Because I run my garage department nameserver on a regular reinstalled OpenBSD snapshot I use the following two scripts to automate the install and configuration.
The named configuration script
Code:
#----------------------------------------
FILE=/var/named/etc/caching-forward-only.conf
#FILE=$( basename ${FILE} )
echo Creating ${FILE}
cat <<END >${FILE}
// Caching and forward only configuration
// Access Control List
acl clients {
192.168.222.0/24 ;
};
options {
forward only ;
forwarders { 192.168.222.10 ; } ;
allow-query { clients ; } ;
// max-cache-size is in bytes : echo '2 * 1024^2' | bc
max-cache-size 2097152 ;
empty-zones-enable yes;
} ;
# After editing this file please use 'named-checkconf' to validate!
END
The
/etc/rc.conf.local configuration is done with
Code:
# ----------------------------------------
FILE=./etc/rc.conf.local
#FILE=$( basename ${FILE} )
echo Enabling 'named' as forward-only resolver in ${FILE}
cat <<END >> $FILE
# note that the 'named' configuration file is in '/var/naned/etc'
# because of the chroot in "/var/named" , it has to be specified
# without the "/var/named" part.
named_flags='-4 -c /etc/caching-forward-only.conf'
END
You can check with
netstat, whether named is running, it will use port 53 on both TCP and UDP
Code:
$ netstat -an -f inet
Active Internet connections (including servers)
Proto Recv-Q Send-Q Local Address Foreign Address (state)
tcp 0 0 192.168.222.25.22 192.168.222.244.35967 ESTABLISHED
tcp 0 0 127.0.0.1.587 *.* LISTEN
tcp 0 0 127.0.0.1.25 *.* LISTEN
tcp 0 0 *.515 *.* LISTEN
tcp 0 0 192.168.222.25.22 *.* LISTEN
tcp 0 0 127.0.0.1.953 *.* LISTEN
tcp 0 0 192.168.222.25.53 *.* LISTEN
tcp 0 0 127.0.0.1.53 *.* LISTEN
Active Internet connections (including servers)
Proto Recv-Q Send-Q Local Address Foreign Address (state)
udp 0 0 192.168.222.25.27727 85.17.207.62.123
udp 0 0 192.168.222.25.34152 213.206.97.167.123
udp 0 0 192.168.222.25.34002 194.109.64.200.123
udp 0 0 *.19590 *.*
udp 0 0 192.168.222.25.53 *.*
udp 0 0 127.0.0.1.53 *.*
udp 0 0 *.514 *.*