MaraDNS is a program that implements the Domain Name Service (DNS), an essential internet service. MaraDNS is intended for environments where a DNS server must be secure and where the server must use the absolute minimum number of resources possible. This install is for MaraDNS 1.0.28 done on OpenBSD 3.8. Your milage may very. The setup below is for an internal lan that needs a DNS cache and internal DNS zone just for a local lookup. This zone will not work on the Internet it's just for your local users ease of use.
1. Install the MaraDNS package from "packages" on your current distro.
pkg_add -v ftp://ftp.openbsd.org/pub/OpenBSD/3.8/packages/i386/maradns-1.0.28.tgz
2. Copy the example "mararc" (below) to /etc/mararc.
################################### # Maradns config ################################### # Hide legal disclaimer hide_disclaimer = "YES" # Disable MaraDNS-specific figerprint no_fingerprint = 0 # MaraDNS only returns A and MX =3 # MaraDNS to also return the NS and SOA records =15 default_rrany_set = 3 # The maximum number of records to display in a chain of records (list # of records) for a given host name max_chain = 8 # The maximum number of records to display in a list of records in the # additional section of a query. If this is any value besides one, # round robin rotation is disabled (due to limitations in the current # data structure MaraDNS uses) max_ar_chain = 1 # The maximum number of records to show total for a given question max_total = 20 # minimum time that an entry will stay in the cache. min_ttl = 300 # minimum time that a CNAME entry will stay in the cache. min_ttl_cname = 900 # maximum number of times MaraDNS will follow a CNAME record or a NS # record with a glue A record. max_glueless_level = 10 # maximum number of total queries MaraDNS will perform to look up a host # name. max_queries_total = 32 # amount of time MaraDNS will wait for a DNS server to respond before # giving up # and trying the next DNS server on a list. timeout_seconds = 1 # Authoratative zone files csv1 = {} csv1["domain.lan."] = "db.domain.lan" # The address this DNS server runs on. The IP address "0.0.0.0" binds # to all addresses that a given machine has. bind_address = "10.0.10.10" # The directory with all of the zone files chroot_dir = "/etc/maradns" # The numeric UID MaraDNS will run as maradns_uid = 1002 # The maximum number of threads (or processes, with the zone server) maxprocs = 96 # The number of messages we log to stdout # 0: No messages except for fatal parsing errors and the legal # disclaimer # 1: Only startup messages logged (default) # 2: Error queries logged # 3: All queries logged (but not very verbosely right now) verbose_level = 2 # Initialize the IP aliases variable ipv4_alias = {} # Recursive ACL: Who is allowd to perform recursive queries. recursive_acl = "10.0.10.0/24" # Random seed file: The file form which we read 16 bytes from to get the # 128-bit random seed. random_seed_file = "/dev/urandom" # The maximum number of elements we can have in the cache. maximum_cache_elements = 1024 # Your ISP's DNS servers (no spaces) upstream_servers = {} upstream_servers["."] = "111.111.111.111,222.222.222.222,333.333.333.333" # Use local root DNS servers instead of your ISP's. # Find close ones to you from: http://www.root-servers.org/ #root_servers = {} #root_servers["."] = "198.41.0.4,128.8.10.90,128.63.2.53"
3. Copy the example "db.domain.lan" (below) to /etc/maradns/db.domain.lan. Replace the example hosts with your hosts.
##################################### # db.domain.lan # ##################################### # Zone file for domain.lan (example file) # The SOA record must be first, followed by all authoritative NS # records for this zone. Sdomain.lan.|86400|domain.lan.|[email protected].|19771108|7200|3600|604800|1800 #Ndomain.lan.|86400|ns1.domain.lan. #Ndomain.lan.|86400|ns2.domain.lan. # Some 'IN A' records Agateway.domain.lan.|86400|192.168.0.1 Astorage.domain.lan.|86400|192.168.0.10 Aworkstation.domain.lan.|86400|192.168.0.20 Amythtv.domain.lan.|86400|192.168.0.30 Adhcp241.domain.lan.|86400|192.168.0.241 Adhcp242.domain.lan.|86400|192.168.0.242 Adhcp243.domain.lan.|86400|192.168.0.243 Adhcp244.domain.lan.|86400|192.168.0.244 Adhcp245.domain.lan.|86400|192.168.0.245 #Amx.domain.lan.|86400|10.1.2.4 #Ans1.domain.lan.|86400|10.0.0.1 #Ans2.domain.lan.|86400|192.168.0.1 # An 'IN MX' record #@domain.lan.|86400|10|mx.domain.lan. # An 'IN CNAME' record #Cwww.domain.lan.|86400|domain.lan. # An 'IN TXT' record #Tdomain.lan.|86400|Example.com: Buy examples of products online! # An 'A' record showing the use of percent as a shortcut for the name # of this zone (in this case, 'domain.lan.') #Aftp.%|3600|10.7.8.9 # A 'TXT' record showing the use of the backslash which allows any # octal code in the record #Tpercent.%|7200|Get 50\045 off all \%items\% at domain.lan! # A 'PTR' record which, while marked as unauthoritative, allows this # program to work with the obsolete tool nslookup when bound on IP 127.0.0.3 # NOTE: This record is not part of the domain.lan domain, and, # therefore, can not be transferred with the getzone client #P3.0.0.127.in-addr.arpa.|1234|nslookup.bug.workaround. P1.0.168.192.in-addr.arpa.|86400|gateway.domain.lan. P10.0.168.192.in-addr.arpa.|86400|storage.domain.lan. P20.0.168.192.in-addr.arpa.|86400|workstation.domain.lan. P30.0.168.192.in-addr.arpa.|86400|mythtv.domain.lan. P241.0.168.192.in-addr.arpa.|86400|dhcp241.domain.lan. P242.0.168.192.in-addr.arpa.|86400|dhcp242.domain.lan. P243.0.168.192.in-addr.arpa.|86400|dhcp243.domain.lan. P244.0.168.192.in-addr.arpa.|86400|dhcp244.domain.lan. P245.0.168.192.in-addr.arpa.|86400|dhcp245.domain.lan.
4. Edit the files information to suit your needs.
5. Put the startup line at the bottom of /etc/rc.local so MaraDNS starts on reboot.
# MaraDNS server if [ -x /usr/local/sbin/maradns ]; then echo -n ' maradns' /usr/local/sbin/maradns >>/var/log/maradns & fi