basic client setup plus name resolving from HW router
dhcp at thehobsons.co.uk
Sun May 14 22:23:42 UTC 2006
Olivier Schreiber wrote:
> > You need to have dhcp-server and bind installed (you do not need
>> dhcp-client on the machine you use as the server).
>> On bind, configure a forward and reverse zone for your network
> > (ie mydomain.com and 123.168.192.arpa).
>Would you mind clarifying the two above addrsses?
>I am not sure they are chosen or imposed by reading your explanations
>below. The `arpa' string is confusing me.
OK, the two zones in DNS you need are :
mydomain.com - this is what is commonly referred to as the 'forward'
zone, it is used when you type in something like "ssh
somemachine.mydomain.com" to resolve the name to an address.
mydomain.com is however just an example, you should use your own
123.168.192.arpa - this is the 'reverse' zone, used to do lookups in
the reverse direction to normal. When you (for example) ssh into
another machine, it will most likely try and resolve your address for
the benefit of logs etc - so it can log a connection from
"mylaptop.mydomain.com" instead of 192.168.123.42. The way it works
is that whatever address is given, reverse the order of the octets,
and append "in-addr.arpa" - this makes the address into something
with the same structure as the domain names so it can easily be
handled by the same delegation process.
To see how this works, try :
dig +trace www.thehobsons.co.uk
dig +trace -x 126.96.36.199
This will show you the nameservers/delegations used to get from the
root of the dns tree down to an individual node.
However, by setting up the two zones in your own dns server, queries
for addresses in these zones will never be sent outside as your own
server already has answers. Thus, within your own network, you can
resolve (eg) somemachine.mydomain.com to an IP address, and resolve
an IP address in the 192.168.123.0/24 network to a name.
You can configure your dns server in two ways for dealing with
names/addresses that are not in your network :
1) forward any other queries to other dns servers (typically those
provided by your ISP) - generally called a "forwarder".
2) go find the results itself, starting at the root nameservers.
All this is definitely not DHCP related, there is much out there on
dns, but I would recommend an O'Reilly book called "DNS and Bind" by
Paul Albitz and Cricket Liu. It includes a lot of advanced stuff that
you can ignore, but it starts by explaining the fundamentals, how
they work, and why it's done that way.
> > <pet moan>
>> Do not just 'make up' a domain, or use ".local", or use a domain that
>> someone else is using. Using .local is wrong - it's a reserved domain
>> name for ZeroConf (cf Apple's Rendevous, multicast DNS, ...) and
>> whilst Windows networks work fine with a .local address, Macs will
>> barf and the network doesn't work right.
>> If you just 'make up' a domain name, at some point it could be
>> registered by someone else - and then you would be using someone
>> elses domain name.
>> Using someone elses domain name is just plain bad manners. Apart from
>> not being able to access anything in their domain, the domain you use
>> internally DOES leak out (eg in mail headers) and it's bad to be
>> using someone elses name.
>> Getting your own domain name registered is so cheap and easy these
>> days that there really isn't any excuse if you want to do things
>> </pet moan>
>Would you mind outlining more a HOWTO approach to your `moan' like
>which domain is the forward, which one is the backward--given a
>commercial ISP non-fixed IP address and how to get said domain name?
>I totally agree with your concern that people do the right thing but
>most of the time, they don't because they think it is too complicated.
There are many places where you can buy a domain name, I can't
recommend any one in particular as I've got my domain names and web
hosting via my ISP as part of my ADSL package.
If you are stuck with a dynamic IP address then that makes it rather
difficult to run your own mail server. My ISP gives fixed addresses
so I can run my own mail, and so can apply my own spam prevention
measures such as greylisting which I find very effective - most
definitely to be preferred over an ISPs mail server that accepts
everything and then throws half your genuine mail away with the spam !
I have asked in a number of places about a suitable domain to use for
private use and never had a good answer. Many use .local because it
seems to make sense and I believe it is recommended by Microsoft when
setting up a Small Business Server, but as stated above, it isn't a
particularly good choice. Others just make up a domain name (eg
'fredshouse.com') and hope no-one ever comes along and registers it.
Others make up a top level domain that isn't used and use that - eg
"fredshouse.private". As far as I know, there is no top level domain
reserved for private use.
Of the options, best is to register your own domain name, after that,
using something like mydomain.private seems reasonable since it
doesn't seem too likely that ICANN will create .private as a new top
More information about the dhcp-users