My New Book on Squid Proxy Server (A Beginner’s Guide)

I have not blogged since a long time mainly because I was a bit busy authoring a book Squid Proxy Server 3.1: Beginner’s Guide for Packt Publications. The book is an introductory guide to Squid (especially the new features in Squid-3 series) covering both the basic aspects as well as the in dept details for advanced users. The book focuses on learning by doing and provides example scenarios for the concepts discussed throughout the book. Access control configuration, reverse proxying, interception proxying, authentication and other features have been discussed in details with examples.

Checkout the links below:

 

How To: Install PHP 5.3 on CentOS 5.1 or RHEL 5.1

PHP 5.2 and PHP 5.3 has tons of functionalities which are not provided by PHP 5.1 and PHP 5.1 is the most recent version of PHP available in CentOS 5.1 and RHEL 5.1 via updates. Also, its difficult for people to upgrade OS(s) on production servers frequently and especially if the servers are running absolutely fine, it doesn’t really make sense to upgrade just for the heck of it. One more reason for no upgrades is the OS choices provided by many hosting companies. But a lot of CMS(s) and softwares are now recommending at least PHP 5.2 for an extended feature set.

I tried a lot of repos for CentOS including RPM Fusion, RPM Forge, EPEL etc., but none of them could provide even PHP 5.2. In some corner of my mind, I had a faint idea of Remi Collet publishing updates about Remi repository. Did a quick google search and found out that PHP 5.3 is actually available in the repository 😀

So, if you are really in need of PHP5.3 on your CentOS/RHEL 5.1 or lesser, head over to Repository Configuration Page and follow the instructions.

Note: The repository is not enabled on install (enabled=0). You need to enable it in /etc/yum.repos.d/remi.repo.

Once installed and enabled, you can update PHP, MySQL from remi repository using the following command

[root@fedora ~]$ yum update php php-* mysql-*

Warning: Drupal is still not totally compatible with PHP5.3 and if you run Drupal sites, be sure to investigate things before upgrading.

 

How To: New Mail Notification

mbooth commented on one of my last post (How To: GNOME GMail Notifier) informing that he/she uses mail-notification. I was curious to check it out for mail via IMAP and I found it way more useful as compared to Gnome Gmail Notifier. I especially like the option to configure it to check the mails every ten seconds. Thats way cool for anxious people like me :) Keeping in mind the huge advantages of mail-notification, I thought of writing an howto for configuring it :)

Install Mail Notification

Installing something can’t be simpler. Just use the following command as root

[root@fedora ~]$ yum install mail-notification

Configuring mail-notification is very simple. Its as easy as it can get but there are tricks for special cases like Gmail for  Google Apps hosted websites.

Launch Mail Notification

Mail notification loses a point here. It doesn’t show up in any of the menus. You have to launch it from command line. You can launch mail-notification from System -> Preferences -> Mail Notification (Thanks mbooth for correcting). Or use the following command as normal user to launch mail notification

[saini@fedora ~]$ mail-notification -p

Configure Status Icon Behaviour

On mail notification properties windows, select Status Icon tab and choose the appropriate behaviour.

Mail Notification Status Icon Action

New Message Popup Settings

Now go to Message Popups tab, and select appropriate options. If you don’t enable popups, using mail notification doesn’t really make sense (though none can prevent you from doing so :) ). Keeping popus stacked is good because it shows you all messages in case you get more than one new mails in an interval. Also, you can configure the expiration time for the popups.

Mail Notification Message Popups Settings

Add New Mailbox

Now select General tab and click of Add button. Mail-notification supports checking new mails from Evolution, Gmail, Yahoo! Mail, Windows Live Mail, any IMAP and POP3 Server and moreover your system mailbox :) Select Gmail for mailbox type. Enter username and password for Gmail account.

Mail Notification Supported Mailboxes

Mail Notification Add Gmail Account

Now move over to Details tab and set delay between checking mails. I keep it 10 seconds :)

Mail Notification Gmail Account Settings

Add a Google Apps Hosted Email Account

This is totally optional :) Now we’ll add a Google Apps hosted account. This is a bit tricky. For mailbox type, you’ll have to select Gmail. For username, you’ll have to provide your email address.

Mail Notification Add Google Apps Hosted Account

Also, the mailbox name has to be modified in this case to make things work. Move over to Details tab and change mailbox name to your email address.

Mail Notification Google Apps Hosted Account Settings

Add a new IMAP mailbox (Gmail)

This is totally optional :) Keep mailbox type as IMAP. IMAP Server has to be imap.gmail.com . Username and password are same as Gmail Account.

Note: For this mailbox to work, you’ll have to enable IMAP in settings tab in Gmail.

Mail Notification Gmail IMAP Account

Now move over to Connection tab. Connection for Gmail IMAP has to be SSL enabled. So, select “SSL/TLS on separate port” and make sure the port number is 993.

Mail Notification Gmail IMAP Account Connection Settings

Well thats all you need to do for configuring things for getting new mail notifications lightning fast :) Now sit back and relax until someone sends you a mail :)

The only major disadvantage that I found with mail-notification is that it doesn’t stay in notification area all the time. It appears only when there is a new mail.

 

How To: Configure Dual Display with ATI Radeon (fglrx)

As promised in my last post (News: ATI Catalyst Display Drivers 9.9 Released), I am back with a post on configuring dual display with ATI Radeon HD Graphics Card and proprietary catalyst (fglrx) drivers from ATI.

Hardware Used

Graphics Card: ATI Radeon HD 3200 (256MB, onboard)
Monitor 0: ViewSonic VG1930WM 1440×900 (19″ LCD, Connected via DVI port)
Monitor 1: Samsung SyncMaster 793S 1280×1024 (17″ CRT, Connected via VGA port)

Types of Dual Display

  • Mirror: Both screens have same content, identical refresh rate and resolution.
  • Clone: Both screens have same content but refresh rates and resolutions can be different.
  • Horizontal: Both screens can have different content, refresh rates and resolution. Screen 1 is left or right of Screen2.
  • Vertical: Same as horizontal. The only difference is that Screen1 is above or below Screen2.

In this post, we are interested in Horizontal setup with xinerama on. This way we can have two desktops allowing full screen modes on both of them and allowing us to drag and drop windows from one screen to the other.

Install ATI Drivers

If you don’t have ATI drivers installed already, follow this How To: Install ATI Catalyst (fglrx) Drivers on Fedora 11 (works for any version of ATI Catalyst drivers).

Generate xorg.conf file

If you don’t see the xorg.conf file at /etc/X11/xorg.conf, then you need to generate it to proceed to next step. Use the following command as root to generate one

[root@fedora ~]$ Xorg -configure

This command will generate the default xorg.conf file at /root/xorg.conf.new. Copy it to /etc/X11/xorg.conf.

[root@fedora ~]$ cp /root/xorg.conf.new /etc/X11/xorg.conf

Backup xorg.conf file

Backup your original xorg.conf file so that you can restore it in case the configuration doesn’t work the way you expected.

[root@fedora ~]$ cp /etc/X11/xorg.conf /etc/X11/xorg.conf.backup

Generate Configuration for Dual Display

Now we are ready to generate the configuration for dual display. Use the following command with appropriate arguments (in accordance with your hardware configuration)

# --screen-layout will place second screen on left of your first screen. Other possible values are right,above,below.
# --xinerama=on option enables you to have two different desktops and one of them being passive.
# You can drag and drop windows from one desktop to the other. Task bars appear only on one of the desktops.
[root@fedora ~]$ aticonfig --initial=dual-head --screen-layout=left --xinerama=on
# --resolution=_screen_number_,widthxheight
[root@fedora ~]$ aticonfig --resolution=0,1440x900 --resolution=1,1280x1024
# Set horizontal sync and vertical refresh rates for both monitors.
[root@fedora ~]$ aticonfig --hsync=0,30-60 --hsync=1,30-60 --vrefresh=0,30-60 --vrefresh=1,30-60

You can download my xorg.conf file via this link.

Reboot or Logout and Login Again

If you just setup your ATI drivers and configured the dual display, you need to reboot so that fglrx module can be loaded properly. If you rebooted after setting up the drivers, just logout and login again to checkout your dual display :) If everything works fine, say thanks to me and if not blame ATI 😛

Adjust DPI for Normal Font Size

I faced a problem with my font sizes being too big while using xinerama. It was easy to fix by adjusting DPI. Go to System -> Preferences -> Appearance. Go to Fonts tab. Click Details located near the bottom right corner. On that window, try descreasing the “Dots Per Inch” value. Mine worked fine with 85 DPI.

Below is an image of my dual display setup. Click to enlarge.

Dual Display Configuration ViewSonic Samsung Using ATI Radeon Catalyst (fglrx)

 

How To: GNOME GMail Notifier

GNOME GMail (Google GMail) Notifier is an awesome tool for GNOME/Linux users if you are addicted to checking mails every few minutes. GMail Notifier solves a bit of your problems by notifying about multiple gmail accounts. One more plus point is that it can display GMail Notifications for new mails in accounts for which you are using Google Apps. Below is a step by step howto on installing and configuring GMail Notifier in Fedora (may apply to other distros as well).

Install GNOME GMail Notifier

You can download and install it from GNOME GMail notifier home page or just use yum

[root@fedora ~]$ yum install gnome-gmail-notifier

Launch Gmail Notifier

If installation was successful, go to Applications -> Internet -> Gmail Notifier.

GNOME Gmail Notifier

Open Preferences

Right click on Email icon in taskbar and click Preferences.

GNOME Gmail Notifier Select Prefreneces

Select Preferences

Set inbox update time to 1 minute. Check display notifications for new messages and errors. Also select a sound to play for new mails.

GNOME Gmail Notifier Prefreneces

Add GMail Account

Click Add on preferences window and add your GMail account.

GNOME Gmail Notifier Add GMail Account

Add Mail Account (Google Apps) (Optional)

If you don’t know what Google Apps is, leave this step. If you do know, then add your mail account.

GNOME Gmail Notifier Add Google Apps Account

Check Mail

If you can’t wait for 1 minutes to see GMail Notifier in action, just right click on email icon in taskbar and click Check Mail.

GNOME Gmail Notifier Check New Mails

Mail Notifications

Whenever you get a new mail, you’ll have bubble like the one in image below and a sound will also be played.

GNOME Gmail Notifier New Mail Notification

Enjoy the notifications :)

 

How To: Install/Configure GNUMP3d – Streaming Audio Server

Mission

GNUMP3d is the GNU Streaming MP3/Media Server written in perl. Our mission is to setup GNUMP3d and stream audio over LAN or over internet. Below are the essential steps to install and configure GNUMP3d.

Download

Download latest version of GNUMP3d from GNUMP3d Website.

Extract

[kulbirsaini@fedora ~]$ tar -xjf gnump3d-x.x.tar.bz2

Install

[root@fedora ~]$ cd gnump3d-3.0
[root@fedora ~]$ make install (as root)

Now gnump3d is installed on your system. Now you need to configure it according to your taste.

Configure

The configuration file is located at /etc/gnump3d/gnump3d.conf. For casual use, you just need to configure port, binding_host and root.

# Port to which gnump3d will be accessible via web interface or via a media player like xmms or winamp.
port = 1111
# The IP Address where gnump3d will bind itself.
binding_host = 172.17.8.64
# If you want the stream to be accessible via a fully qualified domain name, set hostname variable.
# You don't need to set this in most cases e.g. while setting up gnump3d on LAN.
hostname = gofedora.com
# The directory where are your music files resides.
root = /stuff/Music/

Though you can skip rest of the configuration, you may try to explore other options. My gnump3d.conf file can be download from here.

Thats all you need to do to configure gnump3d.

Indexing

Now you need to index all you music collection (the audio files in gnump3d root). Run the following command to index

[root@fedora ~]$ gnump3d-index --verbose

Run gnump3d

Once the indexing is done, you are all set to run gnump3d. By default gnump3d tries to index all files whenever you start it, to avoid this we need to use –fast option.

[root@fedora ~]$ gnump3d --fast

By default gnump3d runs in foreground. If you want it to go in background and run quietly, run it as follows.

[root@fedora ~]$ gnump3d --fast --background

Accessing Media Server

To access your gnump3d streaming media server, please visit url http://ip_address:port/ .

Run at startup

If you want gnump3d to start when your computer starts add the following line to /etc/rc.local file.

gnump3d --fast --background

Feel free to comment in case you have a problem.

 

How To: Install and Configure GitWeb

UPDATE : I recommend using GitList instead of GitWeb. GitList is much easier to setup and has a better web interface. Continue reading this post if you looking for GitWeb setup instructions specifically.

Goal

Setting up gitweb (web interface for SCM software git) for your project’s git repository for public access and developer commits via ssh.

Assumptions

  1. You already have your project’s git repository.
  2. You have hosting space somewhere to host gitweb.
  3. You have root access.
  4. You are using Apache as webserver.

Example for this howto

Project : VideoCache
Domain for gitweb : git.cachevideos.com
URL for git access for videocache : http://git.cachevideos.com/videocache.git
Actual path on server : /home/saini/domains/cachevideos.com/git
Git repository : /home/saini/projects/videocache/

Installation

Installation is pretty easy. Just one single command would do everything.

[root@localhost ~]# yum install gitweb (do as root)

This will create a directory /var/www/git which is default for gitweb.

Copy the directory /var/www/git/ to /home/saini/domains/cachevideos.com/git

[root@localhost ~]# cp -r /var/www/git /home/saini/domains/cachevideos.com/git

Configuration

1. GitWeb

Open the file /etc/gitweb.conf (it may or may not be there) and add the following lines to it.

# Change This
$projectroot = '/home/saini/domains/cachevideos.com/git';
# Change This
$site_name = "Kulbir Saini's git trees.";
# Don't Change the variables below
$my_uri = "/";
$home_link = '/';
@stylesheets = ("/gitweb.css");
$favicon = "/git-favicon.png";
$logo = "/git-logo.png";

2. Apache

Open the file /etc/httpd/conf.d/git.conf and clear all the lines that are already there and add the following lines to it

  DocumentRoot /home/saini/domains/cachevideos.com/git
  ServerName git.cachevideos.com
  ErrorLog "/home/saini/domains/cachevideos.com/logs/error_log"
  CustomLog "/home/saini/domains/cachevideos.com/logs/access_log" combined
  SetEnv  GITWEB_CONFIG  /etc/gitweb.conf
  DirectoryIndex gitweb.cgi
 
    Allow from all
    AllowOverride all
    Order allow,deny
    Options +ExecCGI
    AddHandler cgi-script .cgi
 
      SetHandler cgi-script
 
    RewriteEngine on
    RewriteRule ^[a-zA-Z0-9_\-]+\.git/?(\?.*)?$ /gitweb.cgi%{REQUEST_URI} [L,PT]

3. Git repository configuration

Go to your git repository (/home/saini/projects/videocache/) and make the following changes.

(a). Open file .git/description and add a short nice description for your project.

videocache is a squid url rewriter plugin written in Python to facilitate youtube, metacafe, dailymotion, google, vimeo, msn soapbox, tvuol.uol.com.br, blip.tv, break.com videos and wrzuta.pl audio caching.

(b). Open file .git/config and append the following lines

[gitweb]
  owner = "Kulbir Saini"

Copy project’s git repository for gitweb

Copy the /home/saini/projects/videocache/.git directory to /home/saini/domains/cachevideos.com/git/videocache.git

[root@localhost ~]# cp -r /home/saini/projects/videocache/.git /home/saini/domains/cachevideos.com/git/videocache.git

Finishing Step

Restart Apache webserver.

[root@localhost ~]# service httpd restart

Now you can browser a list of your projects’ git repositories at http://git.cachevideos.com/ .

Adding another project repository

Just copy the project repository’s .git directory to /home/saini/domains/cachevideos.com/git/prjoect_name.git. And it’ll be shown on the list.

Committing (pushing) to the repository

For committing to the repository via ssh use the following command.

# Pushing everything (Please see the username)
[root@localhost videocache]# git push --all ssh://saini@git.cachevideos.com/~saini/domains/cachevideos.com/git/videocache.git

To update tags on the remote repository use this command.

# Pushing all tags
[root@localhost videocache]# git push --tags ssh://saini@git.cachevideos.com/~saini/domains/cachevideos.com/git/videocache.git

Well, if you consider just the web interface and committing part for your project, thats all. But things can be fine tuned further. Below are few hacks!

1. Enabling nice urls.

By default the urls for browsing repository via git web are pretty crappy and difficult to remember. The RewriteRule and RewriteEngine lines in your Apache configuration file (/etc/httpd/conf.d/git.conf) takes care of that and produce nice and clean urls.

So you can browser the repository via http://git.cachevideos.com/videocache.git instead of http://git.cachevideos.com/?p=videocache.git;a=summary.

2. Enabling remote ls (git-ls-remote or git ls-remote)

This is the most trickiest part. If you try the command below, it won’t produce any output

[root@localhost ~]# git-ls-remote http://git.cachevideos.com/videocache.git

You need to go to project’s repository in gitweb and then run the following command to update the server info for git.

[root@localhost ~]# cd /home/saini/domains/cachevideos.com/git/videocache.git/
[root@localhost ~]# git-update-server-info

Try the ls-remote command now and it should succeed by producing all the branches and tags in the remote repository.

But there is a problem, you have to run the above command after every commit to the remote repository. To solve this issue, you can enable post-update hook for the project’s repository in gitweb. Use the following command to enable it.

[root@localhost ~]# cd /home/saini/domains/cachevideos.com/git/videocache.git/
[root@localhost ~]# chmod +x post-update

The above command will update the server info automatically every time you commit.

Thats all you need to do for setting up gitweb. I hope this will be helpful.

 

How To: Boot Fedora Faster

Note: These tricks apply to any Linux based OS. But I have tested them only on Fedora, so can’t say whether they’ll work on other Linux(s).

My current Fedora installation is now almost one and a half years old. Yes. I am still using Fedora 7 😀 I have Fedora 10 on my other machine. Coming to the agenda, my Fedora installation has grown beyond control and I have services from named, squid, drbl, privoxy, vsftpd, vbox*, smb and what not on a personal desktop. These services really force my system startup to slow down to more than two minutes. While shutting down, its very easy to just cut the power supply but while booting up I can’t help and it frustrates me. And what frustrates me further that I have 4GB DDR2 RAM and AMD64 X2 5600+ (2.8GHz x 2) and booting time is still more than two minutes.

Agenda

  • Boot Fedora faster using whatever techniques possible.

Remove the services from normal order and delay their execution to a later stage. So, services like network, squid, privoxy, named, vsftpd, smb etc. doesn’t make sense unless I am not logged in and using them. Let us start them after we have login screen.

Turn off all the services by using the command

[root@bordeaux ~]# chkconfig service_name off

where service_name is the service you want to turn off.

Now create a file /etc/startup.sh. Enter a line like this

[root@bordeaux ~]# service service_name start

for every service that you have turned off in the Step 1.1 and you want it to be running after your machine starts up. Now, your startup.sh file should look like this

service network start &
service sshd start &
modprobe it87 &
modprobe k8temp &
/usr/bin/iptraf -s eth0 -B &
/usr/bin/iptraf -s lo -B &
service squid start &
service privoxy start &
service httpd start &
service mysqld start &
service named start &
service smb start &
service vboxdrv start &
service vboxnet start &
service vsftpd start &

Add the following line to /etc/rc.local file

/bin/bash /etc/startup.sh &

Done!!! Notice the &s in both files. They are for execution in background so that a process can block boot process. You’ll observe a drop of 10-20 seconds in system startup time.

Problem with Hack #1 : The execution is not really parallel. It executes like a process in the background. So we can’t get the real advantage of parallel execution.

Hack #2 solves this problem. Now we don’t put processes in background. We use daemon forking to fork a separate daemon process which will start all the services for us in parallel. Here we’ll get the real advantage and startup time will decrease further.

This step is totally similar to Step 1.1. So skipping it.

This step is also similar to Step 1.2. The /etc/startup.sh file should look like this.

service network start
service xinetd start
service crond start
service anacron start
service atd start
service sshd start
service rpcbind start
service rpcgssd start
service rpcimapd start
modprobe it87
modprobe k8temp
/usr/bin/iptraf -s eth0 -B
/usr/bin/iptraf -s lo -B
service nasd start
service squid start
service privoxy start
service httpd start
service iptables start
service lm_sensors start
service mysqld start
service named start
service nfs start
service nfslock start
service smb start
service vboxdrv start
service vboxnet start
service vsftpd start
service autofs start
service smartd start

Notice the absence of &s in the file.

Download the attached startup.py file attached at the end of this post or copy paste the following code to /etc/startup.py file.

#!/usr/bin/env python
# (C) Copyright 2008 Kulbir Saini
# License : GPL
import os
import sys
def fork_daemon(f):
    """This function forks a daemon."""
    # Perform double fork
    r = ''
    if os.fork(): # Parent
        # Wait for the child so that it doesn't defunct
        os.wait()
        # Return a function
        return  lambda *x, **kw: r
    # Otherwise, we are the child
    # Perform second fork
    os.setsid()
    os.umask(077)
    os.chdir('/')
    if os.fork():
        os._exit(0)
    def wrapper(*args, **kwargs):
        """Wrapper function to be returned from generator.
        Executes the function bound to the generator and then
        exits the process"""
        f(*args, **kwargs)
        os._exit(0)
    return wrapper
 
def start_services(startup_file):
    command = '/bin/bash ' + startup_file + ' > /dev/null 2> /dev/null '
    os.system(command)
    return
 
if __name__ == '__main__':
    forkd = fork_daemon(start_services)
    forkd(sys.argv[1])
    print 'Executing ', sys.argv[1], '[  OK  ]'

Add the following line to your /etc/rc.local file.

/usr/bin/python /etc/startup.py /etc/startup.sh

Thats it. Done!!! Now you’ll experience a boost of about 25-30 seconds of decrease in boot time.

Stats of my machine

With all services started in normal order : 2minutes.
With Hack #1 : 1minute 42 seconds.
With Hack #2 : 1minute.

Warning : These hacks may break your system and can make it unusable. Use at your own risk.

 

IntelligentMirror: RPM and DEB Caching Improved (0.5)

After spending a lot of time with youtube cache, now I am trying to devote some time to update intelligentmirror with required features and enhancements that youtube cache already enjoys. In the same direction here is version 0.5 of intelligentmirror.

Improvements

  • Added max_parallel_downloads options to controll the maximum threading fetching from upstream to cache the packages.
  • Fine grained control on logging via max_logfile_size and max_logfile_backups option.
  • Added setup script to help you install intelligentmirror. No need to execute commands one by one for installation. Just run
 [root@localhost]# python setup.py install [ENTER]
  • Added update script (update-im). So in case you decide to change the locations for caching rpm/deb packages, just run
 [root@localhost]# update-im [ENTER]

OR

 [root@localhost]# /usr/sbin/update-im [ENTER]
  • Download scheduler similar to youtube cache is added to facilitate the download queing in case of large number of requests.
  • More informative logging.
  • cache.log is not flooding anymore with XMLRPC logs and python tracebacks.
  • Added extensive exception handling thoughout the program.

Availability

  1. RPMs for Fedora/Red Hat/Cent OS
  2. Source RPMs for Fedora/Red Hat/Cent OS
  3. Source Tar balls

Installation and Configuration

INSTALL and README files should help you throughout the installation and configuration process.

In case you have questions, ask them here in comments. Suggestions for improvement are welcome :)

 

How To: Configure Caching Nameserver (named)

Mission

To configure a caching nameserver on a local machine which will cascade to another previously configured and functional nameserver (may or may not be caching. It’ll generally be your ISP nameserver or the one provided by your organization).

Advantage

  • Reduces the delay in domain name resolution drastically as the requests for frequently accessed websites are served from cache.

Working

  • named gets a request for domain resolution.
  • It checks whether the request can be satisfied from cache. If the answer is in cache and not stale, the request is satisfied from cache itself saving a lot of time :)
  • If request can’t be satisfied from cache, named queries the first parent. If it replies with the answer, then named will cache the response and subsequent requests for the same domain name will be satisfied from the cache.
  • In case first parent fails to reply, named will query the second parent and so on.

(The working is my understanding of caching-nameserver using wireshark as traffic analysis tool and caching-nameserver may not behave exactly as explained above.)

How to install

named is by default on most of the systems by the package name ‘caching-nameserver‘. If its not present on your system, install using

[root@localhost ~]# yum install caching-nameserver [ENTER]
# If that doesn't work try this
[root@localhost ~]# yum install bind [ENTER]

How to configure

The main configuration file for named resides in /var/named/chroot/etc/named.caching-nameserver.conf which is also soft linked from /etc/named.caching-nameserver.conf . named configuration file supports C/C++ style comments.

For a caching nameserver which will cascade to another nameserver, there is nothing much to be configured. You need to configure “options” block. Below is a configuration file for a machine with IP address 172.17.8.64 cascading to two nameserver 192.168.36.204 and 192.168.36.210. The comments inline explain what each option does.

options {
  // Set the port to 53 which is standard port for DNS.
  // Add the IP address on which named will listen separated by semi-colons.
  // It'll be your own IP address.
  listen-on port 53 {127.0.0.1; 172.17.8.64;};
  // These are default. Leave them as it is.
  directory   "/var/named";
  dump-file   "/var/named/data/cache_dump.db";
  statistics-file "/var/named/data/named_stats.txt";
  memstatistics-file "/var/named/data/named_mem_stats.txt";
  // The machines which are allowed to query this nameserver.
  // Normally you'll allow only your machine. But you can allow other machines also.
  // The address should be separated by semi-colons. To allow a network 172.16.31.0/24,
  // the line would be
  // allow-query {localhost; 172.16.31.0/24; };
  // Don't forget the semi-colons.
  allow-query     { localhost; 172.17.8.64; };
  recursion yes;
  // The parent nameservers. List all the nameserver which you can query.
  forwarders { 192.168.36.204; 192.168.36.210; };
  forward first;
};
logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
zone "." IN {
  type hint;
  file "named.ca";
};
include "/etc/named.rfc1912.zones";

Start caching-nameserver

Now start the caching-nameserver using the following command

[root@localhost ~]# server named start [ENTER]

OR

[root@localhost ~]# /etc/init.d/named start [ENTER]

To make named start every time your reboot your machine use following command

[root@localhost ~]# chkconfig named on [ENTER]

Using caching-nameserver

To use your caching-nameserver, open /etc/resolv.conf file and add the following line

nameserver 127.0.0.1

Comment all other lines in the file, so that finally the file looks like

; generated by /sbin/dhclient-script
#search wlan.iiit.ac.in
#nameserver 192.168.36.204
#nameserver 192.168.36.210
nameserver 127.0.0.1

Now your system will use your own nameserver (in caching mode) for resolving all domain names. To test if your nameserver use the following command

[root@localhost ~]# dig fedora.co.in [ENTER]

Now if you use that command for the second time, the resolution time will be around 2-3 milli seconds while first time it would be around 400-700 milli seconds.

Example

Below is two subsequent runs of dig for fedora.co.in . Notice the Query time.

[root@bordeaux SPECS]# dig fedora.co.in
; <<>> DiG 9.4.2rc1 <<>> fedora.co.in
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7839
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;fedora.co.in.                  IN      A
;; ANSWER SECTION:
fedora.co.in.           83629   IN      A       72.249.126.241
;; AUTHORITY SECTION:
fedora.co.in.           79709   IN      NS      ns.fedora.co.in.
;; ADDITIONAL SECTION:
ns.fedora.co.in.        79709   IN      A       72.249.126.241
;; Query time: 531 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Nov 19 18:04:47 2008
;; MSG SIZE  rcvd: 79
[root@bordeaux SPECS]# dig fedora.co.in
; <<>> DiG 9.4.2rc1 <<>> fedora.co.in
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64233
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;fedora.co.in.                  IN      A
;; ANSWER SECTION:
fedora.co.in.           83625   IN      A       72.249.126.241
;; AUTHORITY SECTION:
fedora.co.in.           79705   IN      NS      ns.fedora.co.in.
;; ADDITIONAL SECTION:
ns.fedora.co.in.        79705   IN      A       72.249.126.241
;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Nov 19 18:04:51 2008
;; MSG SIZE  rcvd: 79
[root@bordeaux SPECS]#