Enabling DNS Caching
To enable Caching on the DNS server. We have to just add one line anywhere in the option section of the named.conf file as bellow:
# vi /etc/named.conf
Search for option section in this file and add recursion yes as per screenshot bellow:
After that run bellow command:
This will create dump file under /var/named/data/cache_dump.db which will store the result of the dig command in HDD and if other user queries for same data he will get result from store cache in the HDD.
We can also specify the maximum size of that dump file by adding one option bellow recursion yes as
max-cache-size 5m;
This will limit maximum cache size of file to be 5MB.
Last thing is to adding cleaning interval i.e. it will clear the cache after that specified amount of time.
cleaning-interval 10;
This will clear cache in every 10 minutes and new result will get store in the cache file.
~]# rndc flush //will flush cache of zone files
Changing the Default port No.
By default DNS server runs on the port no. 53 but if you want to run it on different port no you do it by making changes in the named.conf file.
Go inside the named.conf file and edit the parameter as bellow:
Here, I have changed DNS port no to 50. After that changes to take effect just restart the named service.
~]# systemctl restart named
If we try to run dig command directly it will not give you any result because by default it will search on port 53 so we have specified port no.
This will help you in increasing security of your DNS server.
Hiding version of DNS server.
If you want to hide the version of your bind Dns server it is fairly simple. In the option section of named.conf file add one line.
version "Hide";
Now if you query using dig command you will not able to see the version of the DNS server use.
Comments
Post a Comment