DNS

All posts tagged DNS

NSCD, what’s really going on under the hood?

Posted by phatdee on December 14, 2014
Posted in: Nscd. Tagged: , , . Leave a Comment

Name Server Cache Daemon (NSCD) is sometimes a little hard to tell is it working or not?  The only syntax available to the tool is the ability to view statistics which kind of helps but it doesn’t show what is actually in the cache which I think would be a nice feature to add..  Here’s a sample ‘hosts cache’ on one of our servers…

hosts cache:

yes cache is enabled
yes cache is persistent
yes cache is shared
211 suggested size
216064 total data pool size
11952 used data pool size
3600 seconds time to live for positive entries
20 seconds time to live for negative entries
288645 cache hits on positive entries
0 cache hits on negative entries
75914 cache misses on positive entries
229 cache misses on negative entries
79% cache hit rate
86 current number of cached values
224 maximum number of cached values
10 maximum chain length searched
0 number of delays on rdlock
0 number of delays on wrlock
0 memory allocations failed
yes check /etc/hosts for changes

The good thing about nscd is that most of the time, just installing the RPM should work for most people, there really isn’t any need to modify anything in the configuration in order to get it to work…the only issue is trying to figure out really what it’s doing as far as the DNS caching and looking at just the nscd -g stats doesn’t always show the full picture.

Trying to use DNS tools like host, dig, or nslookup will not benefit from using nscd as they will completely bypass this and attempt to hit DNS and will only look at your /etc/nsswitch config. And I do not believe there is any way to tell your using NSCD by just using those tools..  Here’s how you can see what’s in the caches /var/db/nscd you will find 5 files for each of the 5 default caches that are normally setup.

To find the values of any of these just use strings command on them..

strings hosts  or strings passwd

Now this doesn’t 100% add up to the full picture as it almost for me adds more questions , as if you try to clear the cache using nscd -i passwd, I would think that would clear this db file.. but it doesn’t , all the contents are still there but at least does help show what it is doing in the background a little more than just viewing the stats

 

TinyDNS: Sample data file with easy to understand comments.

Posted by phatdee on November 26, 2011
Posted in: DNS. Tagged: , , , . Leave a Comment

I tested this in my TinyDNS setup and worked great.

# verbose tinydns data file

#
# REVERSE ZONE
#
# (reverse) dns servers: primary and secondary
Z45.168.192.in-addr.arpa:ns.example.net:hostmaster.example.net::::::::

# NS records
&45.168.192.in-addr.arpa::ns.example.net:::
&45.168.192.in-addr.arpa::ns2.example.net:::

# MX handlers
@45.168.192.in-addr.arpa::relay.example.net:10
@45.168.192.in-addr.arpa::relay2.example.net:20

#
# FORWARD ZONE:
#
# SOA record: primary nameserver is ns.example.net and hostmaster
# mail address is hostmaster@example.net
# (the ‘Z’ configuration line is the only one that
# allows specifying the hostmaster mail address)
Zexample.net:ns.example.net:hostmaster.example.net::::::::

# NS records: primary and secondary nameservers
&example.net::ns.example.net:::
&example.net::ns2.example.net:::

# MX records: relay.example.net, distance = 10
# relay2.example.net, distance = 20
@example.net::relay.example.net:10
@example.net::relay2.example.net:20

# A records: ns.example.net, ns2.example.net
=ns.example.net:192.168.45.1:::
=ns2.example.net:192.168.45.2:::

# PTR records: relays are in the same hosts as dns servers
+relay.example.net:192.168.45.1:::
+relay2.example.net:192.168.45.2:::

# more A records: gateway.example.net
=gateway.example.net:192.168.45.254:::

# CNAME record: nscache.example.net is alias to gateway.example.net
Cnscache.example.net:gateway.example.net:::

#
# SUB DOMAIN DELEGATION
#

# NS record
&dmz.example.net::ns.dmz.example.net:::

# A/PTR record for nameserver
=ns.dmz.example.net:192.168.90.1:::