Resolving DNS service with pdns recursor

This note provides how to setup pdns recursor for resloving DNS service.

Install pdns recursor

rpm -ivh pdns-recursor-3.7.3-1.el6.x86_64.rpm
Create allow network db file
cat > /etc/pdns-recursor/allow-network-db <<EOF
#Default Allowed network
127.0.0.0/8
#Additional Allowed networks
EOF
Backup config file
cp -a /etc/pdns-recursor/recursor.conf /etc/pdns-recursor/recursor.conf.orig
Configure config file with allow network db list
cat > /etc/pdns-recursor/recursor.conf <<EOF
setuid=pdns-recursor
setgid=pdns-recursor
#################################
# allow-from-file       If set, load allowed netmasks from this file
#
# allow-from-file
allow-from-file=/etc/pdns-recursor/allow-network-db

#################################
# any-to-tcp    Answer ANY queries with tc=1, shunting to TCP
# any-to-tcp means queries from clients that ask for ANY will get redirected to TCP. It has no influence on the outgoing transport of the Recursor
# Default: no
any-to-tcp=yes

#################################
# local-address IP addresses to listen on, separated by spaces or commas. Also accepts ports.
#
local-address=0.0.0.0

#################################
# local-port    port to listen on
#
# local-port=53

#################################
# log-common-errors     If we should log rather common errors
#
log-common-errors=yes
Open firewall
sed -i -e '/#Add custom rules below/a #DNS recursor\n-A INPUT -p tcp --dport 53 -j ACCEPT\n-A INPUT -p udp --dport 53 -j ACCEPT' /etc/sysconfig/iptables
service iptables reload
Make sure service up upon reboot
chkconfig pdns-recursor on
service pdns-recursor start

Comments