[labsphoenix] GeoIP patch to BIND

Long time since my last technical post on this blog. Today, we will go through the installation of the GeoIP libraries (from MaxMind) feature linked with a very common and well known DNS server (bind9 (from ISC)). Before going any further in the labs, please note that I do not consider the GeoIP patch “feature complete”, since it does cover all all GeoIP type (only countries), does not apply to bind-9.5.x and the install process isn’t “fine-tuned” as it should be.

NOTE: I will be releasing, this week-end, a new, enhanced, patch covering those issues. So, lets go on.

Why this lab ?

Simply because distributed infrastructure are common sight and load-balancing traffic across multiple web load-balancer (yeah, I know, balancing on balancer) can sometime be very tricky. Solution such as round robin DNS is, at most, a “best effort” mechanism. Network architects with valid demographic statistics will be able to offer “nearest server” and enhanced experience through geo-localization. This also allows to create a poor man’s CDN (Content Delivery Network) without having to learn / deploy very complex infrastructures.

Installation

We start by installing MaxMind’s GeoIP libraries. It comes with a free database of ip/countries. We follow by retrieving Bind for ISC’s server and applying the patch to link the 2 together. This is the patch I’ll be enhancing.

#changing to src directory
cd /usr/local/src

#getting geoip libraries
wget http://www.maxmind.com/download/geoip/api/c/GeoIP-1.4.5.tar.gz
tar zxf GeoIP-1.4.5.tar.gz
cd GeoIP-1.4.5

#configure & install of libraries
./configure ; make ; make install

#getting bind-9.4.3
wget http://ftp.isc.org/isc/bind9/9.4.3/bind-9.4.3.tar.gz
tar zxf bind-9.4.3

#getting geodns (geoip binding to dns software)
wget http://www.caraytech.com/geodns/patch.diff

#we patch bind
cd bind-9.4.3
patch -p1 < ../patch.diff

#we configure bind with the new libs. (On one line & this procedure will change with the new patch)
CFLAGS=”-I/usr/local/include” LDFLAGS=”-L/usr/local/lib -lGeoIP” ./configure –prefix=/usr/local/bind

#we compile + install bind.
make ; make install

Configuration
We now have a default installation of a patched BIND9 server & GeoIP libraries. The next step is to create configuration files. I will not be going into the big details here, plenties of how-to are available. The principe of GeoIP is matching-clients through country code, not only IP - this is the value of the patch we applied.

/usr/local/bind/etc/named.conf

options {
directory “/usr/local/bind/var/bind”;
listen-on-v6 { none; };
pid-file “/usr/local/bind/var/run/named/named.pid”;
};

view “us” {
// Match clients from US
match-clients { country_US; };
recursion no;
zone “example.com” {
type master;
file “pri/example-us.db”;
};
zone “.” IN {
type hint;
file “named.ca”;
};
};

view “ca” {
// match from Canada
match-clients { country_CA; };
recursion no;
zone “example.com” {
type master;
file “pri/example-ca.db”;
};
zone “.” IN {
type hint;
file “named.ca”;
};
};

view “other” {
// Match all others
match-clients { any; };
recursion no;
zone “example.com” {
type master;
file “pri/example-other.db”;
};
zone “.” IN {
type hint;
file “named.ca”;
};
};

/usr/local/bind/var/named.ca ; this file can be retrieved from almost anywere. Google it.

And we also need zone definitons:
/usr/local/bind/var/bind/pri/example-us.db
/usr/local/bind/var/bind/pri/example-ca.db
/usr/local/bind/var/bind/pri/example-other.db

Conclusion

At this point, you have a BIND server running on your server with views defined following the dns-client country. Using the following command (since I do not really own example.com) will give different result if you are in the USA or Canada. “dig @air0.labsphoenix.com test.example.com“. Btw: the “dig” command is part of dnsutils package. Have fun!