Best way to set up DNS caching?

performance proxy dns cache

58,504

Solution 1

Install bind9
Point resolv.conf to 127.0.0.1

To do this follow this steps:

To Install Bind9

Open "Ubuntu Software Center" (Applications->Ubuntu Software Center)
Search for bind9
Check to display "Technical Items"
Mark bind9 and install it

Update /etc/resolv.conf

Open Network Manager (System->Preferences->Network Manager)
Find your connection and edit it (wired or wireless)
Toggle "IPV4 configuration" tab
On "DNS Servers" field write 127.0.0.1

It's done!

To test

Open gnome-terminal (Applications > Accessories > Terminal ) and type

dig ubuntu.com

(if you don't have it, install dnsutils package as explained to bind9)

Check the last answers, as an example:

My first query at ubuntu.com

;; Query time: **209 msec**
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Jan 22 12:20:12 2011
;; MSG SIZE  rcvd: 196

My second query:

;; Query time: **0 msec**
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Jan 22 12:18:23 2011
;; MSG SIZE  rcvd: 156

The server 127.0.0.1 means that you're resolving locally. Take a look in query time (surrounded by **) , the second one is cached.

Solution 2

I would recommend dnsmasq,

See a nice tutorial here; http://embraceubuntu.com/2006/08/02/local-dns-cache-for-faster-browsing/

You may want to read a comparison here;

http://en.wikipedia.org/wiki/Comparison_of_DNS_server_software

Solution 3

I'm using "dnscache" (package "dnscache-run") and it's very simply. No need to configure anything.
It captures the DNS petitions (port 53) and it caches the responses, the next time that Linux ask for that domain, dnscache returns the IP immediately.
Although there are two parameters that can be changed to improve this program:

echo 16000000 > /etc/sv/dnscache/env/CACHESIZE
echo 16777216 > /etc/sv/dnscache/env/DATALIMIT

58,504

Admin

Updated on September 17, 2022

Comments

Admin over 1 year

In order to speed up DNS lookups, I want to install a DNS cache or proxy.

I can see at least three programs I think will do the job: bind9, pdnsd, or dnsmasq.

I would like to make sure that if I install one of I do not leave it poorly configured from a performance or security point of view. So, what would people recommend, and are there any configuration changes I should immediately make after installing?
- Admin over 13 years
  
  For one workstation, right? Or are we talking LAN/ISP?
- Admin over 13 years
  
  Yes, this is to speed up individual workstations, not for a LAN.
BillThor over 13 years

I use dnsmasq for DNS caching. Also supplied local mappings from /etc/hosts and DHCP (optionally using /etc/ethers.)
Robert Siemer over 13 years

Thanks, Igor. I tried this approach and it works well for name lookups, but it does not seem to cache reverse IP address lookups. How would I do this using bind9?
Ashfame about 13 years

This didn't do anything on my setup. Query time is still ~100ms
Admin about 13 years

Thanks Christopher. Can you explain why Google DNS is faster than my local cache? I believe its fast, but how could it be faster to go all the way to their server than to go my local cache?
InuYaksa almost 13 years

Beware Network Manager overwriting your resolv.conf each time it starts.
Admin almost 13 years

Because chances are very good that it already has the answer without having to look it up again.
Admin over 12 years

@Christopher: But once your local cache has it, the lookups are instant. If you use Google DNS you have to wait 80 ms every single time you do a query.
Admin over 12 years

@Zan Lynx Yeah.. so make your local cache ask Google. Woo-hoo!
Admin about 12 years

@Christopher I don't understand, seems to have missed the point. If you say Google DNS will be faster than our local cache, then why setup any of this at the first place? Just using Google DNS should be fine, no? Although my belief is local cached entries will be faster than Google DNS or any other.
Admin about 12 years

@Ashfame I was basically just answering the question while noting that there are already great caches available (Google or OpenDNS). Google or OpenDNS will be faster almost all of the time on the first query (the query not already in a local cache); queries that have already been cached locally will always be faster. But, the local speed difference is only measurable, and not perceptible to users. So, yes, the very easy way to provide name resolution locally is to just use Google or OpenDNS. Their answers are almost always already cached.
thomasrutter over 11 years

Both of you: if it doesn't seem to work, check what server dig says it got the answer from. If it doesn't say 127.0.0.1, then you haven't set it up properly. Note: The instructions for setting resolv.conf may be different for different versions of Ubuntu.
Admin over 11 years

@Christopher, the other Google DNS is 8.8.4.4, not 4.4.4.4 (unless it has changed at some stage?)
Admin over 11 years

@neon_overload Oh, wow! Maybe so, but it was a typo to start! Thank you. Fixed thanks to you.
Admin almost 11 years

Although @user8290 has a point, I wouldn't say using GoogleDNS is faster than a local one. Yeah, google has the results cached, but come on - if your international speed sucks, it doesn't matter even if Google had all the DNS results in the world. Local networks usually have 100mbps+ so asking the your local network dns server for an answer will be at least 10 times faster than asking 8.8.8.8/8.8.4.4 (depending on your international speed). Of course this is in terms you have the result cached on your DNS server.
Admin about 10 years

Or, get the benefits of both worlds by simply adding to your bind9 options clause: forwarders { 8.8.8.8; 8.8.4.4; }; forward only;
Admin about 10 years

Downvoted. A non-local cache will never be as fast as a local one, notwithstanding the amount of records each cache stores. Of course, using BOTH a local and a remote cache will improve lookup performance.
B. Shea about 7 years

So you are running a caching nameserver on gui box? Yes, it's possible of course.. More than likely most ppl reading this will have a server install - and the GUI is optional. A simple sudo apt install bind9 and sudo nano /etc/resolv.conf should be added to your answer as alternatives.
Satya Prakash almost 7 years

I did everything but the setup is not working. I did resolv.conf to 127.0.0.1 at last. Can this fail it? dig ubunut.com says "connection timed out; no servers could be reached"
Satya Prakash almost 7 years

$ gksudo gedit /etc/default/bind9 I changed RESOLVCONF=no to yes. and $/etc/init.d/bind9 restart Above two lines made it work.
Satya Prakash almost 7 years

Now dig is working but please show me where is those local DNS entry for each host? For my satisfaction. Seeing is believing. I Google failed.
Admin almost 5 years

An alternative that you should look at is cloudflares opendns. 1.1.1.1/dns Cloudflare already serves like 50% of the worlds DNS. So there opens dns servers will be even faster.