Clarification on roles of networking components.
Robert Moskowitz
rgm at htt-consult.com
Wed Mar 4 21:45:52 UTC 2009
Simon Slater wrote:
> On Wed, 2009-03-04 at 12:34 -0500, Robert Moskowitz wrote:
>
>> Flaschen, Matthew S wrote:
>>
>>>> If he has internal servers that local hosts need access to.
>>>>
>>>>
> At the moment one server offering limited services internally, nothing
> external.
>
>>>
>>>
>>>> For example. If he is running an Netbios server and the clients need to
>>>> access shares on it.
>>>>
>>>>
>>> Right.
>>>
>>>> He does not want the world to know about this NAS,
>>>>
>>> Obviously
>>>
>>>> plus it probably has an RFC1918 address.
>>>>
>>> I would definitely recommend a local-only address for the local services.
>>>
>>>> So with a local BIND server, he would set up an Internal view.
>>>>
>>> He /could/ do that but you haven't said why he should. If he wants his DNS/DHCP server connected to the outside internet, I would recommend he get two ethernet cards, eth0 and eth1, then configure dnsmasq to only serve on only the local interface. Note that this doesn't require any DNS-specific configurations. It is inherently simple and secure.
>>>
>>>
>>>> Perhaps he has an internal WiKi. I can go on with internal servers that
>>>> need name resolution.
>>>>
>>>>
>>> I think he wants name resolution for all local hosts (why not?).
>>>
>>>
> Yes
>
>>>> He can maintain all of this in hosts files on each
>>>> client as he seems to have done, or he can run his own internal DNS
>>>> server with an internal view.
>>>>
>>>>
>>> Nowhere do you say why the complexity of BIND is necessary. He would be served very well (no pun intended) with a far simpler DNS implementation.
>>>
>> So your issue is not DNS, but rather the BIND implementation of DNS.
>>
>> I have been working with BIND since '93. I have not spent any time
>> looking at any other implementations of DNS
>>
>> Go with whatever floats your boat.
>>
>> Webmin DOES make working with BIND reasonable.
>>
>>
>>
> Now I've caught up on some sleep I can continue with a clearer head.
> The single server has 2 nics, one internal the other to the dsl router.
> For now internal name resolution and dhcp is the issue, but more
> internal services will be added down the road, as well as web server
> usw. I started with dhcpd but this does seem more powerful than I need
> now. I'll check out dnsmasq today.
webmin makes dhcpd easier, but as you mentioned there is dnsmasq.
More information about the users
mailing list