QNAP NAS Community Forum

by **Guest** » Mon Dec 29, 2008 8:21 pm

All,

Is it possible to install a DNS Server on the QNAP.

I have the 209 II Pro and would like to configure this as a secondary server. is this possible?

by **tsls** » Wed Dec 31, 2008 7:52 am

bit quite here

found ipkg bind and installed as follows

[/] # ipkg install bind

Installing bind (9.5.0-P2-1) to root...
Downloading http://ipkg.nslu2-linux.org/feeds/optwa ... -1_arm.ipk
Installing openssl (0.9.7m-5) to root...
Downloading http://ipkg.nslu2-linux.org/feeds/optwa ... -5_arm.ipk
Configuring bind
Running post-install
You must now create your named.conf file
When it is installed in /opt/etc/named/named.conf, execute
/opt/etc/init.d/S09named start
to start service
You will probably also want to create rndc.conf by running
rndc-confgen. Of course, you may want to set your name server
in the GUI to 127.0.0.1 or your local ip-address
Configuring openssl
Successfully terminated.

how do i set this to auto start

Also I would like a web ui for this found http://www.afn.org/~afn23397/archive.htm but sure how to set this up

Thanks in advance

by **mgx** » Wed Dec 31, 2008 9:01 pm

Yes, I have just done this last week on a TS 409 II Pro - use ipkg to install bind. You need to read the stuff on this board about autorun.sh (I think this is something QNAP should address in a next firmware: automatically setup autorun.sh to execute any ipkg init scripts - currently we have to hand craft this file).

I based my BIND Config on FreeBSD files that I have been using succesfully on another device for a couple of years - basically it acts as a caching proxy acting as a slave to root servers doing recursive queries - you get good performance out of this because you skip your ISP DNS server and talk directly to the various .xyz authoritative servers. I'm also serving up a local domain for a couple of machines and a webcam as well.

Despite having used BIND on another machine for years. I tried dnsmasq on the QNAP also via. ipkg and it basically ** - there was a noticable seconds delay while websurfing as new domain names were being looked up. This went away as soon as I went to BIND. I'm not sure if this was an issue with dnsmasq or the fact that dnsmasq will talk to your upstream (ISP) DNS server thus introducing additional latency.

by **Guest** » Sun Jan 04, 2009 2:00 am

Cheers for the info. I guess you just copy the named.conf from your feebsd install.

I've had a look at http://wiki.qnap.com/wiki/Autorun.sh however the autorun.sh is empty any ideas why.

Do you just edit your named.conf in VI rather than an admin web ui

by **mgx** » Sun Jan 04, 2009 2:21 am

Yes, there is no autorun.sh by default. I think QNAP need to do something here as this is a such a common issue.

This is what mine looks like:

Code: Select all: [/opt/etc/named] # mount -t ext2 /dev/mtdblock5 /tmp/config [/opt/etc/named] # ls /tmp/config BOOT_COUNT autorun.sh* board_level_test.cfg mv_eth_tool.txt uLinux.conf ETH0.MAC_ADDR autorun.sh~* lost+found/ storage.conf [/opt/etc/named] # cat /tmp/config/autorun.sh #!/bin/sh rm -rf /opt ln -fs /share/MD0_DATA/optware/opt/ /opt export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/bin/X11:/usr/local/sbin:/opt/bin:/opt/sbin for optscript in `ls /opt/etc/init.d/S* | grep -v '~' | sort` do ${optscript} start done [/opt/etc/named] # umount /tmp/config

My named.conf is a hybrid between the default FreeBSD named.conf and a hand rolled one I've had around for years. This is the content of the named directory. Note in named.conf that I have put the cache and other files in /var/run so that they do not trigger waking of the RAID drives, and they purposely clear out on a reboot.

Code: Select all: [/opt/etc/named] # ls db.empty db.fwd.my-home-net db.fwd.localhost db.rev.my-home-net db.rev.localhost named.conf rndc.key [/opt/etc/named] # cat named.conf acl "inside" { 127/8; 192.168/16; }; key "rndc-key" { algorithm hmac-md5; secret "XXXXXXXXXXXXXXXXXXXXXX=="; }; controls { inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { "rndc-key"; }; }; options { directory "/opt/etc/named"; pid-file "/var/run/named.pid"; dump-file "/var/run/named.dump"; statistics-file "/var/run/named.stats"; version none; max-cache-size 12M; minimal-responses no; allow-notify { "inside"; }; disable-empty-zone "255.255.255.255.IN-ADDR.ARPA"; disable-empty-zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA"; disable-empty-zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA"; }; logging { category lame-servers { null; }; }; view "inside" { match-clients { "inside"; }; recursion yes; zone "." { type slave; file "/var/run/named.db.root.slave"; masters { 192.5.5.241; // F.ROOT-SERVERS.NET. }; notify no; }; zone "arpa" { type slave; file "/var/run/named.db.arpa.slave"; masters { 192.5.5.241; // F.ROOT-SERVERS.NET. }; notify no; }; zone "in-addr.arpa" { type slave; file "/var/run/named.db.in-addr-arpa.slave"; masters { 192.5.5.241; // F.ROOT-SERVERS.NET. }; notify no; }; zone "localhost" { type master; file "db.fwd.localhost"; }; zone "127.in-addr.arpa" { type master; file "db.rev.localhost"; }; zone "255.in-addr.arpa" { type master; file "db.empty"; }; zone "0.ip6.arpa" { type master; file "db.rev.localhost"; }; zone "0.in-addr.arpa" { type master; file "db.empty"; }; zone "10.in-addr.arpa" { type master; file "db.empty"; }; zone "16.172.in-addr.arpa" { type master; file "db.empty"; }; zone "17.172.in-addr.arpa" { type master; file "db.empty"; }; zone "18.172.in-addr.arpa" { type master; file "db.empty"; }; zone "19.172.in-addr.arpa" { type master; file "db.empty"; }; zone "20.172.in-addr.arpa" { type master; file "db.empty"; }; zone "21.172.in-addr.arpa" { type master; file "db.empty"; }; zone "22.172.in-addr.arpa" { type master; file "db.empty"; }; zone "23.172.in-addr.arpa" { type master; file "db.empty"; }; zone "24.172.in-addr.arpa" { type master; file "db.empty"; }; zone "25.172.in-addr.arpa" { type master; file "db.empty"; }; zone "26.172.in-addr.arpa" { type master; file "db.empty"; }; zone "27.172.in-addr.arpa" { type master; file "db.empty"; }; zone "28.172.in-addr.arpa" { type master; file "db.empty"; }; zone "29.172.in-addr.arpa" { type master; file "db.empty"; }; zone "30.172.in-addr.arpa" { type master; file "db.empty"; }; zone "31.172.in-addr.arpa" { type master; file "db.empty"; }; //COMMENT THIS OUT BECAUSE ITS OUR LOCAL NETWORK BELOW ... //zone "168.192.in-addr.arpa" { type master; file "db.empty"; }; zone "254.169.in-addr.arpa" { type master; file "db.empty"; }; zone "2.0.192.in-addr.arpa" { type master; file "db.empty"; }; zone "18.198.in-addr.arpa" { type master; file "db.empty"; }; zone "19.198.in-addr.arpa" { type master; file "db.empty"; }; zone "240.in-addr.arpa" { type master; file "db.empty"; }; zone "241.in-addr.arpa" { type master; file "db.empty"; }; zone "242.in-addr.arpa" { type master; file "db.empty"; }; zone "243.in-addr.arpa" { type master; file "db.empty"; }; zone "244.in-addr.arpa" { type master; file "db.empty"; }; zone "245.in-addr.arpa" { type master; file "db.empty"; }; zone "246.in-addr.arpa" { type master; file "db.empty"; }; zone "247.in-addr.arpa" { type master; file "db.empty"; }; zone "248.in-addr.arpa" { type master; file "db.empty"; }; zone "249.in-addr.arpa" { type master; file "db.empty"; }; zone "250.in-addr.arpa" { type master; file "db.empty"; }; zone "251.in-addr.arpa" { type master; file "db.empty"; }; zone "252.in-addr.arpa" { type master; file "db.empty"; }; zone "253.in-addr.arpa" { type master; file "db.empty"; }; zone "254.in-addr.arpa" { type master; file "db.empty"; }; zone "1.ip6.arpa" { type master; file "db.empty"; }; zone "3.ip6.arpa" { type master; file "db.empty"; }; zone "4.ip6.arpa" { type master; file "db.empty"; }; zone "5.ip6.arpa" { type master; file "db.empty"; }; zone "6.ip6.arpa" { type master; file "db.empty"; }; zone "7.ip6.arpa" { type master; file "db.empty"; }; zone "8.ip6.arpa" { type master; file "db.empty"; }; zone "9.ip6.arpa" { type master; file "db.empty"; }; zone "a.ip6.arpa" { type master; file "db.empty"; }; zone "b.ip6.arpa" { type master; file "db.empty"; }; zone "c.ip6.arpa" { type master; file "db.empty"; }; zone "d.ip6.arpa" { type master; file "db.empty"; }; zone "e.ip6.arpa" { type master; file "db.empty"; }; zone "0.f.ip6.arpa" { type master; file "db.empty"; }; zone "1.f.ip6.arpa" { type master; file "db.empty"; }; zone "2.f.ip6.arpa" { type master; file "db.empty"; }; zone "3.f.ip6.arpa" { type master; file "db.empty"; }; zone "4.f.ip6.arpa" { type master; file "db.empty"; }; zone "5.f.ip6.arpa" { type master; file "db.empty"; }; zone "6.f.ip6.arpa" { type master; file "db.empty"; }; zone "7.f.ip6.arpa" { type master; file "db.empty"; }; zone "8.f.ip6.arpa" { type master; file "db.empty"; }; zone "9.f.ip6.arpa" { type master; file "db.empty"; }; zone "a.f.ip6.arpa" { type master; file "db.empty"; }; zone "b.f.ip6.arpa" { type master; file "db.empty"; }; zone "0.e.f.ip6.arpa" { type master; file "db.empty"; }; zone "1.e.f.ip6.arpa" { type master; file "db.empty"; }; zone "2.e.f.ip6.arpa" { type master; file "db.empty"; }; zone "3.e.f.ip6.arpa" { type master; file "db.empty"; }; zone "4.e.f.ip6.arpa" { type master; file "db.empty"; }; zone "5.e.f.ip6.arpa" { type master; file "db.empty"; }; zone "6.e.f.ip6.arpa" { type master; file "db.empty"; }; zone "7.e.f.ip6.arpa" { type master; file "db.empty"; }; zone "c.f.ip6.arpa" { type master; file "db.empty"; }; zone "d.f.ip6.arpa" { type master; file "db.empty"; }; zone "8.e.f.ip6.arpa" { type master; file "db.empty"; }; zone "9.e.f.ip6.arpa" { type master; file "db.empty"; }; zone "a.e.f.ip6.arpa" { type master; file "db.empty"; }; zone "b.e.f.ip6.arpa" { type master; file "db.empty"; }; zone "c.e.f.ip6.arpa" { type master; file "db.empty"; }; zone "d.e.f.ip6.arpa" { type master; file "db.empty"; }; zone "e.e.f.ip6.arpa" { type master; file "db.empty"; }; zone "f.e.f.ip6.arpa" { type master; file "db.empty"; }; zone "ip6.int" { type master; file "db.empty"; }; zone "my-home.net" { type master; file "db.fwd.my-home-net"; allow-transfer { localhost; }; notify no; }; zone "168.192.in-addr.arpa" { type master; file "db.rev.my-home-net"; allow-transfer { localhost; }; notify no; }; }; [/opt/etc/named] # cat db.empty ; $FreeBSD: src/etc/namedb/master/empty.db,v 1.1.8.1 2008/11/25 02:59:29 kensmith Exp $ $TTL 3h @ SOA @ nobody.localhost. 42 1d 12h 1w 3h ; Serial, Refresh, Retry, Expire, Neg. cache TTL @ NS @ ; Silence a BIND warning @ A 127.0.0.1 [/opt/etc/named] # cat db.fwd.localhost ; $FreeBSD: src/etc/namedb/master/localhost-forward.db,v 1.1.8.1 2008/11/25 02:59:29 kensmith Exp $ $TTL 3h localhost. SOA localhost. nobody.localhost. 42 1d 12h 1w 3h ; Serial, Refresh, Retry, Expire, Neg. cache TTL NS localhost. A 127.0.0.1 AAAA ::1 [/opt/etc/named] # cat db.rev.localhost ; $FreeBSD: src/etc/namedb/master/localhost-reverse.db,v 1.1.8.1 2008/11/25 02:59:29 kensmith Exp $ $TTL 3h @ SOA localhost. nobody.localhost. 42 1d 12h 1w 3h ; Serial, Refresh, Retry, Expire, Neg. cache TTL NS localhost. 1.0.0 PTR localhost. 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR localhost. [/opt/etc/named] # cat db.fwd.my-home-net ; $ORIGIN my-home.net. $TTL 86400 ; @ IN SOA name.my-home.net. root.name.my-home.net. ( 2009010101 ; serial 10800 ; refresh 3600 ; retry 3600000 ; expire 86400 ) ; minimum IN NS name.my-home.net. IN MX 100 mail.my-home.net. IN A 192.168.0.1 ; localhost IN A 127.0.0.1 loopback IN A 127.0.0.1 ; ; ; Home Server (Root) ; root IN HINFO "QNAP TS-409 NAS" "Linux" IN MX 100 mail IN A 192.168.0.1 intranet IN CNAME root ; [...] ; ; Home Router (Internet) ; gate IN HINFO "Thomson Speedtouch 780" "Unknown" IN MX 100 mail IN A 192.168.0.251 ; [/opt/etc/named] # cat db.rev.my-home-net ; $ORIGIN 168.192.in-addr.arpa. $TTL 86400 ; @ IN SOA name.my-home.net. root.name.my-home.net. ( 2009010101 ; serial 10800 ; refresh 3600 ; retry 3600000 ; expire 86400 ) ; minimum IN NS name.my-home.net. IN MX 100 mail.my-home.net. IN A 192.168.0.1 ; 1.0 IN PTR root.my-home.net. ; [...] ; 251.0 IN PTR gate.my-home.net. ; [/opt/etc/named] # ls -l /var/run/named* -rw-r--r-- 1 admin administ 1626 Jan 3 17:55 /var/run/named.db.arpa.slave -rw-r--r-- 1 admin administ 26005 Jan 3 17:55 /var/run/named.db.in-addr-arpa.slave -rw-r--r-- 1 admin administ 72225 Jan 3 17:55 /var/run/named.db.root.slave -rw-r--r-- 1 admin administ 5 Jan 3 17:55 /var/run/named.pid [/opt/etc/named] # head /var/run/named.db.root.slave $ORIGIN . $TTL 86400 ; 1 day @ IN SOA A.ROOT-SERVERS.NET. NSTLD.VERISIGN-GRS.COM. ( 2009010300 ; serial 1800 ; refresh (30 minutes) 900 ; retry (15 minutes) 604800 ; expire (1 week) 86400 ; minimum (1 day) ) $TTL 518400 ; 6 days

Works for me!

by **tsls** » Mon Jan 12, 2009 8:51 am

Hi there,

I'm still having problems when I query a site I get the following

> google.co.uk
Server: [10.2.10.201]
Address: 10.2.10.201

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.

it would appear that the dns server is blocking me do you know how I can fix this?

by **tsls** » Thu Feb 05, 2009 5:11 am

this is the output from /opt/etc/init.d/S09named status

version: 9.5.0-P2 (version.bind/txt/ch disabled)
number of zones: 91
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/0/1000
tcp clients: 0/100
server is up and running

however dns still doesn't work am i missing something. would be cool if qnap could add this as a feature\opkg pack

by **mgx** » Thu Feb 05, 2009 5:26 am

Are you able to do lookups when you are logged into the qnap box,

e.g. try 'dig @127.0.0.1 google.co.uk' and it should give you a response where the last section has:

;; Query time: 10 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Feb 4 21:23:45 2009
;; MSG SIZE rcvd: 224

Also, my local network is 192.168.* - yours appears to be 10.2.*. You will need to adjust the acl entries to be 10.2.* rather than 192.168.* as I have. The acl entries are a safety factor to prevent anyone outside of your network from making queries to your server - it isn't strictly needed, and exists because this dns config was originally a split horizon config where you could serve up separate dns to internal and external clients, i.e. external through your firewall.

by **mgx** » Thu Feb 05, 2009 5:30 am

btw, an 'rndc stats' will dump out to your stats file, which is /var/tmp/named.stats according to my config, you should see something like this:

Code: Select all: +++ Statistics Dump +++ (1233782934) ++ Incoming Requests ++ 278760 QUERY ++ Incoming Queries ++ 162220 A 3 NS 36 SOA 6661 PTR 109517 AAAA 322 SRV 1 ANY ++ Outgoing Queries ++ ++ Name Server Statistics ++ 278760 IPv4 requests received 3 TCP requests received 276563 responses sent 3 truncated responses sent 216190 queries resulted in successful answer 51546 queries resulted in authoritative answer 224646 queries resulted in non authoritative answer 19889 queries resulted in nxrrset 371 queries resulted in SERVFAIL 40113 queries resulted in NXDOMAIN 158682 queries caused recursion 1971 duplicate queries received 226 queries dropped ++ Zone Maintenance Statistics ++ 4784 IPv4 SOA queries sent 3 IPv4 AXFR requested 184 IPv4 IXFR requested 177 transfer requests succeeded 10 transfer requests failed ++ Resolver Statistics ++ [Common] ++ Cache DB RRsets ++ [View: inside] 2833 A 1240 NS 583 CNAME 16 PTR 33 AAAA 4 RRSIG 3 NSEC 1 !A 228 !AAAA 5 NXDOMAIN [View: _bind] ++ Per Zone Query Statistics ++ --- Statistics Dump --- (1233782934)

by **tsls** » Thu Feb 05, 2009 6:51 am

done it the network was defined wrong.

Okay internally it is now working, the slaves are now also working (and built), what is the best way to open this to the internet?

// named.conf fragment
acl "rndc-users" {
10.2.10/24;
};

acl "inside" {
127/8; 10.2.10.0/24;
};

controls {
// local host - default key
inet 127.0.0.1 allow {localhost;};
inet * port 7766 allow {"rndc-users";} keys {"rndc-key";};
};

QNAP NAS Community Forum

Secondary\Primary BIND DNS Server

Secondary\Primary BIND DNS Server

Re: Secondary\Primary BIND DNS Server

Re: Secondary\Primary BIND DNS Server

Re: Secondary\Primary BIND DNS Server

Re: Secondary\Primary BIND DNS Server

Re: Secondary\Primary BIND DNS Server

Re: Secondary\Primary BIND DNS Server

Re: Secondary\Primary BIND DNS Server

Re: Secondary\Primary BIND DNS Server

Re: Secondary\Primary BIND DNS Server

Who is online