- Description:
- This is the legacy WildcardDNSD code repository that hasn't seen development since November 2014 after the fork to delphinusdnsd (also in this gotweb).
- Owner:
- Last Change:
- Clone URL:
Commit Briefs
0.9.0 is the last version of Wildcarddnsd, the succeeding project is called (master, tags/BETA_9)
Delphinusdnsd and will have its first release around November 15th, 2015. The new project page is at http://delphinusdns.centroid.eu.
* make wildcarddnsd compile on Mac OS X with default privileges of "nobody"
* indicate install instructions for Mac OS X Yosemite (10.10)
Branches
Tags
Tree
README
$Id: README,v 1.36 2014/11/08 20:28:31 pjp Exp $ 1. README 2. WHY WILDCARDNS? 3. INSTALL HINTS 3.1 Linux 3.2 FreeBSD 3.3 OpenBSD 3.4 NetBSD 3.5 Mac OS X 4. COMPATIBILITY 5. EXAMPLES 6. WHAT IT CAN'T DO 7. WARNING 8. This is the last version of WILDCARDDNSD 1. README --------- Wildcarddns is a small authoritative nameserver. It does not recurse nor search. This program is written to a BSD Style License. Sleepycat's BerkeleyDB is also used for the main in-memory database. 2. WHY WILDCARDDNS? ------------------- DNS is simple. Yet implementation of DNS servers is not so simple. Wildcarddns is written for research into the DNS system so that perhaps one day the author has a better understanding of it. Comparing wildcarddns to other DNS implementations is not fair since many of those implementation fix Wildcarddns's faults on the Internet. It is recommended that if this daemon is used on the Internet that logging be turned on to learn from it and the DNS system. Use the tool "dig" that comes with bind9 to debug Wildcarddns. If you like to program, then you can fork Wildcarddns and make your own creation, or you can send patches to the author who may implement them into the code. 3. INSTALL HINTS ---------------- To install, type sh ./configure on BSD and just ./configure on Linux. This will copy the proper Makefile to ./Makefile. Then you would type make, followed by su'ing and make install. Wildcarddnsd installs to /usr/local/sbin. By default installation the configuration file is not installed you need to do this manually. Also by default the config file is specified as /etc/wildcarddns.conf this can be changed by adding the -f option to wildcarddnsd. A sample config file exists with the sources. example7.conf was a real life config once. 3.1 Linux --------- In Linux we rely on LibreSSL 2.1.1, you must download it (configure will tell you from where in ./configure) and place it in the directory besides wildcarddnsd root directory. You do not have to install it but you have to ./configure && make check at least. In Linux MINT you need to apt-get install build-essential. ## configure the platform $ ./configure ## this will install the development programs you'll need (as root) $ apt-get install bison cvs gcc libdb5.3-dev libssl-dev ## add a privsep user with a chroot directory (option -m) (as root) $ useradd -m wdnsd ## create the db directory (as root) $ mkdir -p /var/db/wdns ## make the program $ make ## install the binary (as root) $ make install ## done, create a config file and start wildcarddnsd 3.2 FreeBSD ----------- ## configure the platform $ sh configure ## this will install the development programs you'll need (as root) $ cd /usr/ports/databases/db5 && make install clean ## add a privsep user with a chroot directory (as root) $ vipw ## or $ adduser ## create the db directory (as root) $ mkdir -p /var/db/wdns ## make the program $ make ## install the binary (as root) $ make install ## done, create a config file and start wildcarddnsd Jail users, if you get a: Aug 18 13:43:47 io wildcarddnsd[54350]: starting up Aug 18 13:43:47 io wildcarddnsd[54350]: dbenv->open failed: Function not implemented Similar message, that's probably because your jail must be allowing sysvipc. Set this: jail_example_parameters="allow.sysvipc=1" in your /etc/rc.conf and reboot the jail. 3.3 OpenBSD ----------- ## configure the platform $ sh configure ## this will install the development programs you'll need (as root) $ pkg_add db-4.6.21p0v0 ## add a privsep user with a chroot directory (as root) $ vipw ## or $ adduser ## create the db directory (as root) $ mkdir -p /var/db/wdns ## make the program $ make ## install the binary (as root) $ make install ## done, create a config file and start wildcarddnsd 3.4 NetBSD ---------- The tests for this were done on NetBSD 6.1.5 ## configure the platform $ sh configure ## the following will install the development programs you'll need (as root) $ cd /usr/pkgsrc/databases/db5 && make install ## add a privsep user with a chroot directory (as root) $ useradd -m wdnsd ## create the db directory (as root) $ mkdir -p /var/db/wdns ## make the program $ make ## install the binary (as root) $ make install ## done, create a config file and start wildcarddnsd 3.5 Mac OS X ------------ ## configure for Mac OS X $ sh configure ## Installed berkeley db 4.8 through Mac Ports. $ sudo port install db48 ## The binary is made with nobody as the unprivileged user $ make ## cp the binary into /usr/local/sbin/ $ sudo cp wildcarddnsd /usr/local/sbin/ ## make the /var/db/wdns directory $ mkdir -p /var/db/wdns ## done, create config file and start wildcarddnsd 4. COMPATIBILITY ---------------- ------------------+--------------------+---------------------+-------------+ Operating System**| makes and compiles | responds to queries | Berkeley DB | ------------------+--------------------+---------------------+-------------+ FreeBSD 10 | yes | yes | version 5 | ------------------+--------------------+---------------------+-------------+ NetBSD 6.1.5 | yes* | yes | version 5 | ------------------+--------------------+---------------------+-------------+ OpenBSD 5.6 | yes | yes | version 4.6 | ------------------+--------------------+---------------------+-------------+ Linux | yes | yes | version 5 | ------------------+--------------------+---------------------+-------------+ Mac OS X Yosemite | yes | yes | version 4.8 | with MacPorts | | | | ------------------+--------------------+---------------------+-------------+ Rasbian OS | yes *** | yes | version 5 | ------------------+--------------------+---------------------+-------------+ * there was a period in time that NetBSD didn't compile ** All Operating Systems require Berkeley DB 4.6 or higher. *** Raspbian OS (Raspberry Pi) only has support for Berkeley DB 5.0 or higher 5. EXAMPLES ----------- in the directory "examples" are a few examples from working configs. 6. WHAT IT CAN'T DO ------------------- * CNAME recursion. When you look up www.yahoo.com you see this: ;; ANSWER SECTION: www.yahoo.com. 58 IN CNAME fp.wg1.b.yahoo.com. fp.wg1.b.yahoo.com. 2802 IN CNAME eu-fp.wa1.b.yahoo.com. eu-fp.wa1.b.yahoo.com. 8 IN A 87.248.122.122 eu-fp.wa1.b.yahoo.com. 8 IN A 87.248.112.181 The recursive part of wildcarddnsd isn't able to recurse CNAME's and it also doesn't have loop detection of CNAME's. This means that some lookups will fail on a UNIX host using wildcarddnsd recursively, so it's useless this needs fixing and the fix isn't simple. * DNSSEC. Signed zones are becoming more and more common on the Internet. Wildcarddnsd can't do DNSSEC yet, unfortunately. * Solaris. Unless you port some functions to solaris it won't compile on there. * Recursive nameserver. The recursive nameserver is broken. It will work for a little bit perhaps and then out of nowhere will try to flood some poor nameserver. There is a safety catch from that happening but it kills the server. This part will likely need to be rewritten and I don't have the time to do that. The design is weak and I made it work with little planning. So in wildcarddnsd beta 6 the functionality for recursivenes is there but it doesn't work consistently. 7. WARNING ---------- Please read the following two hyperlinks: http://queue.acm.org/detail.cfm?id=1647302 and http://news.zdnet.co.uk/itmanagement/0,1000000308,39760362,00.htm?s_cid=260 Warning: WildcardDNS is research material and could cause problems when on the Internet. Understand the licensing if you plan to use it despite, I'm not liable and you've been warned. Try not to use the recursive nameserver as released with BETA 6. It doesn't work. 8. This is the last version of WILDCARDDNSD ------------------------------------------- Wildcarddnsd project has been renamed. After the 0.9.0 beta release I won't release any more wildcarddnsd's. The new name was picked to avoid confusion with wildcard dns records. The new project name is called delphinusdnsd and is found online at http://delphinusdns.centroid.eu.