Resolving DNS service with pdns recursor

This note provides how to setup pdns recursor for resloving DNS service.

Install pdns recursor

rpm -ivh pdns-recursor-3.7.3-1.el6.x86_64.rpm

Create allow network db file

cat > /etc/pdns-recursor/allow-network-db <<EOF
#Default Allowed network
127.0.0.0/8
#Additional Allowed networks
EOF

Backup config file

cp -a /etc/pdns-recursor/recursor.conf /etc/pdns-recursor/recursor.conf.orig

Configure config file with allow network db list

cat > /etc/pdns-recursor/recursor.conf <<EOF
setuid=pdns-recursor
setgid=pdns-recursor
#################################
# allow-from-file       If set, load allowed netmasks from this file
#
# allow-from-file
allow-from-file=/etc/pdns-recursor/allow-network-db

#################################
# any-to-tcp    Answer ANY queries with tc=1, shunting to TCP
# any-to-tcp means queries from clients that ask for ANY will get redirected to TCP. It has no influence on the outgoing transport of the Recursor
# Default: no
any-to-tcp=yes

#################################
# local-address IP addresses to listen on, separated by spaces or commas. Also accepts ports.
#
local-address=0.0.0.0

#################################
# local-port    port to listen on
#
# local-port=53

#################################
# log-common-errors     If we should log rather common errors
#
log-common-errors=yes

Open firewall

sed -i -e '/#Add custom rules below/a #DNS recursor\n-A INPUT -p tcp --dport 53 -j ACCEPT\n-A INPUT -p udp --dport 53 -j ACCEPT' /etc/sysconfig/iptables
service iptables reload

Make sure service up upon reboot

chkconfig pdns-recursor on
service pdns-recursor start

Search This Blog

CT's Tech Notes

Resolving DNS service with pdns recursor

Comments

Post a Comment