Windowsでは名前解決したアドレスはローカルキャッシュに残っているが、
Linuxではローカルキャッシュに残って無いので場合によっては、
名前解決の処理やネットワークの負荷を軽減する為にLinuxでも利用した方が良い場合がある。
但し、便利な反面ローカルにキャッシュが残っている事を認識してないと問題解決に
時間がかかる場合があるので、運用者は常に認識しておいた方が良いかと。

DNSMASQのインストール

[root@HOME001 htop-0.8.3]# yum install dnsmasq
Loaded plugins: fastestmirror, security
Loading mirror speeds from cached hostfile
 * base: ftp.iij.ad.jp
 * extras: ftp.iij.ad.jp
 * updates: ftp.iij.ad.jp
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package dnsmasq.i686 0:2.48-6.el6 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

========================================================================================================================================================================
 Package                                  Arch                                  Version                                     Repository                             Size
========================================================================================================================================================================
Installing:
 dnsmasq                                  i686                                  2.48-6.el6                                  base                                  144 k

Transaction Summary
========================================================================================================================================================================
Install       1 Package(s)

Total download size: 144 k
Installed size: 281 k
Is this ok [y/N]: y
Downloading Packages:
dnsmasq-2.48-6.el6.i686.rpm                                                                                                                      | 144 kB     00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : dnsmasq-2.48-6.el6.i686                                                                                                                              1/1
  Verifying  : dnsmasq-2.48-6.el6.i686                                                                                                                              1/1

Installed:
  dnsmasq.i686 0:2.48-6.el6

Complete!
[root@HOME001 htop-0.8.3]# /sbin/chkconfig --list dnsmasq
dnsmasq         0:off   1:off   2:off   3:off   4:off   5:off   6:off
[root@HOME001 htop-0.8.3]#

自動起動する場合は、chkconfigにて自動起動設定して下さい。

ローカルからDNSを利用出来るように設定ファイルの編集
/etc/dnsmasq.conf

 [root@HOME001 htop-0.8.3]# cat /etc/dnsmasq.conf | grep "127.0.0.1" | egrep -i -v ^#
 listen-address=127.0.0.1
 [root@HOME001 htop-0.8.3]#

1

/etc/resolv.conf

 [root@HOME001 htop-0.8.3]# cat /etc/resolv.conf | grep "127.0.0.1" | egrep -i -v ^#
 nameserver 127.0.0.1
 [root@HOME001 htop-0.8.3]#

resolv

サービスの再起動

[root@HOME001 htop-0.8.3]# /etc/init.d/dnsmasq restart
Shutting down dnsmasq:                                     [  OK  ]
Starting dnsmasq:                                          [  OK  ]
[root@HOME001 htop-0.8.3]# 

dnsmasq

ローカルで名前解決が出来るか確認

[root@HOME001 htop-0.8.3]# dig @127.0.0.1 kakaku.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 <<>> @127.0.0.1 kakaku.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37234
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;kakaku.com.                    IN      A

;; ANSWER SECTION:
kakaku.com.             411     IN      A       210.129.151.129

;; Query time: 9 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sun Dec 30 13:53:28 2012
;; MSG SIZE  rcvd: 44

&#91;root@HOME001 htop-0.8.3&#93;# 
&#91;/SHELL&#93;

<a href="http://variable.jp/2012/12/30/linux%e3%81%ab%e3%81%8a%e3%81%91%e3%82%8bdns-cache/dig/" rel="attachment wp-att-2450"><img src="http://variable.jp/wp-content/uploads/2012/12/dig.jpg" alt="dig" width="624" height="351" /></a>

<a href="http://variable.jp/2012/12/30/linux%e3%81%ab%e3%81%8a%e3%81%91%e3%82%8bdns-cache/dig-grep/" rel="attachment wp-att-2452"><img src="http://variable.jp/wp-content/uploads/2012/12/dig-grep.jpg" alt="dig-grep" width="442" height="80" /></a>

<strong>ローカルキャッシュのリフレッシュ</strong>
[SHELL]
[root@HOME001 htop-0.8.3]# /etc/init.d/dnsmasq force-reload
Shutting down dnsmasq:                                     [  OK  ]
Starting dnsmasq:                                          [  OK  ]
[root@HOME001 htop-0.8.3]#

force-reload

参考

Dnsmasq

いろいろなキャッシュ:dnsmasq, cache proxy

dnsmasqで簡易DNSサーバ


DNSクライアントにて指定するDNS設定と挙動について(/etc/resolv.conf)
1/3のDNSのうち一台でも稼動していれば、2~3秒程度で名前解決が出来る。
DNSの指定してない場合は、18秒程度で名前解決出来ないエラーが返ってくる。

[root@HOME001 usr]# man resolv.conf
RESOLV.CONF(5)             Linux Programmer’s Manual            RESOLV.CONF(5)

NAME
       resolv.conf - resolver configuration file

SYNOPSIS
       /etc/resolv.conf

nameserver Name server IP address
Internet address (in dot notation) of a name server that the resolver should
query. Up to MAXNS (currently 3, see ) name servers may be listed,
one per keyword. If there are multiple servers, the resolver library queries
them in the order listed. If no nameserver entries are present, the default is
to use the name server on the local machine. (The algorithm used is to try a
name server, and if the query times out, try the next, until out of name
servers, then repeat trying all the name servers until a maximum number of
retries are made.)

options
Options allows certain internal resolver variables to be modified.
The syntax is options option …
where option is one of the following:
debug sets RES_DEBUG in _res.options.

ndots:n
sets a threshold for the number of dots which must appear in a name given
to res_query(3) (see resolver(3)) before an initial absolute query will
be made. The default for n is 1, meaning that if there are any dots in a
name, the name will be tried first as an absolute name before any search
list elements are appended to it. The maximum value for this option is
silently capped to 15.

timeout:n
sets the amount of time the resolver will wait for a response from a
remote name server before retrying the query via a different name server.
Measured in seconds, the default is RES_TIMEOUT (currently 5, see
). The maximum value for this option is silently capped to 30.

attempts:n
sets the number of times the resolver will send a query to its name
servers before giving up and returning an error to the calling applica-
tion. The default is RES_DFLRETRY (currently 2, see ). The
maximum value for this option is silently capped to 5.

rotate sets RES_ROTATE in _res.options, which causes round robin selection of
nameservers from among those listed. This has the effect of spreading
the query load among all listed servers, rather than having all clients
try the first listed server first every time.

man

■通常時の名前解決にかかる時間

[root@HOME001 ~]# time dig yahoo.co.jp

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 <<>> yahoo.co.jp
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43654
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;yahoo.co.jp.                   IN      A

;; ANSWER SECTION:
yahoo.co.jp.            138     IN      A       124.83.187.140
yahoo.co.jp.            138     IN      A       203.216.243.240

;; Query time: 8 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Fri Dec 28 11:18:20 2012
;; MSG SIZE  rcvd: 61


real    0m0.019s
user    0m0.005s
sys     0m0.005s
&#91;/SHELL&#93;

<strong>■DNSの最初のエントリーにダミーDNSを設定</strong>
→ 約1秒で2nd DNSにて名前解決を実行する。
[SHELL]
[root@HOME001 ~]# time dig yahoo.co.jp

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 <<>> yahoo.co.jp
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9092
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;yahoo.co.jp.                   IN      A

;; ANSWER SECTION:
yahoo.co.jp.            80      IN      A       124.83.187.140
yahoo.co.jp.            80      IN      A       203.216.243.240

;; Query time: 10 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Fri Dec 28 11:19:18 2012
;; MSG SIZE  rcvd: 61


real    0m1.021s
user    0m0.005s
sys     0m0.004s
&#91;/SHELL&#93;

<strong>■DNSの最初と2番目のエントリーにダミーDNSを設定</strong>
→ 約2秒で3rd DNSにて名前解決を実行する。
[SHELL]
[root@HOME001 ~]# time dig yahoo.co.jp

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 <<>> yahoo.co.jp
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63958
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;yahoo.co.jp.                   IN      A

;; ANSWER SECTION:
yahoo.co.jp.            14      IN      A       124.83.187.140
yahoo.co.jp.            14      IN      A       203.216.243.240

;; Query time: 9 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Fri Dec 28 11:20:24 2012
;; MSG SIZE  rcvd: 61


real    0m2.021s
user    0m0.005s
sys     0m0.007s
&#91;/SHELL&#93; 


<strong>■3つ共に利用出来ないDNSを設定した場合</strong>
→ 約20秒に名前解決出来ないエラーを返す。
[SHELL]
[root@HOME001 ~]# time dig yahoo.co.jp

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 <<>> yahoo.co.jp
;; global options: +cmd
;; connection timed out; no servers could be reached

real    0m21.014s
user    0m0.008s
sys     0m0.005s

■2つ利用出来ないDNSを設定した場合
それ以外のDNSの指定無し。
→ 約18秒に名前解決出来ないエラーを返す。

[root@HOME001 ~]# time dig yahoo.co.jp

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 <<>> yahoo.co.jp
;; global options: +cmd
;; connection timed out; no servers could be reached

real    0m18.012s
user    0m0.005s
sys     0m0.005s

■1つ利用出来ないDNSを設定した場合
それ以外のDNSの指定無し。
→ 約15秒に名前解決出来ないエラーを返す。

[root@HOME001 ~]# time dig yahoo.co.jp

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 <<>> yahoo.co.jp
;; global options: +cmd
;; connection timed out; no servers could be reached

real    0m15.013s
user    0m0.008s
sys     0m0.004s

■resolv.cnfにDNSを追加してない場合
→ 約18秒に名前解決出来ないエラーを返す。

[root@HOME001 ~]# time dig yahoo.co.jp

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 <<>> yahoo.co.jp
;; global options: +cmd
;; connection timed out; no servers could be reached

real    0m18.014s
user    0m0.006s
sys     0m0.006s

■最後(3番目)のDNSのみ有効なDNSを設定した場合
→ 約2秒後に正常に稼動しているDNSサーバーで名前解決を行う


[root@HOME001 ~]# time dig yahoo.co.jp

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 <<>> yahoo.co.jp
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56911 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;yahoo.co.jp. IN A ;; ANSWER SECTION: yahoo.co.jp. 157 IN A 203.216.243.240 yahoo.co.jp. 157 IN A 124.83.187.140 ;; Query time: 8 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Fri Dec 28 11:43:19 2012 ;; MSG SIZE rcvd: 61 real 0m2.019s user 0m0.004s sys 0m0.005s [/SHELL] 1つでも有効なDNSの設定があれば名前解決は2~3秒で完了
192.168.1.1と192.168.1.2はダミーDNS
last_entry

その他、OPTIONを指定した場合の挙動メモ
OPTIONSの指定のみでDNSを指定しない場合のタイムアウト
other

OPTIONSの指定して有効なDNSを指定しない場合のタイムアウト
other2

OPTIONSの指定して有効なDNSを2番目に指定した場合
other3

参考
http://www.opensource.apple.com/source/libresolv/libresolv-25.0.2/resolv.h
http://research.microsoft.com/en-us/um/redmond/projects/invisible/include/net/dns/resolv.h.htm