Update on running your own recursive nameserver

I upgraded my system to Ubuntu 10.10 today and was surprised to find out that bind refused to start.

After a bit of investigation (without internet access because I decided not to fall back on a temporary nameserver), I found out the correct form the configuration file had to take. I still  don’t understand why it worked in the previous version when it now looks like it was erroneous.

Anyway, the updated and functional file can be found at http://nucco.org/files/named.conf.options

On a side note, my system feels a whole lot snappier right now. Yeap, that’s puzzling as well.


Random Quote:
Say something you’ll be sorry for, I love receiving apologies.

Running Your Own Recursive Nameserver on Ubuntu 10.04 (Lucid)

I got tired of my ISP’s annoying DNS servers that redirect me to search results I don’t want, complete with advertising, every time I mistype a domain name in the browser. So I changed my nameservers to google’s public DNS. I even set up a simple caching nameserver on my system in a bid to improve performance.

This met my needs, because Google doesn’t re-direct non-existent domains. The only problem is that I think google knows quite enough about me already. I don’t need to feed them a list of all the sites I interact with.

So, in part inspired by my recent adventures with name servers, as well as a suggestion by someone in #dns on irc.freenode.net about it not being rocket science to run your own recursive nameserver, I (yea) searched google, and ended up with an interesting set of instructions, which I didn’t need to follow to the letter.

They are here: http://ftp.isc.org/isc/pubs/tn/isc-tn-2007-1.html

On my Ubuntu 10.04 system, all I needed to edit the configuration file, found at /etc/bind/named.conf.options . Remember to install the package ‘bind9’ first :).

I added the following lines, which were of course, dubbed from the ISC site linked a few paragraphs earlier.

controls { 
    inet 127.0.0.1 allow { localhost; }
keys { "rndc-key";}
};

and in the "options {" block, I added the following:

allow-query { 
localhost; localnets; };
listen-on { any; };

Then I added a third block

view "default-recursive" { 
    match-clients { localhost; localnets; };
    match-destinations { localhost; localnets; };
    recursion yes;
}

Saved the configuration file, and then restarted bind ( sudo service bind9 restart )

Finally, I changed my network settings, putting in 127.0.0.1 as the nameserver/DNS server.

Tested, and everything fine.

For a slightly finer explanation of the configuration files, at least the parts that matter, and to the best of my understanding, "localnets" means you’re also allowing other computers on the same LAN as yourself to set their system to use your new nameserver.

127.0.0.1 of course, is the way that your system refers to itself. ‘localhost’ does a similar job, but of course, ‘localhost’ needs to be first resolved to an IP address :)

There, I now run my own recursive DNS server, and I feel pretty happy about it.

My entire config file (the one I edited) is here if you want it: http://nucco.org/files/named.conf.options


-my pic-
Random Quote:
Misfortune, n.: The kind of fortune that never misses. — Ambrose Bierce, "The Devil’s Dictionary"

Web 3.0 Blues

In the beginning was the Internet, and then came the Web. The web said "Let there be Awesome", and there was awesome. But some phone makers were not pleased with this awesome.

They created apps to split the people amongst themselves:

"Come, let us go down, and there confuse their language, that they may not understand one another’s speech." (Quoted from the Christian Holy Bible: Genesis 11:7)

All because the peoples of the world have become awed by eye-candy and sheer brute force specs. But the world has survived such manipulation before. The world has risen from the machinations of Internet Explorer 5 and 6 before, and may yet rise again from the feet of people implementing apps instead of implementing mobile friendly websites.

But I do believe this will pass someday. One fine day, the news of the day shall be

"The Economist.com is now optimised for mobile devices of all shapes and sizes!" and not that divisive "The Economist is now available for iOS!" (which admittedly hits me at a soft spot because I neither own, nor wish to own an iOS device).

Yes, the web browser shall someday evolve beyond "type an address in a boring text box, click a blue link, the back button, or type a new address in a boring box".

Do you read me, all ye browser makers. If you haven’t realised it yet, the dawn of the era of the app is a clarion call. Wake up, and push forth a more exciting way of navigating the world wide web. HTML5 is a step in the right direction, but one thing I the web needs, is to provide the web with a means of delivering a website as a recursively finite package, that can be (if needed) downloaded in one fell swoop, so that browsers can do fancy things without being crippled by network latency.

The open Internet needs you!

At the time of writing this note, the song that was playing on my computer was "Nothing in my way" by "Keane", from the album "Under the Iron Sea". "Feels So Good" by "Sonique" from the album "Hear My Cry" followed immediately afterwards. Even my computer understands how I am feeling :)


Fanen Ahua
Random Quote:
A master was asked the question, "What is the Way?" by a curious monk. "It is right before your eyes," said the master. "Why do I not see it for myself?" "Because you are thinking of yourself." "What about you: do you see it?" "So long as you see double, saying `I don’t’, and `you do’, and so on, your eyes are clouded," said the master. "When there is neither `I’ nor `You’, can one see it?" "When there is neither `I’ nor `You’, who is the one that wants to see it?"