TUTORIAL Caching DNS Server Avoids Outages When the Internet Dies

wardmundy

Nerd Uno
Joined
Oct 12, 2007
Messages
19,170
Reaction score
5,199
When your Internet connection croaks, Asterisk extensions on a LAN also die if you happen to have one or more SIP or IAX trunks specified with FQDNs for the providers.

Here's how to install a caching DNS server on your PIAF system and avoid the problem.

NOTE: I'm doing this from memory because of lost data from The Great Crash. So, by all means, chime in if I've missed something.

Code:
yum -y install caching-nameserver bind-utils
chkconfig --level 345 named on
echo " " >> /etc/dhcp/dhclient-eth0.conf
echo "prepend domain-name-servers 127.0.0.1;" >> /etc/dhcp/dhclient-eth0.conf
service named restart
rndc-confgen -a -r /dev/urandom
service network restart

You now should find an additional entry at the top of /etc/resolv.conf for 127.0.0.1. If not, add it and protect it from modifications with chattr +i /etc/resolv.conf:
Code:
; generated by /sbin/dhclient-script
nameserver 127.0.0.1
nameserver 192.168.0.1

If you dig pbxinaflash.com a couple of times, you will notice a marked improvement in DNS response times on the second try. This confirms that your caching server is working.

IMPORTANT: Do NOT restart your server during an Internet outage, or you will wipe out your DNS cache! Be sure to set the primary DNS entry on each of your phones to the IP address of your PIAF server. It's also a good idea to ping each of your providers or restart Asterisk to make certain their entries are in the cache before the Internet dies. :ack2:
 
Last edited:

The Deacon

Guru
Joined
Jan 29, 2008
Messages
296
Reaction score
14
It worked with one caveat - after it restarted named, it got stuck on generating the /etc/rndc.key

To fix that, I aborted out and ran this:
Code:
rndc-confgen -a -r /dev/urandom
and then service network restart worked fine.
 

wardmundy

Nerd Uno
Joined
Oct 12, 2007
Messages
19,170
Reaction score
5,199
Mine took a good long while but finally succeeded. Probably had to wait for an OK from the NSA. :ciappa:

But thanks for the tip! I've updated the tutorial.
 
Last edited:

Huckda

Guru
Joined
May 28, 2013
Messages
143
Reaction score
27
just installed and added The Deacon's tip before restart'n and it was instant...

Thanks Ward and The Deacon!
 

jerrm

Guru
Joined
Sep 23, 2015
Messages
838
Reaction score
405
I've always added dnsmasq for essentially the same effect. Also, dnsmasq can serve as read only t*f*t*p server. Easier setup and fewer potential config missteps than tftpd.
 
Last edited:

Members online

Forum statistics

Threads
25,782
Messages
167,514
Members
19,203
Latest member
frapu
Get 3CX - Absolutely Free!

Link up your team and customers Phone System Live Chat Video Conferencing

Hosted or Self-managed. Up to 10 users free forever. No credit card. Try risk free.

3CX
A 3CX Account with that email already exists. You will be redirected to the Customer Portal to sign in or reset your password if you've forgotten it.
Top