bind on a LAN?

/dev/rob0 rob0 at
Tue Nov 22 20:23:37 UTC 2005

On Tuesday 2005-November-22 10:55, Jim wrote:
> whats the best way to host a dns solution on a LAN if my bind
> server is not going to take any queiries from the outside world
> and is hosted behind a firewall?

Best in what way?

> I want to be able to control clients somehow on my lan so i'd need
> to control atleast 1 zone on my server.

No problem. You might also want a reverse zone, like, to resolve your RFC 1918 IP addresses to names.

> Do you recommend creating a fake domain name for my lan?

I do that, or you could use views and a real domain you control, or 
forget views and just use a subdomain of your real zone.

> like (ie.

I would use something guaranteed, or at least highly likely, not to
ever exist on the real Internet. I have used .lan as TLD (top-level 
domain) at many sites. Some use .local, although someone just posted 
here that it might cause problems for Mac clients.

(No Mac clients? I would still design the network such that it will 
remain friendly with any OS, to the maximum extent possible. Macs look 
like a very attractive option these days, for non-techie users; they 
can run most POSIX software and have a great deal of support from 
vendors of proprietary software -- and virtually immune from Windows' 
problems and viruses.)

> Or is NetBios the best way to go here?

Proprietary MS "solutions" are seldom if ever "best", IMO. Can Unix 
resolvers use NetBIOS name resolution? I have never tried it.

> whats the best way to do this? 

BIND is a serious tool for DNS. Yes, you can run it at home and learn a 
lot, but if that is not your goal you might be better served by 
something like dnsmasq. Dnsmasq reads your /etc/hosts file and serves 
that in both forward and reverse DNS. Anything not in /etc/hosts is 
passed to a recursive resolver.

NB: this is a BIND forum, so followups on dnsmasq would be off-topic. 
Also, I have not used it myself.
    mail to this address is discarded unless "/dev/rob0"
    or "not-spam" is in Subject: header

More information about the bind-users mailing list