Blob


1 $Id: README,v 1.36 2014/11/08 20:28:31 pjp Exp $
3 1. README
4 2. WHY WILDCARDNS?
5 3. INSTALL HINTS
6 3.1 Linux
7 3.2 FreeBSD
8 3.3 OpenBSD
9 3.4 NetBSD
10 3.5 Mac OS X
11 4. COMPATIBILITY
12 5. EXAMPLES
13 6. WHAT IT CAN'T DO
14 7. WARNING
15 8. This is the last version of WILDCARDDNSD
17 1. README
18 ---------
20 Wildcarddns is a small authoritative nameserver. It does not recurse nor
21 search. This program is written to a BSD Style License. Sleepycat's
22 BerkeleyDB is also used for the main in-memory database.
24 2. WHY WILDCARDDNS?
25 -------------------
27 DNS is simple. Yet implementation of DNS servers is not so simple.
28 Wildcarddns is written for research into the DNS system so that perhaps one
29 day the author has a better understanding of it. Comparing wildcarddns to
30 other DNS implementations is not fair since many of those implementation
31 fix Wildcarddns's faults on the Internet. It is recommended that if this
32 daemon is used on the Internet that logging be turned on to learn from it
33 and the DNS system.
35 Use the tool "dig" that comes with bind9 to debug Wildcarddns. If you like to
36 program, then you can fork Wildcarddns and make your own creation, or you
37 can send patches to the author who may implement them into the code.
40 3. INSTALL HINTS
41 ----------------
43 To install, type sh ./configure on BSD and just ./configure on Linux. This
44 will copy the proper Makefile to ./Makefile. Then you would type make,
45 followed by su'ing and make install. Wildcarddnsd installs to /usr/local/sbin.
47 By default installation the configuration file is not installed you need to
48 do this manually. Also by default the config file is specified as
49 /etc/wildcarddns.conf this can be changed by adding the -f option to
50 wildcarddnsd.
52 A sample config file exists with the sources. example7.conf was a real life
53 config once.
55 3.1 Linux
56 ---------
58 In Linux we rely on LibreSSL 2.1.1, you must download it (configure will
59 tell you from where in ./configure) and place it in the directory besides
60 wildcarddnsd root directory. You do not have to install it but you have
61 to ./configure && make check at least.
63 In Linux MINT you need to apt-get install build-essential.
65 ## configure the platform
66 $ ./configure
67 ## this will install the development programs you'll need (as root)
68 $ apt-get install bison cvs gcc libdb5.3-dev libssl-dev
69 ## add a privsep user with a chroot directory (option -m) (as root)
70 $ useradd -m wdnsd
71 ## create the db directory (as root)
72 $ mkdir -p /var/db/wdns
73 ## make the program
74 $ make
75 ## install the binary (as root)
76 $ make install
77 ## done, create a config file and start wildcarddnsd
80 3.2 FreeBSD
81 -----------
83 ## configure the platform
84 $ sh configure
85 ## this will install the development programs you'll need (as root)
86 $ cd /usr/ports/databases/db5 && make install clean
87 ## add a privsep user with a chroot directory (as root)
88 $ vipw
89 ## or
90 $ adduser
91 ## create the db directory (as root)
92 $ mkdir -p /var/db/wdns
93 ## make the program
94 $ make
95 ## install the binary (as root)
96 $ make install
97 ## done, create a config file and start wildcarddnsd
99 Jail users, if you get a:
101 Aug 18 13:43:47 io wildcarddnsd[54350]: starting up
102 Aug 18 13:43:47 io wildcarddnsd[54350]: dbenv->open failed: Function not implemented
104 Similar message, that's probably because your jail must be allowing sysvipc.
105 Set this:
107 jail_example_parameters="allow.sysvipc=1"
109 in your /etc/rc.conf and reboot the jail.
112 3.3 OpenBSD
113 -----------
115 ## configure the platform
116 $ sh configure
117 ## this will install the development programs you'll need (as root)
118 $ pkg_add db-4.6.21p0v0
119 ## add a privsep user with a chroot directory (as root)
120 $ vipw
121 ## or
122 $ adduser
123 ## create the db directory (as root)
124 $ mkdir -p /var/db/wdns
125 ## make the program
126 $ make
127 ## install the binary (as root)
128 $ make install
129 ## done, create a config file and start wildcarddnsd
131 3.4 NetBSD
132 ----------
134 The tests for this were done on NetBSD 6.1.5
136 ## configure the platform
137 $ sh configure
138 ## the following will install the development programs you'll need (as root)
139 $ cd /usr/pkgsrc/databases/db5 && make install
140 ## add a privsep user with a chroot directory (as root)
141 $ useradd -m wdnsd
142 ## create the db directory (as root)
143 $ mkdir -p /var/db/wdns
144 ## make the program
145 $ make
146 ## install the binary (as root)
147 $ make install
148 ## done, create a config file and start wildcarddnsd
150 3.5 Mac OS X
151 ------------
153 ## configure for Mac OS X
154 $ sh configure
155 ## Installed berkeley db 4.8 through Mac Ports.
156 $ sudo port install db48
157 ## The binary is made with nobody as the unprivileged user
158 $ make
159 ## cp the binary into /usr/local/sbin/
160 $ sudo cp wildcarddnsd /usr/local/sbin/
161 ## make the /var/db/wdns directory
162 $ mkdir -p /var/db/wdns
163 ## done, create config file and start wildcarddnsd
166 4. COMPATIBILITY
167 ----------------
169 ------------------+--------------------+---------------------+-------------+
170 Operating System**| makes and compiles | responds to queries | Berkeley DB |
171 ------------------+--------------------+---------------------+-------------+
172 FreeBSD 10 | yes | yes | version 5 |
173 ------------------+--------------------+---------------------+-------------+
174 NetBSD 6.1.5 | yes* | yes | version 5 |
175 ------------------+--------------------+---------------------+-------------+
176 OpenBSD 5.6 | yes | yes | version 4.6 |
177 ------------------+--------------------+---------------------+-------------+
178 Linux | yes | yes | version 5 |
179 ------------------+--------------------+---------------------+-------------+
180 Mac OS X Yosemite | yes | yes | version 4.8 |
181 with MacPorts | | | |
182 ------------------+--------------------+---------------------+-------------+
183 Rasbian OS | yes *** | yes | version 5 |
184 ------------------+--------------------+---------------------+-------------+
186 * there was a period in time that NetBSD didn't compile
187 ** All Operating Systems require Berkeley DB 4.6 or higher.
188 *** Raspbian OS (Raspberry Pi) only has support for Berkeley DB 5.0 or higher
190 5. EXAMPLES
191 -----------
193 in the directory "examples" are a few examples from working configs.
196 6. WHAT IT CAN'T DO
197 -------------------
199 * CNAME recursion. When you look up www.yahoo.com you see this:
201 ;; ANSWER SECTION:
202 www.yahoo.com. 58 IN CNAME fp.wg1.b.yahoo.com.
203 fp.wg1.b.yahoo.com. 2802 IN CNAME eu-fp.wa1.b.yahoo.com.
204 eu-fp.wa1.b.yahoo.com. 8 IN A 87.248.122.122
205 eu-fp.wa1.b.yahoo.com. 8 IN A 87.248.112.181
207 The recursive part of wildcarddnsd isn't able to recurse CNAME's and it
208 also doesn't have loop detection of CNAME's. This means that some lookups
209 will fail on a UNIX host using wildcarddnsd recursively, so it's useless
210 this needs fixing and the fix isn't simple.
212 * DNSSEC. Signed zones are becoming more and more common on the Internet.
213 Wildcarddnsd can't do DNSSEC yet, unfortunately.
215 * Solaris. Unless you port some functions to solaris it won't compile on
216 there.
218 * Recursive nameserver. The recursive nameserver is broken. It will work for
219 a little bit perhaps and then out of nowhere will try to flood some poor
220 nameserver. There is a safety catch from that happening but it kills the
221 server. This part will likely need to be rewritten and I don't have the
222 time to do that. The design is weak and I made it work with little planning.
223 So in wildcarddnsd beta 6 the functionality for recursivenes is there but
224 it doesn't work consistently.
227 7. WARNING
228 ----------
230 Please read the following two hyperlinks:
232 http://queue.acm.org/detail.cfm?id=1647302
234 and
236 http://news.zdnet.co.uk/itmanagement/0,1000000308,39760362,00.htm?s_cid=260
238 Warning: WildcardDNS is research material and could cause problems when on
239 the Internet. Understand the licensing if you plan to use it despite, I'm
240 not liable and you've been warned.
242 Try not to use the recursive nameserver as released with BETA 6. It doesn't
243 work.
247 8. This is the last version of WILDCARDDNSD
248 -------------------------------------------
250 Wildcarddnsd project has been renamed. After the 0.9.0 beta release I won't
251 release any more wildcarddnsd's. The new name was picked to avoid confusion
252 with wildcard dns records. The new project name is called delphinusdnsd and
253 is found online at http://delphinusdns.centroid.eu.