2 DNS, one machine

Randy toucan at tropicalrain.us
Mon Nov 29 03:02:14 UTC 2004 

Hello Bruce,
    I think you need two DNS *ADDRESSES*, not two DNS *SERVERS*.  I have a 
DNS server set up on my internal network, but my ISP would get very 
irritable with me if I attempted to put a DNS server on the external 
interface. :-)
    If you are setting up a home network, and the linux server won't be 
your firewall (it can't, if it doesn't have two network ports), then I'd 
recommend going to the local Walmart or Best Buy and grabbing a $30 
hardware firewall/router.  Hook up your cable modem or DSL to the external 
port, then hook up your linux server and other computers to the internal 
ports.  Default config on most hardware firewalls is Ok.  Not perfect, but 
Ok.  Usually they are set up as stafefull firewalls, so they don't allow 
ANY incoming traffic unless a computer on the inside has requested 
it.  Most are also set up to provide DHCP addresses to any computers on the 
internal network.
    Once this is hooked up, both your computers are protected by the 
firewall, they can both reach the internet, and they can talk to each 
other.  Most people use 192.168.0.x or 192.168.1.x for the internal network.
    Alternatively, if you have multiple network ports, you can set up a 
separate DNS server for every local subnet, reserving one port for the 
internet connection of course, then set up a NAT (network address 
translation) firewall with iptables.  :-)

Regards,
Randy

At 06:49 PM 11/28/2004, you wrote:

>Is it possible (pratical) to run 2 domain name servers on one linux box 
>(with one processor)?
>
>I'm installing FC2 to be a server for small home network but I would like 
>to connect to the internet occasionally for updates and such and I need to 
>assign an IP address now while installing. RFC 1597 suggests two DNS as a 
>solution for this situation.
>
>Do I only need to use one of the addresses assigned for private networks 
>in RFC 1597? It wasn't clear to me when I read the spec if these addresses 
>are reserved globally for private networks or if DNSs connected to the 
>internet always need an assigned IP address.
>
>TIA,
>Bruce

More information about the fedora-list mailing list