I became curious about what kind of DNS cachine goes on in a modern linux system. You would think that this is the kind of thing that might go on inside the kernel (client side caching that is). My current system is a Fedora 18 x86_64 system running a 3.9.2 kernel. There is a package "nscd" that claims to do DNS caching, but it is neither running nor installed on my present system.
I thought it might be instructive to look at DNS activity with wireshark, but I have to install it first:
yum install wireshark yum install wireshark-gnomeProbably just installing wireshark-gnome would do. Just yum install wireshark installs something, heaven knows what, but typing "wireshark" on the command line doesn't yield what I want afterwards. Wireshark-gnome gives what I want.
To see only DNS traffic, use this filter:
udp.port eq 53And, interestingly - every time I type "ping homer", I see a DNS query on the wire. This is not good, no caching going on.
yum install nscd service nscd start chkconfig nscd onAnd now I see caching, the first "ping" puts a DNS request on the wire, but subsequent ones do not.
To run wireshark on a remote machine:
ssh -X root@mmt wireshark
Adventures in Computing / tom@mmto.org