Running a Caching-Only Name Server
One DNS configuration that's common on small networks is a caching-only system. Such a name server is configured to not be authoritative for any domains (except possibly reverse DNS on the localhost network). Instead, the server's sole purpose is to cache external DNS requests . The idea is to provide quicker DNS lookups by maintaining a cache that's local, rather than relying on a remote DNS server. This configuration is particularly likely to improve perceived network speeds in Web browsers and the like when the link to the outside world is slow, such as a satellite-based broadband connection, which must cope with high latencies ”close to half a second for a two-way satellite system. Conventional telephone dial-up links also typically have latencies of around 200 ms, which is not as bad as a satellite setup, but can still produce a noticeable lag on lookups.
It's important to note that a local DNS cache won't improve lookup times if the address being looked up isn't in the local server's cache. Thus, this approach is most useful on a network with a fair number of users who tend to access many of the same sites, thus building up a cache that's likely to be exploited on a substantial fraction of DNS lookups.
A basic configuration for a caching-only name server is similar to that shown in Listing 18.1, but it would be missing most or all of the zone definitions. The only zones you might consider defining are the localhost reverse DNS zone ( 0.0.127.in-addr.arpa ) and the root zone ( . ). Even these zones aren't strictly necessary.
The most important feature of a caching-only BIND configuration is the forwarders and forward entries in the options section. The forwarders entry must list your ISP's DNS servers; BIND will use those systems to do its duties , and cache the results. Rather than forward first , as shown in Listing 18.1, you may want to use forward only . This configuration will cause the server to stop trying to resolve names if the forwarder systems don't respond.
As noted earlier in this chapter, slimmer packages than BIND can function as caching-only name servers, and may be superior choices for this role. Nonetheless, the caching-only BIND configuration is one of the simplest possible for BIND, and because BIND ships with all major distributions, it may be the simplest to set up. If you prefer something slimmer for this role, though, dnscache or pdnsd may be worth investigating.
When you configure a caching-only name server (or a more full-featured local name server), you should specify that system's IP address as the DNS server address for all your network's local computers. If you add a DNS server but fail to change existing local systems' DNS configurations, the local computers will continue to use whatever outside DNS servers they had been using.