Saturday, October 31, 2009

Rock Solid Ultra Fast & Light Caching DNS with Unbound

Okie,  Today we are going to make a caching dns to do all DNS query handling instead of our ISP's sicko DNS servers. 
Why caching DNS?


Why not caching DNS where the queries can get resolved at my network itself instead every time I open a site the dns queries traverse all the way from my network to ISP DNS Servers?
Dont you think its gona save some time and make my browsing faster?


Small doubt??? Ok lets try dns query with ISP DNS servers and our local caching DNS and see the time it can take once we have the local caching DNS server ready 


So ingredients for this local caching DNS are as follows


As usual all my notes are FreeBSD specific


My gateway -> FreeBSD 7.2 running squid and pf for basic firewalling and transparent proxying


my /etc/resov.conf
search  .com
nameserver




Now that ISP DNS ip address will be changed to 127.0.0.1 once  our caching dns starts


Ok Now the actual dns cache software that is Unbound
Now why unbound???


All we needed to run was a caching DNS and I don’t want an heavy full DNS server to implement just a small feature i.e. caching


Ok now lets get out hand dirty
My way of installation is always starts with compiling my own instead of installing from binary
Now custom compiling? 
Ans: I love to see my system churning out some crap compiling msgs LOL
Ok leave it there


Lets go to the ports and install from there


#cd /usr/ports/dns/unbound
make install clean


wait for some time to get it compiled and installed


Ok time to get configuration modified for our requirement
# cd /usr/local/etc/unbound
# cp unbound.conf.sample unbound.conf
#vi unbound.conf


Modify the following

  • Interface
  • eg. Interface 192.168.1.1
  • Outgoing-interface:
  • Cache-min-ttl
  •  Do-ip6 set if want ip 6
  • Access-control: 192.168.0.0/16 allow
  • Private-address: <192.168.0.0/16>
  • Private-domain:





Ok that must be enough to get the unbound working


Lets modify the /etc/rc.conf to get unbound loads every time when we restart the system


add at the end of /etc/rc.conf


unbound_enable="YES"


save and quit
Now lets check how much time our crapy ISP takes to resolve our dns query
#dig freebsd.org


note the Query time in msec it takes


Lets modify the /etc/resolv.conf
Remove the name server enrty and add
nameserver 127.0.0.1


Save and Quit
Lets start the unbound manually for the first time


/usr/local/etc/rc.d/unbound start


Ok if that starts without an error message then we are successful with unbound


Ok Here we go lets dig again 
#dig netbsd.org
See the time it took? Not happy? How about querying again
#dig netbsd.org 
See the Query Time it took????


So thats all for now
Enjoy and safe computing
Posted by at No comments:

Friday, October 23, 2009

Wanted to have Elevated privilages with su

from a normal user you wanted to switch to be a super user and at time you may find the su says sorry
Ok the issue is the current logged in user is not a member of wheel group.
Add the user to the wheel group by issueing the following command as root
#pw usermod -g wheel
eg. #pw usermod testuser -g wheel
Now try to login as the user and try to issue su, it must work now
So thats another tip I learned and sharing with you

Babs
Posted by at No comments:

Tuesday, October 20, 2009

Building Custom Kernel for a General Server in FreeBSD




The easiest way to to compile a system kernel is by installing source through running sysinstall as root then choose Configure -> Distribution -> Src and Choose only base and sys


Once the source is installed



Lets make customization to our kernel for this we will not modify the GENERIC options files instead lets copy it to another location and link it here and make all necessary modifications


#cd/usr/src/sys/i386/conf


#mkdir /root/kernel


#cp GENERIC /root/kernel/CUSTKERNL


#ln -s /root/kernel/CUSTKERNL


Open the file and make all necessary modifications


#vi CUSTKERNL



Below is the kernel options file I used while compiling for my squid proxy ( yeah I know its not perfect, but any suggestions are always welcome)



Ok done with customizing your kernel config?


Lets start the roll


First Lets Move to /usr/src directory

# cd /usr/src

Then issue the make command to build the kernel

#make -j4 buildkernel KERNCONF=CUSTKERNL


Q. why j?


A. Why not j? when I have a quad core system at my disposal why should I take a nap after giving make buildkernel command??


Ok Now its time to grab a coffee and snacks and watch some soccer on tv or browse some crap in net


Did you get the # prompt without any error? Then You are with me on right path


Lets install the kernel!!


#make -j4 installkernel KERNCONF=CUSTKERNL


Whoa!!!!!! Thats all it takes


Now if this is not exactly you got on ur screen then  google is ur friend :) or leave me a comment and I will try to get back to you.

So thats all for for
Just my 2 cents to compiling kernel under freebsd 7.2




Posted by at No comments:
Labels: ,
Subscribe to: Posts (Atom)