# rpm -qa | grep bind redhat-config-bind-1.9.0-13 bind-utils-9.2.1-16 ypbind-1.11-4 bind-9.2.1-16 <-- This is the package we need # rpm -qa | grep caching caching-nameserver-7.2-7 # rpm -qi caching-nameserver (gives a description of the package) # rpm -ql caching-nameserver (shows which files it contains)
# /etc/rc.d/init.d/named start # ps auxwww | grep named # tail /var/log/messages Check for successful startup, no error messages
Edit /etc/resolv.conf as follows:
search espe.edu.ec nameserver 127.0.0.1 #nameserver 220.127.116.11 #nameserver 18.104.22.168
Remove any existing 'nameserver' lines, or comment them out by inserting '#' at the front as shown above.
Issue a query. Make a note of whether the response has the 'aa' flag set. Look at the answer section, note the TTL of the answer. Note how long the query took to process.
Then repeat the exact same query, and note the information again.
# dig yahoo.com. Does it have the 'aa' flag? ______ What is the TTL of the answer? ______ seconds How long is the Query Time? ______ milliseconds # dig yahoo.com. Does it have the 'aa' flag? ______ What is the TTL of the answer? ______ seconds How long is the Query Time? ______ milliseconds
Repeat it a third time. Can you explain the differences?
Try sending some queries to your neighbour's cache. (If this fails, it may be a problem with IP firewalling)
You can take a snapshot of the cache contents like this:
# /usr/sbin/rndc dumpdb # less /var/named/named_dump.db
(Don't do this on a busy cache - you will generate a huge dump file!)
You can watch the cache making queries to the outside world using 'tcpdump' in a different window
# tcpdump -n -s1500 -i eth0 udp port 53
While this is running, in the first window flush your cache (so it forgets all existing data)
# rndc flush # dig yahoo.com. -- and watch tcpdump output. What do you see? # dig yahoo.com. -- watch tcpdump again. This time?
(If you have extra time)
Following the examples on the presentation, create an acl which restricts access to your cache to your machine only. Get someone else to try to resolve names using your cache. Remember: