ext-DnsD works as a caching forward dns server for a network, passing all requests to child process, called resolvers, to know how to handle them. The basic working diagram is show as follow:
As the diagrama shows, the server implements all DNS protocol required to handle incoming requests, asking the child what to do on each case, to then reply to the dns client with the value request either because it was reject, rewritten or the particular value reported by the external server.
This diagram doesn't reflect other details like how ext-DnsD caches or how it handle bad requests (blacklisting dns clients), but it shows the basic concept to understand how a child resolver works.
By default, ext-DnsD configuration is found at /etc/ext-dnsd.conf, but can also be located under a different location using –config flag (-c short option). That configuration has the following form:
<ext-dns-server> <!-- -*- nxml -*- --> <!-- Addresses where the server will listen for DNS requests. By default all address are used on the standard port. The proto declaration defines which protocol is enabled on that listen address. --> <listen proto="udp" value="127.0.0.1:53" /> <!--
--> <!-- Which DNS server will be used by ext-dnsd to resolve requests received. You can configure the following values: - ip addresses like: 220.127.116.11 - use resolv.conf to guess address like: resolveconf --> <relay-dns-server value="18.104.22.168" /> <!-- Path to the application that will be called by ext-dns to notify various events while doing DNS resolution. The application working as a child has to accept from the stdin notifications due by the server, and in return the application may be required to report what to do. --> <!-- --> <!-- Number of childs to create for operation. value: number of childs to create to resolve queries command-timeout: command timeout in seconds. Beyond that, the child is killed and the ext-dns server reports DNS unknown error. If nothing is configured, 15 will be used by default. You can disable it by configuring "disable" as value. --> <child-number command-timeout="15" value="10" /> <!-- By default, should ext-dnsd server to resolve names found from /etc/hosts --> <resolve-from-etc-hosts value="yes" /> <!-- What to do when a failure (wrong signal) is received. By default is to hold the process to debug it. Allowed values - hold : hold the process - abort : terminate the process - continue : continue normal processing If nothing is configured, hold is assumed. --> <failure-action value="hold" /> </ext-dns-server>
As we see, ext-DnsD configuration is pretty straightforward. It's got a sections to declare what is the DNS server we will use to forward request (as requested by child resolvers), the location of the child resolver script, how many childs to create and other easy to see settings.
After successfully starting ext-Dnsd server, you can check its stats by reading the file located at /var/run/ext-dns.status as follows. It will give you lots of useful information about server status:
A child resolver must be essentially a loop that receives on the standard input a single line when the ext-DnsD wants to ask something, and in turn the child resolver reports one or more lines.
Child resolver receives (note the use of \n to signify the carry return):
Full source code for this child resolver can be found at: https://dolphin.aspl.es/svn/publico/ext-dns/server/child-resolver-skel.py