pdnsd is an alternative DNS to bind9. The difference is that while bind releases its cached domain resolutions on restart, pdnsd implements a persistent cache 1) by storing previous resolutions to a file on disk.
This tutorial is a short guide on how to make pdnsd a forwarder for bind so that all the requests going through bind will first query pdnsd. The performance benefits are minor for a small datacentre but they increase given a fair amount of clients since previously resolved queries will not have to be resolved again and can be fed to the clients from cache.
The problem with bind working together with pdnsd is that bind listens on an IP address and on the 53 port. It has no option to set a forwarder port, and you can only specify an IP address. In order to make bind and pdnsd work together, we are going to make pdnsd listen on a different loopback address, such as 127.0.0.2 instead of 127.0.0.1 so it will not conflict with bind.
To do that, we edit /etc/pdnsd.conf and change the server_ip variable:
server_ip = 127.0.0.2;
Since we are still here, we can add under the global settings:
neg_rrs_pol=on; par_queries=1;
and under the server settings:
proxy_only=on; purge_cache=off;
The options are explained as follows:
neg_rrs_pol=on; means that when a negative response comes back for a query, pdnsd will still cache the result even if the response is not authoritative. Many queries such as IPv6 based ones, MX records may return negative results and the default behavior would be to query the upstream DNS servers for them again. This options caches the negative response so that the next query will not trigger a new query.par_queries=1; roughly means parallel queries and it is useful in case you have more than one upstream DNS server configured in the pdnsd configuration file (pdnsd.conf). It specifies the amount of parallel requests to make to the configured servers.proxy_only=on; is used for broadband users where only one or two DNS servers are used and it avoids the full-blown hierarchical name resolution that a DNS server would do. Setting this option to on will prevent pdnsd from resolving all the way back to the authoritative name server and instead accept results from the DNS servers that are specified in the pdnsd configuration file.purge_cache=off; simply means to not remove cache entries even if they have outlived the TTL.In the global section we can also specify something like:
min_ttl=15m; // Retain cached entries at least 15 minutes.
max_ttl=1w; // One week.
timeout=10; // Global timeout option (10 seconds).
In order to hold records for a longer time in cache.
Next, we configure pdnsd as a forwarder in the bind configuration. We load up either /etc/named.conf or /etc/bind/named.conf.options under Debian and add pdnsd as a forwarder:
forward first;
forwarders {
127.0.0.2;
};
Upon the next restart, bind should query pdnsd first.