On Saturday 25 September 2004 12:26 am, Geoff Nordli wrote: > [EMAIL PROTECTED] wrote: > > On Friday 24 September 2004 06:34 pm, Geoff Nordli wrote: > >> My understanding is if you have specific domains that you would like > >> resolved then you have to populate the /etc/dnscache/root/servers/ > >> directory with the name of domains and the servers that are able to > >> resolve those domains. Tinydns is resolving my domaina.com so I > >> created the domaina.com file in the /etc/dnscache/root/servers and > >> entered 127.0.0.1. So when dnscache gets a request for domaina.com > >> it will pass that on to the server residing on 127.0.0.1.
Nah, you are really supposed to allow tinydns to resolve all names and add your private information records to it. Dnscache only caches the names and ip addresses and all requests (not cached) are passed to tinydns. This does not mean that tinydns is publically available (like I am running it), but only privately available in this setup if I understand what you are doing. > I read through the jnilo's page about the dns and everything was configured > OK. I installed the daemontl.lrp package as per the documentation. One of > the nice things about Leaf/Bering is the great documentation, especially > the shorewall configuration. I would agree there. :) > BTW tinydns and dnscache binding to the same ports had me stumped for a > couple of hours. Though it was so obvious after I figured it out. Maybe > this is something that should be added to the documentation when > downloading tinydns. There is archived in the list. I was under the impression that it was added to the tinydns section, but I haven't read over the docs in quite a while. > I added the /etc/dnscache/root/servers/* to the dnscache.list file and did > a backup. It looks like the files were backed up OK. I won't know for > sure until I do a reboot next week. If this is the correct fix then it > should also be added to the dnscache docs. That is a simple hack, but not correct. It depends on how dnscache (or any of DJB's software) is supervised. In the case of LEAF, daemontools is used which is very much it's own entity. The "/etc/dnscache/env/IP" and "/etc/dnscache/env/IPQUERY" files should be used instead as they are on the lrcfg menu. This allows daemontools to add the proper configuration when the /etc/dnscache/root/servers/ files are created on the fly. The documentation can really be confusing with DJB's software because of all the different programs that have been used to supervise with. I doubt your changes will be there on reboot, but then again your looking at a 50/50 chance at this point. Personally, I would fix the problem with tinydns and stay rfc compliant. > Thanks for all your time. > > Have a great weekend. NP, you have a great weekend as well! :) -- ~Lynn Avants Linux Embedded Appliance Firewall Developer http://leaf.sourceforge.net http://guitarlynn.homelinux.org:81 ------------------------------------------------------- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
