FreeBSD Configure DJBDNS TinyDNS Server

in DJBDNS, FreeBSD, FreeBSD Jails (VPS) last updated July 8, 2009

How do I configure tinydns a database-driven dns server under FreeBSD operating systems?

You need to create three user accounts under FreeBSD and add all of them to a group. This can be done using pw command as follows:

Step#1: Create DJBDNS Server Group

Type the following command:
# pw groupadd dnsusers

Step#2: Create TinyDNS Server User

Type the following command:
# pw useradd tinydns -s /bin/nologin -G dnsusers

Step#3: Create AxfrDNS Server User

Type the following command:
# pw useradd dnslog -s /bin/nologin -G dnsusers

Step#4: Create DJNDNS Server Log User

Type the following command:
# pw useradd axfrdns -s /bin/nologin -G dnsusers

Step#5: Create /var/service directory

Type the following command:
# mkdir /var/service/

Step#6: Turn On daemontools (svscan) Service

Type the following command:
# echo 'svscan_enable="YES"' >> /etc/rc.conf # /usr/local/etc/rc.d/svscan.sh start
Now, your server is ready to use. All you have to do is create zone for ns1.nixcraft.in.

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

5 comment

Sam says:
July 10, 2010 at 7:23 am
I am running FreeBSD 8 and have followed the first page. On the last step, I do as prompted:
[root@vps ~]# echo ‘svscan_enable=”YES”‘ >> /etc/rc.conf
[root@vps ~]# /usr/local/etc/rc.d/svscan.sh start
bash: /usr/local/etc/rc.d/svscan.sh: No such file or directory
Svscan exists though:
[root@vps ~]# whereis svscan
svscan: /usr/local/bin/svscan /usr/local/man/man8/svscan.8.gz
Running Svscan:
[root@vps ~]# /usr/local/bin/svscan
supervise: fatal: unable to start namedb/run: file does not exist
Is there any solution?

I’m runing FreeBSD 10.1-RELEASE.

Below, I am using the IP address of my VPS — 80.240.140.221. If you are looking at my comment trying to set it up for yourself, you will of course need to replace my IP with yours.

I did the same as shown here up until the end, except at the end, instead of

# /usr/local/etc/rc.d/svscan.sh start

I did

# service svscan start

Then, furthermore, I did:

# tinydns-conf tinydns dnslog /usr/local/etc/tinydns 80.240.140.221
# ln -s /usr/local/etc/tinydns /var/service/

Confirmed that it’s running:

$ sockstat -l | grep :53
tinydns  tinydns    761   3  udp4   80.240.140.221:53     *:*

Is it working?

$ drill erikano.net @80.240.140.221
Error: error sending query: Could not send or receive, because of network error

What does the log say?

$ cat /var/service/tinydns/log/main/current
@4000000054f25acc23751084 starting tinydns
@4000000054f25c410ce0e9c4 50d5bdc2:94d5:b0c1 - 0001 erikano.net
@4000000054f25c460ccf3e54 50d5bdc2:94d5:b0c1 - 0001 erikano.net
@4000000054f25c4b0cde1334 50d5bdc2:94d5:b0c1 - 0001 erikano.net
@4000000054f25cec305c7864 50f08cdd:79a6:0d18 - 0001 erikano.net
@4000000054f25cf1328841a4 50f08cdd:41b6:0d18 - 0001 erikano.net
@4000000054f25cf6357c38fc 50f08cdd:89c2:0d18 - 0001 erikano.net
@4000000054f25d4815913b8c 50f08cdd:496d:14a5 - 0001 erikano.net
@4000000054f25d4d17126904 50f08cdd:eb86:14a5 - 0001 erikano.net
@4000000054f25d5217ae04f4 50f08cdd:544d:14a5 - 0001 erikano.net
@4000000054f25d850dd396c4 50d5bdc2:b127:191e - 0001 erikano.net
@4000000054f25d8a0dc32f8c 50d5bdc2:b127:191e - 0001 erikano.net
@4000000054f25d8f0daa8324 50d5bdc2:b127:191e - 0001 erikano.net

It’s receiving requests. Good. Probably the reason why it’s not responding is because there is more configuration to be done.

Hopefully, http://cr.yp.to/djbdns/run-server.html and http://tinydns.org/ covers the remainder of the configuration that needs to be done.

Indeed, http://cr.yp.to/djbdns/run-server.html provides what is needed for a basic configuration.

# cd /var/service/tinydns/root/
# ./add-ns inbound.mx 80.240.140.221
# ./add-ns erikano.net 80.240.140.221
# ./add-host quattuor.inbound.mx 80.240.140.221
# ./add-alias erikano.net 80.240.140.221 
# ./add-alias www.erikano.net 80.240.140.221
# make

I haven’t made the VPS authorative of the domains for real yet, not sure if/when I will, but here we see it working from my Ubuntu-running desktop querying the FreeBSD VPS:

$ dig erikano.net @80.240.140.221

; <> DiG 9.9.5-3ubuntu0.2-Ubuntu <> erikano.net @80.240.140.221
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2443
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;erikano.net.			IN	A

;; ANSWER SECTION:
erikano.net.		86400	IN	A	80.240.140.221

;; AUTHORITY SECTION:
erikano.net.		259200	IN	NS	a.ns.erikano.net.

;; ADDITIONAL SECTION:
a.ns.erikano.net.	259200	IN	A	80.240.140.221

;; Query time: 52 msec
;; SERVER: 80.240.140.221#53(80.240.140.221)
;; WHEN: Sun Mar 01 02:00:01 CET 2015
;; MSG SIZE  rcvd: 80

Erik Nordstroem says:
March 1, 2015 at 1:03 am
(My previous comment is in reply to my own comment preceeding it.)
Erik Nordstroem says:
March 1, 2015 at 1:08 am
The commenting system expanded www dot erikano dot net to http://www.erikano.net. Obviously, the add-alias command for www dot erikano dot net did not include protocol or trailing slash.

Have a question? Post it on our forum!