After my initial announcement of a PHP DNS Daemon, and some performance tests, and since it has been widely reported over internet (Zend DevZone, and today on Nexen which is deeply involved with French php community), I finally found the strength to write a guide on “how to get started with DNSd”.
Basically, you’ll need subversion, gcc, make and most prerequisites for PHP (ICU, etc). This supposed you already have some knowledge in system administration.
The first step will be to fetch the latest SVN code somewhere in your Linux box (I usually put that in /usr/local).
$ cd /usr/local $ svn co http://ookoo.org/svn/pinetd2/trunk pinetd2 (checkout lines) $ cd pinetd2/php $ ./do_php.sh (will download & compile PHP 5.3.0, and maybe complain about missing stuff, just install whatever is missing, if you need help, post the last error lines here or contact me) $ cd .. $ ./start.sh Please edit config.xml and remove the line containing this text
Arrived at this point, a file config.xml has been created and needs to be edited. I added comments inside it to help you. You’ll need to do a few things:
- Remove the <RemoveMe> tag, and edit the <Name> tag to include your machine’s name.
- Change the storage engine to use SQLite3. PInetd’s MySQL driver is not compatible yet with DNSd. You can copy the line from the example, but remember that if your zone file is in /tmp, it might get erased at startup (depends on your linux distribution).
- There is an empty <DNSd> tag, fill it with the second choice in the comment (the <PeersArray> one). Change the Signature, peer name, etc to fit your needs for the Type=”control” line : this is the definition of “who will be able to create/remove records on this DNS server”.
- At the end of the file, remove all processes that do not have Daemon=”DNSd”. There sould only be 3 remaining processes.
If you are not root, set PortOffset to an arbitrary value greater than 1024, like for example 10000.
Once you’ve reached this point, you should be ready to go. Try starting the daemon.
[2009-02-19 10:10:33:30945] DEBUG: pinetd v2.0.0alpha running on... [2009-02-19 10:10:33:30945] WARN: SUID security level is defined... [2009-02-19 10:10:33:30945] WARN: Warning: Chroot security level... [2009-02-19 10:10:33:30945] DEBUG: My name: localhost [2009-02-19 10:10:33:30947] INFO: Loading Daemon\DNSd\UDP on port 10053, bound to ip 127.0.0.1 [2009-02-19 10:10:33:30948] INFO: Loading Daemon\DNSd\TCP on port 10053, bound to ip 127.0.0.1 [2009-02-19 10:10:33:30949] INFO: Loading process Daemon\DNSd\Process
As you can see, I am not root, so PInetd will complain about the impossibility of chroot()ing or setuid()ing, however it’s just for testing, so we don’t really care.
At this point, if you configured the DNS daemon like me with a PortOffset of 10000, with a peer named “MyPeer” and a secret of “qwerty”, running “dnsd_test.php” in the “test” directory will create an “example.com” domain.
$ php dnsd_test.php Connected to localhost
Now, you can test it:
$ dig +short -p10053 @localhost example.com 127.0.0.1
Of course the PHP DNS Daemon is not completed yet (fixed a potential denial of service yesterday) and probably still have many bugs, so I strongly advice against using it on any production system yet.
Yes, I am using it for this blog, and for another ~200 domains, to find bugs and make the solution more stable, however if you wish to contribute by testing on a production system too, make sure you are ready to have all your websites becoming down and your server taking fire.
The next step for you is to look in test directory at the “dnsd_test.php” script, and make your own pages using DNSd. You do not need to use PHP 5.3.0 to use this class, so you can basically use it anywhere. PHP 5.3.0 is only required for the DNS daemon itself.
If you have any question, feel free to leave a comment, I’ll try to complete this article as problems are raised by people who use this.