~alpine/devel

3 3

Re: [alpine-devel] how do I get axfrdns (djbdns) going in Alpine?

Details
Message ID
<91FB85D6D06D447EACD6081220834F24@markseymour>
Sender timestamp
1258236838
DKIM signature
missing
Download raw message
On Saturday, November 14, 2009 "Timo Teräs" timo.teras@iki.fi wrote:
>
> I have axfrdns running on an Alpine 1.8 based box. It uses tcpserver from
> ucspi-tcp package. I attached the init.d script I'm using. Something like
> this should be added to djbdns package.
>

Thanks to Timo for the reply and for the init.d script.  I guess I will grab the
1.8.3 iso,  and use it for now as 1.9.1 iso does not have ucspi-tcp.

In order to control which slaves are allowed, where do you put your
    '<slaveIP>:allow,AXFR="<allowedAXFRDomain>"'
entries which, under Bernstein's regime, go in a file that normally lives
at /etc/axfrdns/tcp ?

Although I see that the axfrdns-conf program exists in the djbdns apk,
I assume that I should not use it to set up axfrdns, as multilog  is not 
available
since there is no daemontools package.

Seems  'lbu ci usb' does not retain changes made in /etc/init.d, so I should add
a reference to the axfr start script in  /etc/lbu/include , correct?

Any chance someone would package up daemontools for Alpine and just
allow this to be set up the way that DJB intends, including svc, svscan,
multilog, etc?  (Is there a strong reason not to do this?)

Thanks,

-Mark


> MarkSeymour@GuildAssociates.com wrote:
>> Hello alpine-devel's, and thank you for Alpine Linux!  I am a longtime
>> user of LEAF and its predecessor LRP, so I was excited to find Alpine,
>> as I've wanted to get away from floppy disk storage of configs for a
>> long time now.
>>
>> I have Shorewall configured to my liking, as well as Tinydns, but now I
>> want to be able to provide axfr responses to non - djb slave dns
>> servers, and I would like to log queries.  I have not found any
>> documentation on how to do this with Alpine.  Any help would be greatly
>> appreciated.
>>
>> I have added the package djbdns-1.05-r32, which contains axfrdns, but I
>> don't know where to go from there.  Do I follow the Bernstein
>> instructions at http://cr.yp.to/djbdns/axfrdns-conf.html , including
>> creating 'acct' and 'logacct'?  I assume not, since I don't see a
>> daemontools package available to give me multilog.  I'd be happy to rtfm
>> if I could find the fm ;)
>>
>> Alternatively, I'll consider using BIND since you have it available....



---
Unsubscribe:  alpine-devel+unsubscribe@lists.alpinelinux.org
Help:         alpine-devel+help@lists.alpinelinux.org
---

Re: [alpine-devel] how do I get axfrdns (djbdns) going in Alpine?

Nathan Angelacos <nangel@nothome.org>
Details
Message ID
<4AFF96CC.6070502@nothome.org>
In-Reply-To
<91FB85D6D06D447EACD6081220834F24@markseymour> (view parent)
Sender timestamp
1258264268
DKIM signature
missing
Download raw message
Mark,

Thanks for your kind words and interest in AlpineLinux.


MarkSeymour@GuildAssociates.com wrote:
> On Saturday, November 14, 2009 "Timo Teräs" timo.teras@iki.fi wrote:
>>
>> I have axfrdns running on an Alpine 1.8 based box. It uses tcpserver from
>> ucspi-tcp package. I attached the init.d script I'm using. Something like
>> this should be added to djbdns package.
>>
> 
> Thanks to Timo for the reply and for the init.d script.  I guess I will 
> grab the
> 1.8.3 iso,  and use it for now as 1.9.1 iso does not have ucspi-tcp.

Yeah.  ucspi-tcp was in 1.8.3  I've gone ahead and made a feature 
request in your behalf:

http://redmine.alpinelinux.org/issues/show/206

Generally these things take a few days to happen, so if you can wait a 
few days, I'd recommend waiting.  1.9.x is /much/ better than 1.8.x, in 
a number of ways.

Going back is kinda like driving a BMW M3 and then moving to a Toyota 
corolla.  It will work... but...

FWIW, 1.9 packages have been more along the lines of "who actually asks 
for XXX than 'hey ... XXX is cool, let's add it"  Since you have asked 
for it, that tells us there's a need.

> 
> In order to control which slaves are allowed, where do you put your
>    '<slaveIP>:allow,AXFR="<allowedAXFRDomain>"'
> entries which, under Bernstein's regime, go in a file that normally lives
> at /etc/axfrdns/tcp ?
> 
> Although I see that the axfrdns-conf program exists in the djbdns apk,
> I assume that I should not use it to set up axfrdns, as multilog  is not 
> available
> since there is no daemontools package.

Daemontools is a  good idea, especially for multilog; here's that 
feature request:

http://redmine.alpinelinux.org/issues/show/205

I run tinydns / dnscache on multiple production domains, having logging 
*would* be handy :-)

> 
> Seems  'lbu ci usb' does not retain changes made in /etc/init.d, so I 
> should add
> a reference to the axfr start script in  /etc/lbu/include , correct?

Try, and let us know if it works.

I believe you stumbled into a "feature" of the 1.9 lbu.   its about 100x 
faster than 1.8, but currently doesn't back up certain files under 
special circumstances.  This might be one of them.

If so, it needs to be fixed.

> 
> Any chance someone would package up daemontools for Alpine and just
> allow this to be set up the way that DJB intends, including svc, svscan,
> multilog, etc?  (Is there a strong reason not to do this?)
> 

Yeah, we'll try to get daemontools packaged.  That way you can use it 
the way DJB intends.

As far as reasons not to... I'm sure you've run into it before... 
everything is /etc/init.d/[service] start|stop *except* djb stuff.  I've 
never gotten used to that.

Alpine 1.8 uses scripts in /etc/rc.d;  1.9 uses open-rc [rc-service 
dnscache start].  Just to keep my sanity, I'd rather spend the time to 
write a service script for you (and the distro) than remember "djb stuff 
is different"

YMMV






---
Unsubscribe:  alpine-devel+unsubscribe@lists.alpinelinux.org
Help:         alpine-devel+help@lists.alpinelinux.org
---

Re: [alpine-devel] how do I get axfrdns (djbdns) going in Alpine?

Details
Message ID
<20091115160410.179713dr4r7mzys0@mail3.guildassociates.com>
In-Reply-To
<4AFF96CC.6070502@nothome.org> (view parent)
Sender timestamp
1258319050
DKIM signature
missing
Download raw message
Quoting Nathan Angelacos <nangel@nothome.org>:

>
> Yeah.  ucspi-tcp was in 1.8.3  I've gone ahead and made a feature  
> request in your behalf....

Thanks for entering the feature requests for ucspi-tcp and daemontools.

> ...if you can wait a few days, I'd recommend waiting.  1.9.x is  
> /much/ better than 1.8.x, in a number of ways.
>
> Going back is kinda like driving a BMW M3 and then moving to a  
> Toyota corolla.

Ok, I'll wait a bit for 1.9.x packages.
>
>>
>> In order to control which slaves are allowed, where do you put your
>>   '<slaveIP>:allow,AXFR="<allowedAXFRDomain>"'
>> entries which, under Bernstein's regime, go in a file that normally lives
>> at /etc/axfrdns/tcp ?

Perhaps Timo will answer this for me.

>
> Yeah, we'll try to get daemontools packaged.  That way you can use  
> it the way DJB intends.
>
> ...1.9 uses open-rc [rc-service dnscache start].  Just to keep my  
> sanity, I'd rather spend the time to write a service script for you  
> (and the distro) than remember "djb stuff is different"
>

I'm not married to the idea of doing this the DJB way (although I love  
his simple, straightforward documentation).  Open-rc sounds perfectly  
fine to me, as long as there are good instructions that allow a novice  
user to just follow and make it happen.  The helpful FAQ's/Howto's are  
what has allowed me to run a fairly sophisticated network with  
LRP/LEAF for over a decade, while having a fairly limited knowledge of  
Linux.  I'm really excited about Alpine now, as a modern replacement!   
I am willing to learn, and perhaps there will be a way for me to  
contribute to the process in the future.

-Mark




---
Unsubscribe:  alpine-devel+unsubscribe@lists.alpinelinux.org
Help:         alpine-devel+help@lists.alpinelinux.org
---

Re: [alpine-devel] how do I get axfrdns (djbdns) going in Alpine?

Details
Message ID
<1258442082.18610.0.camel@ncopa-desktop.nor.wtbts.net>
In-Reply-To
<4AFF96CC.6070502@nothome.org> (view parent)
Sender timestamp
1258442082
DKIM signature
missing
Download raw message
On Sat, 2009-11-14 at 21:51 -0800, Nathan Angelacos wrote:

> 
> Going back is kinda like driving a BMW M3 and then moving to a Toyota 
> corolla.  It will work... but...

I drive corolla you insensitive clod! :)

-nc



---
Unsubscribe:  alpine-devel+unsubscribe@lists.alpinelinux.org
Help:         alpine-devel+help@lists.alpinelinux.org
---
Reply to thread Export thread (mbox)