djbdns uses the dnscache program as a caching server. This typically listens to a port on the IP address of the computer hosting it, and is what that Client's /etc/resolv.conf points at.

Djbdns uses the tinydns program as an authority server that translates between names and IP addresses on the subnet. This typically listens to a port on 127.0.0.1 and typically, but not always, is queried only by the caching DNS (that's dnscache) on the same machine.

You can get dnscache to query tinydns by putting tinydns' IP address (127.0.0.1) as the contents of a file with a filename like domain_name.tld inside the dnscache/root/servers directory. When dnscache asks about a URL ending with domain_name.tld, it queries the IP address of domain_name.tld to find the IP address of the URL. There's a similar provision for reverse lookup on the subnet of the domain (in this case 192.168.100), where 127.0.0.1 is placed in a file called 100.168.192.in-addr.arpa.

In other words, the caching server (dnscache) and the authoritative server (tinydns) are completely distinct. They work quite well without each other, and they can be troubleshot independently of each other! That's a huge advantage when debugging.

'Introduction' copied from http://www.troubleshooters.com/linux/djbdns/index.htm

Configuration

Credits : http://www.howtoforge.com/clean-djbdns-dns-server-on-centos-dnscache-and-tinydns-a-to-z

Installing daemon tools

[root@a ~]# hostname -f
a.ns.shadow.com
[root@a ~]# yum install gcc
[root@a ~]# mkdir pkg
[root@a ~]# cd pkg/
[root@a ~]# wget http://cr.yp.to/daemontools/daemontools-0.76.tar.gz
[root@a ~]# tar xzf daemontools-0.76.tar.gz
[root@a ~]# cd admin/daemontools-0.76/
[root@a daemontools-0.76]# nano src/conf-cc -w

Append the following line at the end of the gcc line:

-include /usr/include/errno.h

[root@a daemontools-0.76]# ./package/install 

Installing ucspi

[root@a daemontools-0.76]# cd -
/root/pkg
[root@a pkg]# wget http://cr.yp.to/ucspi-tcp/ucspi-tcp-0.88.tar.gz
[root@a pkg]# tar xzf ucspi-tcp-0.88.tar.gz 
[root@a pkg]# cd ucspi-tcp-0.88
[root@a ucspi-tcp-0.88]# nano -w conf-cc

Append the following line at the end of the gcc line:

-include /usr/include/errno.h

[root@a ucspi-tcp-0.88]# make
[root@a ucspi-tcp-0.88]# make setup check
./install
./instcheck

Installing djbdns

[root@a ucspi-tcp-0.88]# cd -
/root/pkg
[root@a pkg]# wget http://cr.yp.to/djbdns/djbdns-1.05.tar.gz
[root@a pkg]# tar xzf djbdns-1.05.tar.gz 
[root@a pkg]# cd djbdns-1.05
[root@a djbdns-1.05]# nano -w conf-cc

Append the following line at the end of the gcc line:

-include /usr/include/errno.h

[root@a djbdns-1.05]# make
[root@a djbdns-1.05]# make setup check
./install
./instcheck

Create system users to run dnscache

[root@a djbdns-1.05]# useradd -d /var/dnscache -s /bin/false dnscache
[root@a djbdns-1.05]# useradd -d /var/dnscache -s /bin/false dnslog
useradd: warning: the home directory already exists.
Not copying any file from skel directory into it.

Configure the cache:

[root@a djbdns-1.05]# dnscache-conf dnscache dnslog /var/dnscache/dnscache 192.168.122.240

Allow the rest of your network to query dnscache

[root@a djbdns-1.05]# touch /var/dnscache/dnscache/root/ip/192.168.122

Add dnscache to the list of services to be monitored by svscan:

 
[root@a djbdns-1.05]# ln -sf /var/dnscache/dnscache /service/

Create system users to run tinyDNS

[root@a djbdns-1.05]# useradd -d /var/dnscache -s /bin/false tinydns
useradd: warning: the home directory already exists.
Not copying any file from skel directory into it.
[root@a djbdns-1.05]# useradd -d /var/dnscache -s /bin/false tinylog
useradd: warning: the home directory already exists.
Not copying any file from skel directory into it.

Setting up zone records

[root@a djbdns-1.05]# tinydns-conf tinydns tinylog /var/dnscache/tinydns 127.0.0.1
[root@a djbdns-1.05]# cd /var/dnscache/tinydns/root
[root@a root]# 
[root@a root]# ./add-ns shadow.com 192.168.122.240
[root@a root]# ./add-ns 122.168.192.in-addr.arpa 192.168.122.240
[root@a root]# ./add-host ns.shadow.com 192.168.122.240
[root@a root]# ./add-host web.shadow.com 192.168.122.77
[root@a root]# ./add-host nas.shadow.com 192.168.122.122
[root@a root]# 
[root@a root]# cat data 
.shadow.com:192.168.122.240:a:259200
.122.168.192.in-addr.arpa:192.168.122.240:a:259200
=ns.shadow.com:192.168.122.240:86400
=web.shadow.com:192.168.122.77:86400
=nas.shadow.com:192.168.122.122:86400
[root@a root]# 
[root@a root]# ls data*
data

Apply changes to zone data in .cdb format

[root@a root]# make
/usr/local/bin/tinydns-data
[root@a root]# ls data*
data  data.cdb
[root@a root]# 

Enable service

Enable and disable are done by symlink

[root@a root]# ln -sf /var/dnscache/tinydns /service

[root@a root]# netstat -ntulp | grep 53
tcp        0      0 192.168.122.240:53          0.0.0.0:*                   LISTEN      4859/dnscache       
udp        0      0 127.0.0.1:53                0.0.0.0:*                               5258/tinydns        
udp        0      0 192.168.122.240:53          0.0.0.0:*                               4859/dnscache       
[root@a root]# 

Query TinyDNS server directly using dnsq utility provided by djbdbns

[root@a root]# dnsq a web.shadow.com 127.0.0.1
1 web.shadow.com:
83 bytes, 1+1+1+1 records, response, authoritative, noerror
query: 1 web.shadow.com
answer: web.shadow.com 86400 A 192.168.122.77
authority: shadow.com 259200 NS a.ns.shadow.com
additional: a.ns.shadow.com 259200 A 192.168.122.240

[root@a root]# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.

127.0.0.1		localhost.localdomain localhost
192.168.122.240         a.ns.shadow.com

[root@a root]# echo "nameserver a.ns.shadow.com" > /etc/resolv.conf 

Set our TinyDNS server as authoritative server for shadow.com domain.Otherwise dnscache will query root nameservers for authoritative servername

[root@a root]# echo "127.0.0.1" > /var/dnscache/dnscache/root/servers/shadow.com
[root@a root]# echo "127.0.0.1" > /var/dnscache/dnscache/root/servers/122.168.192.in-addr.arpa

To apply changes

[root@a root]# svc -t /service/dnscache/

Get service status

[root@a root]# svstat /service/tinydns/
/service/tinydns/: up (pid 5258) 577 seconds
[root@a root]# svstat /service/dnscache/
/service/dnscache/: up (pid 6329) 49 seconds
[root@a root]# 

Starting and stopping services

[root@a root]# svc -d  /service/dnscache/
[root@a root]# svstat /service/dnscache/
/service/dnscache/: down 3 seconds, normally up
[root@a root]# svc -u  /service/dnscache/
[root@a root]# svstat /service/dnscache/
/service/dnscache/: up (pid 6553) 2 seconds

The file /var/dnscache/dnscache/root/servers/@ contains IP address of root name servers in Internet

[root@a root]# cat /var/dnscache/dnscache/root/servers/@
198.41.0.4
128.9.0.107
192.33.4.12
128.8.10.90
192.203.230.10
192.5.5.241
192.112.36.4
128.63.2.53
192.36.148.17
198.41.0.10
193.0.14.129
198.32.64.12
202.12.27.33

[root@a root]# netstat -ntulp | grep 53
tcp        0      0 192.168.122.240:53          0.0.0.0:*                   LISTEN      7093/dnscache       
udp        0      0 192.168.122.240:53          0.0.0.0:*                               7093/dnscache       
udp        0      0 127.0.0.1:53                0.0.0.0:*                               5258/tinydns        

Try querying tinyDNS directly

[root@a root]# dig +short @127.0.0.1 nas.shadow.com
192.168.122.122

[root@a root]# svc -d /service/dnscache/
[root@a root]# svc -u /service/dnscache/

Try querying authoritative records through dnscache

[root@a root]# dig +short @192.168.122.240 nas.shadow.com
192.168.122.122

Perform recursive queries

[root@a root]# dig +short @192.168.122.240 yale.edu
130.132.35.53
[root@a root]# dig +short @192.168.122.240 fb.com
66.220.158.11
69.171.242.11
69.171.229.11
69.171.224.11
66.220.149.11

Adding second nameserver

Add new record for testing

[root@a ~]# cd /var/dnscache/tinydns/root/
[root@a root]# ./add-host basil.shadow.com 192.168.122.99

Reload configuration

[root@a root]# svc -t /service/dnscache

[root@a root]# dig +short @192.168.122.240 basil.shadow.com
192.168.122.99

Copy data.cdb to second machine

[root@a root]# scp /var/dnscache/tinydns/root/data.cdb root@192.168.122.120:/var/dnscache/tinydns/root/
root@192.168.122.120's password: 
data.cdb                                      100% 3425     3.3KB/s   00:00 

on second machine

[root@b ~]# svc -t /service/*
[root@b ~]# dig +short @127.0.0.1 basil.shadow.com
192.168.122.99

Automating zone transfers

on a.ns.shadow.com (master)

[root@a root]# nano /service/tinydns/root/Makefile
[root@a root]# cat /service/tinydns/root/Makefile
data.cdb: data
	/usr/local/bin/tinydns-data && /usr/bin/rsync -az -e ssh data.cdb 192.168.122.120:/service/tinydns/root/data.cdb && ssh root@192.168.122.120 "svc -t /service/*"
[root@a root]# make
/usr/local/bin/tinydns-data && /usr/bin/rsync -az -e ssh data.cdb 192.168.122.120:/service/tinydns/root/data.cdb && ssh root@192.168.122.120 "svc -t /service/*"
root@192.168.122.120's password: 
root@192.168.122.120's password: 

Try Querying secondary server

[root@b ~]# dig +short @b.ns.shadow.com wins.shadow.com
192.168.122.88

References

• http://www.lifewithdjbdns.com/

• http://www.howtoforge.com/perfect-djbdns-setup-on-ubuntu8.04-amd64

• http://cr.yp.to/djbdns/run-server.html