bind on a LAN?
rob0 at gmx.co.uk
Tue Nov 22 20:23:37 UTC 2005
On Tuesday 2005-November-22 10:55, Jim wrote:
> whats the best way to host a dns solution on a LAN if my bind
> server is not going to take any queiries from the outside world
> and is hosted behind a firewall?
Best in what way?
> I want to be able to control clients somehow on my lan so i'd need
> to control atleast 1 zone on my server.
No problem. You might also want a reverse zone, like
0.168.192.in-addr.arpa, to resolve your RFC 1918 IP addresses to names.
> Do you recommend creating a fake domain name for my lan?
I do that, or you could use views and a real domain you control, or
forget views and just use a subdomain of your real zone.
> like (ie. mylan.internal-domain.com).
I would use something guaranteed, or at least highly likely, not to
ever exist on the real Internet. I have used .lan as TLD (top-level
domain) at many sites. Some use .local, although someone just posted
here that it might cause problems for Mac clients.
(No Mac clients? I would still design the network such that it will
remain friendly with any OS, to the maximum extent possible. Macs look
like a very attractive option these days, for non-techie users; they
can run most POSIX software and have a great deal of support from
vendors of proprietary software -- and virtually immune from Windows'
problems and viruses.)
> Or is NetBios the best way to go here?
Proprietary MS "solutions" are seldom if ever "best", IMO. Can Unix
resolvers use NetBIOS name resolution? I have never tried it.
> whats the best way to do this?
BIND is a serious tool for DNS. Yes, you can run it at home and learn a
lot, but if that is not your goal you might be better served by
something like dnsmasq. Dnsmasq reads your /etc/hosts file and serves
that in both forward and reverse DNS. Anything not in /etc/hosts is
passed to a recursive resolver.
NB: this is a BIND forum, so followups on dnsmasq would be off-topic.
Also, I have not used it myself.
mail to this address is discarded unless "/dev/rob0"
or "not-spam" is in Subject: header
More information about the bind-users