# dnscache & tinydns (djbdns) structure

## carl_f

I think I understand the way this system works - dnscache does remote lookups and caches the results. Fine. To run my own internal DNS I need to run tinydns - but how do I integrate the two?

Do I utilise dnscache as my main dns resolver, and have it refer to tinydns as the first root server so that internal DNS (which may not be publicly registered DNS) is resolved by tinydns first, and then all other requests fall back to the other (public) root servers that are specified in /etc/dnscache/root/@

I am a tad confused but does anyone see what's confusing me? Tinydns will not handle external requests so it seems I must utilise dnscache for answering my queries (both local for 127.0.0.1 (e.g. for qmail) and for the workstations on my network).

I hope someone can shed some light, just the theory of how it 'plugs' together would be great.

cheers,

Carl

----------

## alinv

Don't include your tinydns ip in the @ file, or you'll get dns delays and instability. Just add to root/servers a file named after your domain containing tinydns ip:

```

echo 1.2.3.4 > /path/to/dnscache/root/servers/mydomain.dom

```

----------

## carl_f

thank you! That makes good sense. Ony problem I have now is that the machine only has the 1 ip (192.168.253.254) and of course 127.0.0.1

Do I have tinydns listen on 127.0.0.1, and then make sure that the machines own /etc/resolv.conf tells it to resolve on 192.168.253.254 where dnscache listens? Or would you create an alias on the loopback net such as lo:1 ?

----------

## Plaz

 *carl_f wrote:*   

> Do I have tinydns listen on 127.0.0.1, and then make sure that the machines own /etc/resolv.conf tells it to resolve on 192.168.253.254 where dnscache listens?

 

I do exactly that and it works great here.

----------

## Arno

Hi,

I have a related question:

I need to setup a public DNS server which has to resolve queries (dnscache) and provide auth. DNS (tinydns).

Should I have dnscache listening on an IP and have tinydns listening on an IP alias, like this:

  dnscache: eth0 1.2.3.4

  tinydns: eth0:0 1.2.3.5

Thanks.

----------

## ben

Hi,

Ususally dnscache is used by client machine to resolve name, and those machines are in an internal network (with private addresses), unless you are an ISP. Therefore you will usually set-up dnscache to listen to the internal private IP and tinydns to answer query from outside (public IP).

Beside I think is is explicitly written that dnscache and tinydns cannot listen to the same ip. So if you really need to let everybody resolve name from you (say you are an ISP) you will have to make one of them listen to an alias. You will need to tell your customer to put dnscache IP address as DNS resolver, and you will have to make sure dnscache query tinydns for all your domain entries (as described by others in this thread.

Hope this help

Ben

----------

## Arno

OK, this makes senses. Thanks.

----------

## Qubax

maybe you want to have a look here http://puzzling.org/computing/help/djb

----------

## puke

Do a google search for djbdns split-horizon.

You want dnscache listening on your internal interface.  tinydns-private (rename the service) on 127.0.0.1, and tinydns-public on your public interface.  (I think)

This gives you two databases, one public, one private, with your internal hosts using your private dns and your external hosts using public dns.

----------

