[buug] local DNS cache choices

Rick Moen rick at linuxmafia.com
Sun Nov 13 01:48:59 PST 2011

Quoting Ian Zimmerman (itz at buug.org):

> Looking at what is available in Debian, I see three choices which seem
> almost equivalent:
> 1. lwresd (and nss-lwres)
> 2. nscd
> 3. unscd
> I understand that 2 and 3 do more than just DNS, but I only need DNS.
> Which one should I use?

Do you want a recursive nameserver, or just a cache?  Really, any
nameserver package of any type (authoritative, recursive, forwarder)
does caching pretty much automatically, but you can, if you wish, have
local nameserver intelligence to handle the queries rather than just
sending them out to other people's nameservers, elsewhere.

nscd is _just_ caching (of DNS and other things).

unscd is a from-scratch rewrite of the same idea, probably far less
buggy than nscd.

lwresd (with nss_lwres to convert the query results so NSS can use them)
is a miniature recursive server reachable only for client service from
localhost processes (not remote hosts).  On the plus side,
lwresd/nss_lwres is lightweight for a recursive daemon.  On the minus
side, lwresd is 'stale code' that hasn't been maintained since around
2003.  nss_lwres has been unmaintained since 2001.

I might point out these other choices:

4.  unbound.  Full-service recursive server.  Lightweight.
5.  dbndns.  Debian fork of Bernstein's djbdns, including dncache, a 
    very lightweight recursive server.  (Debian also has package
    'djbdns', nearly the same fork but with fewer patches.)
6.  maradns.  Full-service recursive server and full-featured
    authoritative server.
7.  dnsmasq.  Forwarder.  Also has a number of other functions useful
    in small networks.
8.  pdnsd.  Forwarder.  
9.  pdns-recursor.  Full-service recursive server.

All of these do caching.

Of possible use:

More information about the buug mailing list