/Main_Page

::You must have ninja focus to complete your mission::NinjaFocus::

Maradns

Views:


www.maradns.org

Maradns is a nice lightweight dns server that is easy to install and manage. It's not for people wanting ultra security or backups and transfers - you probably want Bind for that.

It's configured by a single, straightforward configuration file and uses a single text file for each zone database. The syntax for specifying your DNS records is really easy.

I've used Maradns in a testing and development network for several months and it's done a fine job. It's also used as a caching DNS server for an office network.

Contents

Installation

Available as a package on Ubuntu, you can install it with

# apt-get install maradns

You probably already have bind or something like that installed as a local caching dns server - you'll want to un-install that or stop the service.

If you're installing from source you're going to want to make sure you create a user account for the maradns daemon. I used "maradns" as the user.

Configuration

# Example mararc file (unabridged version)

# The various zones we support
#
hide_disclaimer = "YES"

# We must initialize the csv2 hash, or MaraDNS will be unable to
# load any zone files
csv2 = {}
# then add an entry for each zone you are going to host
# use the format db.<zonename> - your zone files will have 
# the same name
csv2["ninja."] = "db.ninja"

# The address this DNS server runs on.  If you want to bind 
# to all addresses a given machine has, use "0.0.0.0". Use multiple addresses
# by separating with commas
bind_address = "127.0.0.1,192.168.2.50"

# The directory with all of the zone files
chroot_dir = "/etc/maradns"

# The numeric UID MaraDNS will run as
maradns_uid = 65534

# The (optional) numeric GID MaraDNS will run as
# maradns_gid = 99
# The maximum number of threads (or processes, with the zone server)
# MaraDNS is allowed to run
maxprocs = 64

# Stop Maradns from letting nosey people know this
# DNS server is, infact, running Maradns
no_fingerprint = 1

# Normally, MaraDNS only returns A and MX records when given a
# QTYPE=* (all RR types) query.  Changing the value of default_rrany_set
# to 15 causes MaraDNS to also return the NS and SOA records, which
# some registars require.  The default value of this is 3
default_rrany_set = 3

# These constants limit the number of records we will display, in order
# to help keep packets 512 bytes or smaller.  This, combined with round_robin
# record rotation, help to use DNS as a crude load-balancer.
max_chain = 8
max_ar_chain = 1
max_total = 20

# The number of messages we log to stdout
# 0 - 3 (1 is start up messages, 3 is debug)
verbose_level = 1

# Initialize the IP aliases, which are used by the list of root name servers,
# the ACL for zone transfers, and the ACL of who gets to perform recursive
# queries
ipv4_alias = {}

# Various sets of root name servers
# Note: Netmasks can exist, but are ignored when specifying root name server

# ICANN: the most common and most controversial root name server
# http://www.icann.org
ipv4_alias["icann"] = "198.41.0.4,128.9.0.107,192.33.4.12,128.8.10.90,192.203.230.10,192.5.5.241,192.112.36.4,128.63.2.53,192.36.148.17,192.58.128.30,193.0.14.129,198.32.64.12,202.12.27.33"

# OSRC: http://www.open-rsc.org/
ipv4_alias["osrc"] = "199.166.24.1,205.189.73.102,199.166.24.3,207.126.103.16,195.117.6.10,205.189.73.10,204.57.55.100,213.196.2.97"

# AlterNIC: http://www.alternic.org/
ipv4_alias["alternic"] = "160.79.129.192,24.6.78.12,160.79.133.70,65.15.8.202,216.162.42.240,195.224.64.190,160.79.133.66,216.162.42.185"

# OpenNIC: http://www.opennic.unrated.net/
ipv4_alias["opennic"] = "131.161.247.226,209.151.84.102,64.247.218.140,64.247.218.149,209.104.33.250,209.104.63.249,209.151.84.103,199.175.137.211,207.6.128.246,65.243.92.254"

# The following line must be uncommented to enable recursive queries
root_servers = {}
root_servers["."] = "osrc"

Zone Files

Your zone files need to go in to the /etc/maradns folder (or where ever you set in your config file). The syntax is much simpler than bind and there's some short-hand you can use too.

Each zone must be specified in it's own file and these files need to be added to the "csv2" list in your configuration file. Enter the key as the dns name of the dns zone and set the value to the name of the file with the records for that zone.

For the zone "ninja" you would specify:

csv2["ninja."] = "db.ninja"

For the zone ninjafocus.net you would specify:

csv2["ninjafocus.net."] = "db.ninjafocus.net"

Both of them together would look like:

csv2["ninja."] = "db.ninja"
csv2["ninjafocus.net."] = "db.ninjafocus.net"

The server will try to answer queries for www.ninjafocus.net by looking in /etc/db.ninjafocus.net and queries for www.dev-server.ninja in /etc/maradns/db.ninja

Specifying Records

The basic syntax is to specify the host name, record type and then the value, with one record per line.

<hostname> <record type> <value> 

If the record is an Address record (an "A" record) you do not need to specify the record type.

The full dns name needs to be provided - including the root zone ( . ) - which is always implicit when you write dns names in applications.

The dns name for www.ninjafocus.net must be written as www.ninjafocus.net. Note the dot at the end of the name, this is required for both the hostname and the also the value of the record if that is also a host name. For example:

wiki.ninjafocus.net. CNAME www.ninjafocus.net.

There might be a lot of records to enter in a zone, so there is a handy short cut statement you can use:

/origin ninjafocus.net.

Will set the value "ninjafocus.net." to the % character for all of the records that follow the statement. E.g.:

/origin ninjafocus.net.
www.% 207.192.69.18
wiki.% CNAME www.%

Setting the origin again further down the zone file will change the value of % for all following records.

/origin ninja.

# Gateway / Router / Wireless Access Point
gateway.% 192.168.2.1

# Apple iMac G5 (used as development web server)
imacg5.% 192.168.2.101
dev.% 192.168.2.101

# Office Server for Files
phobos.% 192.168.2.50

vmware.% 192.168.2.51
# Virtual Machines for Windows Browser Testing, etc
winxpie7.% 192.168.2.55
winxpie6.% 192.168.2.56
winxpie8.% 192.168.2.57

# End Office Machines
#############################

#############################
# Development Web Sites

/origin eztest.ninja.
% CNAME dev.ninja.
www.% CNAME dev.ninja.
admin.% CNAME dev.ninja.
static.% CNAME dev.ninja.

Main Menu

Personal tools

Toolbox