~seth-arnold/charms/precise/pdns-recursor/trunk

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
Overview
--------

This charm provides the PowerDNS recursor from the pdns-recursor package.
A DNS recursor will handle DNS requests completely, starting from the
root nameservers to find the .com, .org, .net, etc. nameservers, to
finally querying the authoritative nameservers for a zone.

This is especially useful for ISPs or organizations that want to reduce
DNS queries or provide a recursor that is extremely resilient to DNS
cache poisoning attacks commonly employed against DNS servers that mix
the authoritative and recursive functions into one process.

Usage
-----

To deploy, run

    juju set pdns-recursor allow-from=192.168.0.0/16
    juju set pdns-recursor local-address=192.168.0.2
    juju deploy pdns-recursor

This charm can set the `allow-from`, `local-address`, `local-port`
configuration options. 

Configuration
-------------

This charm only allows setting `allow-from`, `local-address`, and
`local-port`.

- `local-address` -- without a `local-address`, pdns-recursor will bind to
  127.0.0.1, somewhat limiting its utility.

- `local-port` -- without a `local-port`, will bind to port 53. This will
  rarely be used.

- `allow-from` -- without a `allow-from`,  pdns-recursor will allow
  localhost, RFC 1918 networks (and their IPv6 equivalents) to make
  queries. (127.0.0.0/8, 10.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12,
  ::1/128, fe80::/10.)

Future versions are liable to expose the `auth-zones`, `forward-zones`,
and `forward-zones-file` configuration options.

Contact Information
-------------------

Author: Seth Arnold <seth.arnold@canonical.com>
Report bugs at: http://bugs.launchpad.net/charms
Location: http://jujucharms.com