| View previous topic :: View next topic |
| Author |
Message |
ak47
n00b
Joined: 27 Dec 2005
Posts: 16
|
|
| Back to top |
|
 |
daeghrefn
Tux's lil' helper
Joined: 02 Jan 2005
Posts: 112
|
 Posted: Tue Dec 27, 2005 3:48 pm Post subject: |
 |
|
It, like everything else, depends on what you want. You have many different options for DNS. You could use dnsmasq which provides both DNS and DHCP support. You could also use DJBDNS which is supposedly the most secure DNS server available. You could also use BIND, which is what I personally use. I integrate dhcpd into my DNS so I have dynamic DNS on my network. So, it really depends on what you want.
And the security of course is going to be based on what ports you have open on the outside. IF you block all incoming traffic, no one can get to the services on the inside... so it doesn't matter.
If you want to put DNS up on a separate machine, then do so. If you want to have a single server, for whatever reasons, then put DNS on your router. |
|
| Back to top |
|
|
PaulBredbury
Watchman
Joined: 14 Jul 2005
Posts: 7310
|
| Posted: Tue Dec 27, 2005 4:02 pm Post subject: |
|
|
| I've had no problems with bind. |
|
| Back to top |
|
|
ak47
n00b
Joined: 27 Dec 2005
Posts: 16
|
| Posted: Tue Dec 27, 2005 5:07 pm Post subject: |
|
|
I think i'll setup a separate dns on my other linux box (FC4) and see how it goes. I need to build it first though in a few days. until then i'll use dnsmasq and unmerge it later on.
| daeghrefn wrote: | It, like everything else, depends on what you want. You have many different options for DNS. You could use dnsmasq which provides both DNS and DHCP support. You could also use DJBDNS which is supposedly the most secure DNS server available. You could also use BIND, which is what I personally use. I integrate dhcpd into my DNS so I have dynamic DNS on my network. So, it really depends on what you want.
And the security of course is going to be based on what ports you have open on the outside. IF you block all incoming traffic, no one can get to the services on the inside... so it doesn't matter.
If you want to put DNS up on a separate machine, then do so. If you want to have a single server, for whatever reasons, then put DNS on your router. |
|
|
| Back to top |
|
|
ocbMaurice
Tux's lil' helper
Joined: 14 Feb 2003
Posts: 90
Location: Switzerland
|
| Posted: Tue Dec 27, 2005 5:52 pm Post subject: |
|
|
If you want to integrate dhcpcd and bind you may also look here (it's a bit old but should still work)
https://forums.gentoo.org/viewtopic-t-37326-highlight-.html
if you have an internal server that is on 24/365 I would recommend to install bind and dhcpcd there, if the gateway is the only server that is on 24/365 than install it there (just be sure to limit access to your internal lan, either by configuring your firewall or by telling dhcpcd/bind just to bind/listen on you local ethernet device). |
|
| Back to top |
|
|
ak47
n00b
Joined: 27 Dec 2005
Posts: 16
|
| Posted: Mon Jan 02, 2006 9:29 pm Post subject: |
|
|
| PaulBredbury wrote: | | I've had no problems with bind. |
Paul thx for the suggestion. I looked at HOW-TO BIND from gentoo's site it was showing to change many default bind dir to named and didn't like it. i was just looking for a simple solution. on the other hand i think your solution is very simple yet showing both for caching-only dns server and real dns that is authoritative. i'm thinking of running mail/web server on the same machine where the dns is going to run. but for now, i will use the 1st solution in the link. btw, other guy suggested dhcpcd which will play with my new bind dns. any other dhcp that you think might be getting along with bind? or u think setting up bind itself is ok? i have less than 10 pc at home that will be served by BIND though.
thx for your time and help. |
|
| Back to top |
|
|
PaulBredbury
Watchman
Joined: 14 Jul 2005
Posts: 7310
|
| Posted: Mon Jan 02, 2006 10:00 pm Post subject: |
|
|
| I don't know enough about dhcp to comment. I personally prefer to use fixed IP addresses (192.168.0.x) for a simple home network. |
|
| Back to top |
|
|
|
Networking & Security
