Djbdns Agent backend¶
Djbdns User documentation¶
This page documents the Agent backend for djbdns.
The agent runs on the same host as the tinydns resolver. It receives DNS messages from Mini DNS using private DNS OPCODEs and classes and creates or deletes zones in the data.cdb file using axfr-get and tinydns-data
Setting up Djbdns on Ubuntu Trusty¶
Assuming no DNS resolver is already installed, run as root:
set -u
datadir=/var/lib/djbdns
ug_name=djbdns
tinydns_ipaddr=127.0.0.1
[[ -d $datadir ]] && echo "$datadir already exists" && exit 1
set -e
apt-get update
apt-get install dbndns daemontools
if ! getent passwd $ug_name >/dev/null; then
adduser --quiet --system --group --no-create-home --home /nonexistent $ug_name
fi
tinydns-conf $ug_name $ug_name $datadir $tinydns_ipaddr
cd $datadir/root
tinydns-data data
chown -Rv $ug_name:$ug_name $datadir
Setup the a Systemd service or, alternatively, an initfile to start TinyDNS.
In the contrib/djbdns directory there are example files for both.
systemctl daemon-reload
service tinydns start
service tinydns status
If needed, create the rootwrap filters, as root:
cat > /etc/designate/rootwrap.d/djbdns.filters <<EOF
# cmd-name: filter-name, raw-command, user, args
[Filters]
tcpclient: CommandFilter, /usr/bin/tcpclient, root
axfr-get: CommandFilter, /usr/bin/axfr-get, root
EOF
# Check the filter:
sudo /usr/local/bin/designate-rootwrap /etc/designate/rootwrap.conf tcpclient -h
sudo /usr/local/bin/designate-rootwrap /etc/designate/rootwrap.conf axfr-get -h
Configure the “service.agent” and “backend.agent.djbdns” sections in /etc/designate/designate.conf
Look in designate.conf.example for examples.
Create an agent pool:
# Fetch the existing pool(s) if needed or start from scratch
designate-manage pool generate_file --file /tmp/pool.yaml
# Edit the file (see below) and reload it as:
designate-manage pool update --file /tmp/pool.yaml
The “targets” section in pool.yaml should look like:
targets:
- description: gdnsd agent
masters:
- host: <MiniDNS IP addr>
port: 5354
options: {}
options:
- host: <Agent IP addr>
port: 5358
type: agent
Testing¶
Create new zones and records. Monitor the agent logfile and the contents of the TinyDNS datadir. The data.cdb file should be receiving updates.
openstack zone create --email example@example.org example.org.
openstack recordset create example.org. --type A foo --records 1.2.3.4
dig example.org @<tinydns_ipaddr> SOA
dig foo.example.org @<tinydns_ipaddr> A