
This is the Title of the Book, eMatter Edition
Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.
djbdns
|
197
Choosing djbdns Services
djbdns is modular by design: you choose and run only the parts you need on a given
system. There are three main servers and one client in djbdns, corresponding to each
of its major functions:
dnscache
A caching (or proxy) nameserver. It has no data of its own but manages a local
DNS cache for local clients such as web browsers. DNS queries from clients are
directed to dnscache; dnscache in turn asks the public root nameservers, follows
the trail to delegated (authoritative) nameservers, gets the results, and caches
these results locally to speed up later queries. It can serve a single machine or a
group. It is never authoritative for a domain. dnscache accepts only recursive
queries.
tinydns
An authoritative (or content) nameserver. It serves information about your
domains to machines on the public Internet. It does not cache and does not
return information about domains for which it has no authority. tinydns answers
iterative queries.
Data integrity By default, zone data is transferred as cleartext,
with comments stripped out. DNSSEC has been
proposed to encrypt the data stream, but it isn’t
really working yet.
Standard rsync and ssh provide secure, incremen-
tal zone transfer of zone data files between
tinydns servers. No special protocols or tools are