Blame


1 a8888c51 2014-11-08 pjp $Id: README,v 1.36 2014/11/08 20:28:31 pjp Exp $
2 c45084ea 2005-11-29 pbug
3 57ffa3f9 2008-04-15 pbug 1. README
4 57ffa3f9 2008-04-15 pbug 2. WHY WILDCARDNS?
5 57ffa3f9 2008-04-15 pbug 3. INSTALL HINTS
6 acc6cd3b 2014-04-13 pjp 3.1 Linux
7 acc6cd3b 2014-04-13 pjp 3.2 FreeBSD
8 acc6cd3b 2014-04-13 pjp 3.3 OpenBSD
9 acc6cd3b 2014-04-13 pjp 3.4 NetBSD
10 acc6cd3b 2014-04-13 pjp 3.5 Mac OS X
11 57ffa3f9 2008-04-15 pbug 4. COMPATIBILITY
12 57ffa3f9 2008-04-15 pbug 5. EXAMPLES
13 b93bcc62 2009-11-03 pbug 6. WHAT IT CAN'T DO
14 6ac1feaa 2009-11-07 pbug 7. WARNING
15 a8888c51 2014-11-08 pjp 8. This is the last version of WILDCARDDNSD
16 9c4921a5 2008-04-10 pbug
17 57ffa3f9 2008-04-15 pbug 1. README
18 57ffa3f9 2008-04-15 pbug ---------
19 57ffa3f9 2008-04-15 pbug
20 1e8325ae 2010-03-28 pbug Wildcarddns is a small authoritative nameserver. It does not recurse nor
21 1e8325ae 2010-03-28 pbug search. This program is written to a BSD Style License. Sleepycat's
22 1e8325ae 2010-03-28 pbug BerkeleyDB is also used for the main in-memory database.
23 57ffa3f9 2008-04-15 pbug
24 57ffa3f9 2008-04-15 pbug 2. WHY WILDCARDDNS?
25 57ffa3f9 2008-04-15 pbug -------------------
26 57ffa3f9 2008-04-15 pbug
27 1e8325ae 2010-03-28 pbug DNS is simple. Yet implementation of DNS servers is not so simple.
28 69905391 2009-11-15 pbug Wildcarddns is written for research into the DNS system so that perhaps one
29 69905391 2009-11-15 pbug day the author has a better understanding of it. Comparing wildcarddns to
30 69905391 2009-11-15 pbug other DNS implementations is not fair since many of those implementation
31 69905391 2009-11-15 pbug fix Wildcarddns's faults on the Internet. It is recommended that if this
32 69905391 2009-11-15 pbug daemon is used on the Internet that logging be turned on to learn from it
33 959d1769 2010-04-05 pbug and the DNS system.
34 959d1769 2010-04-05 pbug
35 959d1769 2010-04-05 pbug Use the tool "dig" that comes with bind9 to debug Wildcarddns. If you like to
36 69905391 2009-11-15 pbug program, then you can fork Wildcarddns and make your own creation, or you
37 69905391 2009-11-15 pbug can send patches to the author who may implement them into the code.
38 57ffa3f9 2008-04-15 pbug
39 57ffa3f9 2008-04-15 pbug
40 57ffa3f9 2008-04-15 pbug 3. INSTALL HINTS
41 57ffa3f9 2008-04-15 pbug ----------------
42 57ffa3f9 2008-04-15 pbug
43 9593fb7a 2010-03-28 pbug To install, type sh ./configure on BSD and just ./configure on Linux. This
44 9593fb7a 2010-03-28 pbug will copy the proper Makefile to ./Makefile. Then you would type make,
45 9593fb7a 2010-03-28 pbug followed by su'ing and make install. Wildcarddnsd installs to /usr/local/sbin.
46 c45084ea 2005-11-29 pbug
47 c45084ea 2005-11-29 pbug By default installation the configuration file is not installed you need to
48 c45084ea 2005-11-29 pbug do this manually. Also by default the config file is specified as
49 c45084ea 2005-11-29 pbug /etc/wildcarddns.conf this can be changed by adding the -f option to
50 c45084ea 2005-11-29 pbug wildcarddnsd.
51 c45084ea 2005-11-29 pbug
52 9593fb7a 2010-03-28 pbug A sample config file exists with the sources. example7.conf was a real life
53 959d1769 2010-04-05 pbug config once.
54 c45084ea 2005-11-29 pbug
55 acc6cd3b 2014-04-13 pjp 3.1 Linux
56 acc6cd3b 2014-04-13 pjp ---------
57 c45084ea 2005-11-29 pbug
58 9e58f57e 2014-11-07 pjp In Linux we rely on LibreSSL 2.1.1, you must download it (configure will
59 9e58f57e 2014-11-07 pjp tell you from where in ./configure) and place it in the directory besides
60 9e58f57e 2014-11-07 pjp wildcarddnsd root directory. You do not have to install it but you have
61 9e58f57e 2014-11-07 pjp to ./configure && make check at least.
62 c5963f44 2014-09-27 pjp
63 ece0cc95 2014-10-08 pjp In Linux MINT you need to apt-get install build-essential.
64 ece0cc95 2014-10-08 pjp
65 acc6cd3b 2014-04-13 pjp ## configure the platform
66 acc6cd3b 2014-04-13 pjp $ ./configure
67 acc6cd3b 2014-04-13 pjp ## this will install the development programs you'll need (as root)
68 acc6cd3b 2014-04-13 pjp $ apt-get install bison cvs gcc libdb5.3-dev libssl-dev
69 acc6cd3b 2014-04-13 pjp ## add a privsep user with a chroot directory (option -m) (as root)
70 acc6cd3b 2014-04-13 pjp $ useradd -m wdnsd
71 acc6cd3b 2014-04-13 pjp ## create the db directory (as root)
72 acc6cd3b 2014-04-13 pjp $ mkdir -p /var/db/wdns
73 acc6cd3b 2014-04-13 pjp ## make the program
74 acc6cd3b 2014-04-13 pjp $ make
75 acc6cd3b 2014-04-13 pjp ## install the binary (as root)
76 acc6cd3b 2014-04-13 pjp $ make install
77 acc6cd3b 2014-04-13 pjp ## done, create a config file and start wildcarddnsd
78 b3b45d41 2010-09-15 pbug
79 acc6cd3b 2014-04-13 pjp
80 acc6cd3b 2014-04-13 pjp 3.2 FreeBSD
81 acc6cd3b 2014-04-13 pjp -----------
82 acc6cd3b 2014-04-13 pjp
83 acc6cd3b 2014-04-13 pjp ## configure the platform
84 acc6cd3b 2014-04-13 pjp $ sh configure
85 acc6cd3b 2014-04-13 pjp ## this will install the development programs you'll need (as root)
86 acc6cd3b 2014-04-13 pjp $ cd /usr/ports/databases/db5 && make install clean
87 acc6cd3b 2014-04-13 pjp ## add a privsep user with a chroot directory (as root)
88 acc6cd3b 2014-04-13 pjp $ vipw
89 acc6cd3b 2014-04-13 pjp ## or
90 acc6cd3b 2014-04-13 pjp $ adduser
91 acc6cd3b 2014-04-13 pjp ## create the db directory (as root)
92 acc6cd3b 2014-04-13 pjp $ mkdir -p /var/db/wdns
93 acc6cd3b 2014-04-13 pjp ## make the program
94 acc6cd3b 2014-04-13 pjp $ make
95 acc6cd3b 2014-04-13 pjp ## install the binary (as root)
96 acc6cd3b 2014-04-13 pjp $ make install
97 acc6cd3b 2014-04-13 pjp ## done, create a config file and start wildcarddnsd
98 acc6cd3b 2014-04-13 pjp
99 dc2cae09 2014-08-18 pjp Jail users, if you get a:
100 dc2cae09 2014-08-18 pjp
101 dc2cae09 2014-08-18 pjp Aug 18 13:43:47 io wildcarddnsd[54350]: starting up
102 dc2cae09 2014-08-18 pjp Aug 18 13:43:47 io wildcarddnsd[54350]: dbenv->open failed: Function not implemented
103 dc2cae09 2014-08-18 pjp
104 dc2cae09 2014-08-18 pjp Similar message, that's probably because your jail must be allowing sysvipc.
105 dc2cae09 2014-08-18 pjp Set this:
106 dc2cae09 2014-08-18 pjp
107 dc2cae09 2014-08-18 pjp jail_example_parameters="allow.sysvipc=1"
108 dc2cae09 2014-08-18 pjp
109 dc2cae09 2014-08-18 pjp in your /etc/rc.conf and reboot the jail.
110 dc2cae09 2014-08-18 pjp
111 dc2cae09 2014-08-18 pjp
112 acc6cd3b 2014-04-13 pjp 3.3 OpenBSD
113 acc6cd3b 2014-04-13 pjp -----------
114 acc6cd3b 2014-04-13 pjp
115 acc6cd3b 2014-04-13 pjp ## configure the platform
116 acc6cd3b 2014-04-13 pjp $ sh configure
117 acc6cd3b 2014-04-13 pjp ## this will install the development programs you'll need (as root)
118 acc6cd3b 2014-04-13 pjp $ pkg_add db-4.6.21p0v0
119 acc6cd3b 2014-04-13 pjp ## add a privsep user with a chroot directory (as root)
120 acc6cd3b 2014-04-13 pjp $ vipw
121 acc6cd3b 2014-04-13 pjp ## or
122 acc6cd3b 2014-04-13 pjp $ adduser
123 acc6cd3b 2014-04-13 pjp ## create the db directory (as root)
124 acc6cd3b 2014-04-13 pjp $ mkdir -p /var/db/wdns
125 acc6cd3b 2014-04-13 pjp ## make the program
126 acc6cd3b 2014-04-13 pjp $ make
127 acc6cd3b 2014-04-13 pjp ## install the binary (as root)
128 acc6cd3b 2014-04-13 pjp $ make install
129 acc6cd3b 2014-04-13 pjp ## done, create a config file and start wildcarddnsd
130 acc6cd3b 2014-04-13 pjp
131 acc6cd3b 2014-04-13 pjp 3.4 NetBSD
132 acc6cd3b 2014-04-13 pjp ----------
133 acc6cd3b 2014-04-13 pjp
134 27110135 2014-11-07 pjp The tests for this were done on NetBSD 6.1.5
135 acc6cd3b 2014-04-13 pjp
136 27110135 2014-11-07 pjp ## configure the platform
137 27110135 2014-11-07 pjp $ sh configure
138 27110135 2014-11-07 pjp ## the following will install the development programs you'll need (as root)
139 27110135 2014-11-07 pjp $ cd /usr/pkgsrc/databases/db5 && make install
140 27110135 2014-11-07 pjp ## add a privsep user with a chroot directory (as root)
141 27110135 2014-11-07 pjp $ useradd -m wdnsd
142 27110135 2014-11-07 pjp ## create the db directory (as root)
143 27110135 2014-11-07 pjp $ mkdir -p /var/db/wdns
144 27110135 2014-11-07 pjp ## make the program
145 27110135 2014-11-07 pjp $ make
146 27110135 2014-11-07 pjp ## install the binary (as root)
147 27110135 2014-11-07 pjp $ make install
148 27110135 2014-11-07 pjp ## done, create a config file and start wildcarddnsd
149 27110135 2014-11-07 pjp
150 acc6cd3b 2014-04-13 pjp 3.5 Mac OS X
151 acc6cd3b 2014-04-13 pjp ------------
152 acc6cd3b 2014-04-13 pjp
153 c1f92d9e 2014-11-08 pjp ## configure for Mac OS X
154 c1f92d9e 2014-11-08 pjp $ sh configure
155 c1f92d9e 2014-11-08 pjp ## Installed berkeley db 4.8 through Mac Ports.
156 c1f92d9e 2014-11-08 pjp $ sudo port install db48
157 c1f92d9e 2014-11-08 pjp ## The binary is made with nobody as the unprivileged user
158 c1f92d9e 2014-11-08 pjp $ make
159 c1f92d9e 2014-11-08 pjp ## cp the binary into /usr/local/sbin/
160 c1f92d9e 2014-11-08 pjp $ sudo cp wildcarddnsd /usr/local/sbin/
161 e41b13a0 2014-11-08 pjp ## make the /var/db/wdns directory
162 e41b13a0 2014-11-08 pjp $ mkdir -p /var/db/wdns
163 c1f92d9e 2014-11-08 pjp ## done, create config file and start wildcarddnsd
164 acc6cd3b 2014-04-13 pjp
165 acc6cd3b 2014-04-13 pjp
166 57ffa3f9 2008-04-15 pbug 4. COMPATIBILITY
167 57ffa3f9 2008-04-15 pbug ----------------
168 9c4921a5 2008-04-10 pbug
169 acc6cd3b 2014-04-13 pjp ------------------+--------------------+---------------------+-------------+
170 acc6cd3b 2014-04-13 pjp Operating System**| makes and compiles | responds to queries | Berkeley DB |
171 acc6cd3b 2014-04-13 pjp ------------------+--------------------+---------------------+-------------+
172 acc6cd3b 2014-04-13 pjp FreeBSD 10 | yes | yes | version 5 |
173 acc6cd3b 2014-04-13 pjp ------------------+--------------------+---------------------+-------------+
174 aac2f243 2014-11-07 pjp NetBSD 6.1.5 | yes* | yes | version 5 |
175 acc6cd3b 2014-04-13 pjp ------------------+--------------------+---------------------+-------------+
176 a1f21b00 2014-11-07 pjp OpenBSD 5.6 | yes | yes | version 4.6 |
177 acc6cd3b 2014-04-13 pjp ------------------+--------------------+---------------------+-------------+
178 acc6cd3b 2014-04-13 pjp Linux | yes | yes | version 5 |
179 acc6cd3b 2014-04-13 pjp ------------------+--------------------+---------------------+-------------+
180 c1f92d9e 2014-11-08 pjp Mac OS X Yosemite | yes | yes | version 4.8 |
181 c1f92d9e 2014-11-08 pjp with MacPorts | | | |
182 acc6cd3b 2014-04-13 pjp ------------------+--------------------+---------------------+-------------+
183 acc6cd3b 2014-04-13 pjp Rasbian OS | yes *** | yes | version 5 |
184 acc6cd3b 2014-04-13 pjp ------------------+--------------------+---------------------+-------------+
185 9c4921a5 2008-04-10 pbug
186 1e8325ae 2010-03-28 pbug * there was a period in time that NetBSD didn't compile
187 f98bb34d 2011-09-19 pbug ** All Operating Systems require Berkeley DB 4.6 or higher.
188 1964967e 2013-10-30 pjp *** Raspbian OS (Raspberry Pi) only has support for Berkeley DB 5.0 or higher
189 57ffa3f9 2008-04-15 pbug
190 57ffa3f9 2008-04-15 pbug 5. EXAMPLES
191 57ffa3f9 2008-04-15 pbug -----------
192 57ffa3f9 2008-04-15 pbug
193 57ffa3f9 2008-04-15 pbug in the directory "examples" are a few examples from working configs.
194 b93bcc62 2009-11-03 pbug
195 b93bcc62 2009-11-03 pbug
196 b93bcc62 2009-11-03 pbug 6. WHAT IT CAN'T DO
197 b93bcc62 2009-11-03 pbug -------------------
198 b93bcc62 2009-11-03 pbug
199 0aefb92a 2011-04-12 pbug * CNAME recursion. When you look up www.yahoo.com you see this:
200 b93bcc62 2009-11-03 pbug
201 0aefb92a 2011-04-12 pbug ;; ANSWER SECTION:
202 0aefb92a 2011-04-12 pbug www.yahoo.com. 58 IN CNAME fp.wg1.b.yahoo.com.
203 0aefb92a 2011-04-12 pbug fp.wg1.b.yahoo.com. 2802 IN CNAME eu-fp.wa1.b.yahoo.com.
204 0aefb92a 2011-04-12 pbug eu-fp.wa1.b.yahoo.com. 8 IN A 87.248.122.122
205 0aefb92a 2011-04-12 pbug eu-fp.wa1.b.yahoo.com. 8 IN A 87.248.112.181
206 0aefb92a 2011-04-12 pbug
207 0aefb92a 2011-04-12 pbug The recursive part of wildcarddnsd isn't able to recurse CNAME's and it
208 0aefb92a 2011-04-12 pbug also doesn't have loop detection of CNAME's. This means that some lookups
209 0aefb92a 2011-04-12 pbug will fail on a UNIX host using wildcarddnsd recursively, so it's useless
210 0aefb92a 2011-04-12 pbug this needs fixing and the fix isn't simple.
211 0aefb92a 2011-04-12 pbug
212 0aefb92a 2011-04-12 pbug * DNSSEC. Signed zones are becoming more and more common on the Internet.
213 0aefb92a 2011-04-12 pbug Wildcarddnsd can't do DNSSEC yet, unfortunately.
214 0aefb92a 2011-04-12 pbug
215 0aefb92a 2011-04-12 pbug * Solaris. Unless you port some functions to solaris it won't compile on
216 0aefb92a 2011-04-12 pbug there.
217 0aefb92a 2011-04-12 pbug
218 0aefb92a 2011-04-12 pbug * Recursive nameserver. The recursive nameserver is broken. It will work for
219 0aefb92a 2011-04-12 pbug a little bit perhaps and then out of nowhere will try to flood some poor
220 0aefb92a 2011-04-12 pbug nameserver. There is a safety catch from that happening but it kills the
221 0aefb92a 2011-04-12 pbug server. This part will likely need to be rewritten and I don't have the
222 0aefb92a 2011-04-12 pbug time to do that. The design is weak and I made it work with little planning.
223 0aefb92a 2011-04-12 pbug So in wildcarddnsd beta 6 the functionality for recursivenes is there but
224 0aefb92a 2011-04-12 pbug it doesn't work consistently.
225 0aefb92a 2011-04-12 pbug
226 0aefb92a 2011-04-12 pbug
227 6ac1feaa 2009-11-07 pbug 7. WARNING
228 6ac1feaa 2009-11-07 pbug ----------
229 6ac1feaa 2009-11-07 pbug
230 6ac1feaa 2009-11-07 pbug Please read the following two hyperlinks:
231 6ac1feaa 2009-11-07 pbug
232 6ac1feaa 2009-11-07 pbug http://queue.acm.org/detail.cfm?id=1647302
233 6ac1feaa 2009-11-07 pbug
234 6ac1feaa 2009-11-07 pbug and
235 6ac1feaa 2009-11-07 pbug
236 6ac1feaa 2009-11-07 pbug http://news.zdnet.co.uk/itmanagement/0,1000000308,39760362,00.htm?s_cid=260
237 6ac1feaa 2009-11-07 pbug
238 6ac1feaa 2009-11-07 pbug Warning: WildcardDNS is research material and could cause problems when on
239 6ac1feaa 2009-11-07 pbug the Internet. Understand the licensing if you plan to use it despite, I'm
240 6ac1feaa 2009-11-07 pbug not liable and you've been warned.
241 6ac1feaa 2009-11-07 pbug
242 0aefb92a 2011-04-12 pbug Try not to use the recursive nameserver as released with BETA 6. It doesn't
243 0aefb92a 2011-04-12 pbug work.
244 a8888c51 2014-11-08 pjp
245 a8888c51 2014-11-08 pjp
246 a8888c51 2014-11-08 pjp
247 a8888c51 2014-11-08 pjp 8. This is the last version of WILDCARDDNSD
248 a8888c51 2014-11-08 pjp -------------------------------------------
249 a8888c51 2014-11-08 pjp
250 a8888c51 2014-11-08 pjp Wildcarddnsd project has been renamed. After the 0.9.0 beta release I won't
251 a8888c51 2014-11-08 pjp release any more wildcarddnsd's. The new name was picked to avoid confusion
252 a8888c51 2014-11-08 pjp with wildcard dns records. The new project name is called delphinusdnsd and
253 a8888c51 2014-11-08 pjp is found online at http://delphinusdns.centroid.eu.