Unfinished (and probably always will be) - currently only gives directions for setting up dnscache.
There are other parts to the djbdns tools that aren't covered here.

Once upon a time I used Daniel J. Bernstein's djbdns package to provide caching DNS for my network.

This is a quick and dirty guide to getting some of the services provided by djbdns.

I recommend you have a look at the author's pages for the full documentation for the packages before starting.
The offical pages are at cr.yp.to, however there are a few things that are skimmed over, or are a little awkward to find there.

The first thing you'll need to do is download the latest versions of the following packages from cr.yp.to, D.J. Berstein's website:

Ucspi-tcp is only required if you are going to be using axfrdns or axfr-get.
If all you plan on doing is running a caching DNS server (dnscache) you will not require it.

Once you've grabbed the required tarballs, unpack daemontools, build and install them:

tar -zxvf daemontools-0.70.tar.gz
cd daemontools-0.70
make
make setup check
mkdir /service

Commands from the daemontool package are used to monitor and control the DNS processes.

Next, unpack, build and install djbdns itself:

tar -zxvf djbdns-1.05.tar.gz
cd djbdns-1.05
make
make setup check

For security djbdns does not run as root, but instead runs chrooted as another user - typically dnscache for caching DNS setups.
You will need to create the users that the DNS system and the logging process will run as - ensure that the new users have no shell, or files.

groupadd nofiles
useradd -g nofiles -s /bin/false dnscache
useradd -g nofiles -s /bin/false dnslog

After that is done, use the dnscache-conf tool to configure everything.
The general format of the command is:

dnscache-conf dns_cache_user dns_log_user dnscache_directory ip_of_new_dns_server

So, if the machine that will be running dnscache/djbdns has IP 1.2.3.4, you should run:

dnscache-conf dnscache dnslog /etc/dnscachex 1.2.3.4

Next, link the dnscache directory to the service directory to have svscan (from daemontools) control the dns server:

ln -s /etc/dnscachex /service

The dnscache cache will initially only except connections from the localhost. To allow the whole 1.2.3.* network access the server issue the following command:

touch /etc/dnscachex/root/ip/1.2.3

To save rebooting, start svscan with svscan /service &

In order to have the dnscache process start at boot time add the following line (all on one line!) to your boot script - /etc/inittab on most Linux machines: 


SV:123456:respawn:env - PATH=/usr/local/bin:/usr/sbin:/usr/bin:/bin \
     svscan /service < /dev/null >/dev/console 2>/dev/console