HELP: what sort of DNS config for home lan
Dan Saint-André
NAT/MASQuerading to the internet. My hosts all have names on the lan. I
have an IP and domain for the internet side. What "domain name" do I use
on for the lan side address space? What other DNS config makes sense for
the lan side?
I would really like my local linux DNS to track/cache/remember addresses
that I use frequently so that I need not make a long trip to resolve
those names. I'd also prefer to avoid maintaining a half dozen
/etc/hosts files. Is there some prefered/standard approach to lan side
DNS on a NAT network?
I have a small home lan connected through a linux box to the internet.
The lan runs an RFC private address space. There is a different RFC
private network as DMZ between the linux box and the internet.
Thanks in advance,
~~~ Dan 0;-D
ynotssor
news:20030514.5473349.2462839537@bilbo.grlngrp.lan
Just maintain a single /etc/hosts that lists all IPs, names, and aliases on the
machine that is running your caching DNS server, and use h2n to maintain
the zone files for the different LAN networks, along the lines of:
h2n -d your.public.domain -n 192.168.0.0/16 -n 10.0.0.0/8
and point your LAN machines to use the DNS there. LAN IPs and hostnames will
resolve correctly, and outside information will be retrieved and cached as needed.
tony
--
use hotmail com for any email replies
-----= Posted via Newsfeeds.Com, Uncensored Usenet News =-----
http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
-----== Over 80,000 Newsgroups - 16 Different Servers! =-----
Dan Saint-André
forwarding, and my DMZ. None of my LAN hosts are visible to the public
internet. Do I use some sort of bogus domain name for my RFC private
network?
Thanks,
~~~ Dan 0;-D
>>>>>>>>>>>>>>>>>> Original Message <<<<<<<<<<<<<<<<<<
On 14-05-03, 02:07:11, "ynotssor" <"ynotssor"> wrote regarding Re: what
sort of DNS config for home lan:
ynotssor
> Anyone who tries to reach something.mypublicdomain hits linux, the port
> forwarding, and my DMZ. None of my LAN hosts are visible to the public
> internet. Do I use some sort of bogus domain name for my RFC private
> network?
Please don't top post. Post your reply *under* that to which you are responding,
as is the natural English reading order of humans. Many people will not reply to
top posters. Thank you.
Your original post implied that the DNS you were configuring was not authoritative
for your public domain. If this is so, and the caching DNS is only for your LAN
usage, then you should use your public domain name for the DNS configuration.
None of the LAN info will be available to the public unless you open port 53 in your
firewall and forward any requests from the outside to the LAN DNS server, which
is something you don't want to do. The public will then only see the DNS info
that is provided by the authoritatve DNS server, wherever that is (probably your ISP).
By using the public domainname within the LAN, it greatly simplifies administrative
tasks if care is taken with such things as MX records and hostname masquerading
for email transactions.
There is no hard and fast rule though. You should carefully consider your objectives
and choose whatever method allows you to reach those objectives easily. I have
suggested just one solution of several possible ones, because it's worked painlessly
in the several networks I've administered.