Best Way to Set Up DNS Caching

cachednsperformancePROXY

In order to speed up DNS lookups, I want to install a DNS cache or proxy.

I can see at least three programs I think will do the job: bind9, pdnsd, or dnsmasq.

I would like to make sure that if I install one of I do not leave it poorly configured from a performance or security point of view. So, what would people recommend, and are there any configuration changes I should immediately make after installing?

Best Answer

Install bind9
Point resolv.conf to 127.0.0.1

To do this follow this steps:

To Install Bind9

Open "Ubuntu Software Center" (Applications->Ubuntu Software Center)
Search for bind9
Check to display "Technical Items"
Mark bind9 and install it

Update /etc/resolv.conf

Open Network Manager (System->Preferences->Network Manager)
Find your connection and edit it (wired or wireless)
Toggle "IPV4 configuration" tab
On "DNS Servers" field write 127.0.0.1

It's done!

To test

Open gnome-terminal (Applications > Accessories > Terminal ) and type

dig ubuntu.com

(if you don't have it, install dnsutils package as explained to bind9)

Check the last answers, as an example:

My first query at ubuntu.com

;; Query time: **209 msec**
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Jan 22 12:20:12 2011
;; MSG SIZE  rcvd: 196

My second query:

;; Query time: **0 msec**
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Jan 22 12:18:23 2011
;; MSG SIZE  rcvd: 156

The server 127.0.0.1 means that you're resolving locally. Take a look in query time (surrounded by **) , the second one is cached.

Related Solutions

Ubuntu – How to enable DNS caching in the NetworkManager-controlled dnsmasq

In Ubuntu 12.10 you can enable the cache of the NetworkManager-controlled dnsmasq instance by putting the line

cache-size=1000

(with your preferred number of names instead of 1000) in a new file in /etc/NetworkManager/dnsmasq.d/. To activate this change you must then do

sudo stop network-manager
sudo killall dnsmasq
sudo start network-manager

or reboot.

Ubuntu – how to setup split-dns for vpn with network-manager

To get the D-Bus controlled dnsmasq that NetworkManager runs to use different DNS servers, there are the following options (obviously adjust domains and IP addresses in the examples):

Add a file to /etc/NetworkManager/dnsmasq.d that sets the DNS server for the subnet you want: myvpn-server.conf could contain server=/myvpn.domain.com/10.8.4.9. This will always be respected by dnsmasq even when not connected to the VPN, in which case queries for these domains should time out. Disadvantage is that you need to specify the IP address statically, advantage is simplicity
Use D-Bus to talk directly to dnsmasq to tell it to update the servers using something like sudo dbus-send --system --print-reply --dest=org.freedesktop.NetworkManager.dnsmasq /uk/org/thekelleys/dnsmasq uk.org.thekelleys.SetDomainServers "array:string:192.168.0.1,/myvpn.domain.com/10.8.4.9". This could be scripted when the vpn connects. You'd need to look up existing DNS servers (the 192.168.0.1 in my example) over D-Bus or using nm-cli
Use D-Bus to talk to Network Manager itself and tell it to update the servers. Here's an example of doing this using Python which would require some work to include the current servers.

I'm using the first option and have only tried preliminary versions of the other two

Best Answer

Related Solutions

Ubuntu – How to enable DNS caching in the NetworkManager-controlled dnsmasq

Ubuntu – how to setup split-dns for vpn with network-manager

Related Question