Is it wrong to love a nameserver?

djbdns is Bernstein's solution for DNS, the Domain Name System. DNS is the big distributed phone book of the Internet. It's what your browser and email software use to get from human readable names like www.thedjbway.org to computer readable numbers like "216.104.202.70".

The djbdns design is modular. Bernstein has broken down the principle nameserver functions into discrete components:

• dnscache: the resolver, performs lookups for DNS data
• tinydns: the publisher, provides DNS data

Whenever your web browser or other network application needs to translate some host.domain into an IP address, it contacts a resolver to do the job. The resolver is a server designed for this purpose, and is reachable as specified in /etc/resolv.conf.

The resolver then goes out on the network, behind the scenes, making recursive queries among DNS publishers for an authoritative response. When the resolver gets an answer it likes, it returns the data to the application.

The publisher, on the other hand, is what makes the DNS data for a specific domain available to such queries.

The process could be sketched like this:

application
  \
   \
   resolver
         \
          \
          publisher

Both the resolver and publisher are servers. The resolver serves requests from applications; the publisher, in turn, serves requests from resolvers. The equivalent components in the djbdns package can be shown as:

dnsip
  \
   \
   dnscache
         \
          \
          tinydns

Here dnsip is a djbdns command-line application, requesting the IP address for a given hostname. dnscache is the resolver, responding to dnsip's query. dnscache looks for a publisher with the authority to provide the information, and eventually finds a tinydns with the answer. The information is passed back from tinydns to dnscache, and from dnscache back to the application.

As the resolver in this scheme of things, dnscache also provides an extra measure of efficiency: it "remembers" the answers it gets from publishers for future reference. dnscache first tries to resolve requests from what it already knows, rather than repeating searches among publishers across the Internet.

Every computer on a network will need a resolver of one form or another. Some use resolvers installed on themselves (a "local" dnscache), others use resolvers installed on other servers (an "external" dnscache).

In contrast, only a couple publishers will be set up for all the computers in an entire domain. In many cases, in fact, a tinydns publisher may be set up to publish data for several domains.

With djbdns, then, just pick the servers you need to do the jobs you want. Use dnscache to setup resolvers for network applications. Use tinydns when you need to publish DNS information about the domains you are responsible for.

The djbdns package is our favorite piece of djb software. All the virtues of what we consider the djb way come together here: concise design, purpose-specific componetry, cut-to-the-core utility. If you find yourself struggling with brand "B", and need a nameserver that will get the job done reliably, securely, hassle-free and right now, djbdns will be both a relief and a joy.

Is it wrong to love a nameserver? It is very, very weird.