Installing LolDNS

So Much Win

Download

Although there is currently a tarball available on the front lolware page, it is not actively kept up to date. Supported method for installing loldns is using svn. The two repsitories are:
http://svn.lolware.net/loldns/trunk (for snapshot)
http://svn.lolware.net/loldns/tags/stable (tagged stable)
Note the snapshot is usually quite stable.

Walkthrough

The below documentation provides a complete copy of the commands used to build the lolware.net DNS server.

[root@li39-174 loltmpdownload]# svn co http://svn.lolware.net/loldns/trunk . Checked out revision 13. [root@li39-174 loltmpdownload]# make [root@li39-174 loltmpdownload]# make rofl .......................__ ............ ...............<ROFL ROFL ROFL ROFL>. ......................| |........... ................... __\||/____...... .\...............|'-|--| .\..\..... ..\ \_...........|--|---|..\...\.... ../ L \_________,/-------\___\___\ .|LOL|----------------O----- ----,\.. ..\ L /______,---''-----------, /... ../ /.............\_________ ,/.... .//.............____//___ __\__/. [root@li39-174 loltmpdownload]# make install [root@li39-174 loltmpdownload]# useradd loldns [root@li39-174 loltmpdownload]# useradd lollog -G loldns [root@li39-174 loltmpdownload]# /usr/local/bin/tinydns-conf loldns lollog /var/dns 207.192.75.174 [root@li39-174 root]# vim data [root@li39-174 root]# more data .lolware.net:207.192.75.174:ns1.lolware.net .lolware.net:207.192.75.19:ns2.lolware.net @lolware.net:207.192.75.19:mail.lolware.net +www.lolware.net:207.192.75.174 +svn.lolware.net:207.192.75.174 [root@li39-174 root]# make [root@li39-174 root]# service loldns start Starting DNS services: [ OK ] [root@li39-174 root]# chkconfig loldns on

Tinydns data format

This has not changed from Dan's original format. There is excellent documentation here

Load Tuning

There is a hard coded limit on unanswered lookups in djbdns, called the "MAXUDP" limit. In loldns this is easily modified by editing the "MAXLOOKUP" line in the Makefile. Please don't just assume that you run a busy server and need to raise this value. In fact, I have dropped in slightly by default, in order to minimise load on servers. Dan had this limit for years and noone seemed to notice until someone found it in the source code after all.
If you still feel you need to go against Dan's general recommendation, please understand something about the way these lookups work first. For a default value of 175, it is not the case that the 176th lookup will get dropped. Instead, it is the case that the oldest oustanding lookup will get dropped. The vast majority of lookups are answered in a few ms, and the while you might experience 10000 lookups in a few second, the 150 sitting in your unanswered queue will likely sit there for several more seconds until DNS times out and they eventually go unanswered anyway. In other words, don't tell me you have 200 simultaneous connections and need to raise this limit. You raise this limit if you have 200 ANSWERABLE simultaneous requests.
Hitting this limit with a large amount of timeouts just drops those timeouts faster and protects you from DoS attacks.

FAQs

Nearly all FAQs are best answered by reviewing djbdns's original documentation. The only FAQ I have had so far is surrounding none of the sv* commands existing. I've deprecated them, there's no need to know they used to exist.
Update: One FAQ I've had is why I pulled the whole AXFR, as opposed to going the other way and bringing NOTIFY responses in. Frankly, this ends up being more bloat than I feel necessary, for the sake of supporting a legacy transfer method that should no longer be used.

Lolbugs

The following are classed as "lolbugs". I use this phrase to designate a "bug" someone has raised and my reasons for not fixing it.

Packets over 512 bytes fall back on a TCP lookup rather than eDNS. My excuse for this is that I inherited it from Dan. Dan's excuse - which I happen to agree with - is that it provides better reachability and services anyway. I do not accept this as "broken behaviour", it's just a feature I do not support.
There is no ./configure script. In other words, lolDNS was not written with automake. LolDNS compiles out of the box on every supported platform. When someone can convince why you would then fill the tarball with autogenerated babble, I will do so.
Round robin isn't really round robin. This takes a lot of explaining. When there are two A records for a certain name, DNS RFC requires the server return both records. BIND has a feature that randomises the order these are returned in. This would be a trivial feature to implement, but I have chosen not to. It is the job of the client to pick a record to use and call it "load balancing", and every modern OS does so. I don't like to code around broken applications, but if someone can point me at one they didn't have a 15 year old code I will reconsider.

Merged Patches

The following patches have been merged into loldns, amongst my own code. Please note, I'm not interested in merging additional patches just because you found them online. A patch has to be useful to be considered.

djbdns-1.05-multiip.diff : To make it easy to bind tinydns to multiple IP addresses. Just separate them with a comma.
dnscache-multiple-ip.patch : As above, for dnscache. This patch used a / as a delimiter instead of the comma used in the above patch. I have left this "feature" intact for the present.
srv-patch : Adds an srv type record.