section is meant for resolving from root servers.
server {
    label = "my-servers";
    root_server=off;
    ip =     1.1.1.1
    ,    1.1.1.1
//    ,    192.33.4.12
//    ,    128.8.10.90
//    ,    192.203.230.10
//    ,    192.5.5.241
//    ,    192.112.36.4
//    ,    128.63.2.53
//    ,    192.36.148.17
//    ,    192.58.128.30
//    ,    193.0.14.129
//    ,    198.32.64.12
//    ,    202.12.27.33
    ;
    timeout = 600;
    uptest = query;
    interval = 30m;      // Test every half hour.
    ping_timeout = 300;  // 30 seconds.
    purge_cache = off;
    exclude = .localdomain;
    policy = included;
    preset = off;
    proxy_only=on;
}

source {
    owner=localhost;
//    serve_aliases=on;
    file="/etc/hosts";
}

rr {
    name=localhost;
    reverse=on;
    a=127.0.0.1;
    owner=localhost;
    soa=localhost,root.localhost,42,86400,900,86400,86400;
}


neg {
    name=doubleclick.net;
    types=domain;   // This will also block xxx.doubleclick.net, etc.
}

Leave a comment

Posted in Tech

Tagged , , , , , , ,