should I use tinydns or dnscache?

By Gaby, 27th August 2004

If you've read through the documentation about the djbdns suite of tools and you're still not quite sure what software you should be running, perhaps this explanation will make the differences between the tools clear.

The djbdns package consists of two parts:

  • tinydns holds information about domains that you are 'running DNS' for.
  • dnscache allows people to lookup information about domains

What does they do?

tinydns should hold all the traditional information that would normally go in a 'zone file', eg the name server and mail server information, and A or PTR records, such as www, mail, etc. tinydns will serve this information to the world.

dnscache is a server that you can ask the question "what IP address is" and it will go off and find an answer. If you are holding the information for on your tinydns server, and you asked the question "what IP address is", your dnscache server would consult the tinydns server for information about The dnscache server would then give you the answer.

Content DNS and DNS Resolution

Essentially there are two types of DNS, content DNS and DNS resolution. tinydns is a content DNS server, serving up information about domains it holds. dnscache is a DNS resolver, allowing you to lookup information about any domain. It does not hold information about specific domains, but will lookup information about domains for you.

If you've ever played with BIND, then you'd be forgiven for thinking that DNS and BIND are the same thing. They are not. BIND has a content DNS server and a DNS resolver running as the same program. You can ask it questions about domains it holds information about, and domains it doesn't hold information about and it will give you an answer. djbdns has a separate content DNS server and a separate DNS resolver. Because both of these services run on the same port (port 53) under djbdns they need to be run on separate IP addresses, as separate processes (this has many performance, scalability and security advantages).

In answer to the question, if you're going to be 'running DNS' for some domains (have your name server listed on the WHOIS record for those domains) you need to run tinydns. If you want to have one of your own machines listed as 'preferred DNS Server' in your TCP/IP settings (or as a nameserver entry in /etc/resolv.conf on *nix, or primary DNS server in older versions of windows), you need to run dnscache.