Clarification on roles of networking components.
Robert Moskowitz
rgm at htt-consult.com
Wed Mar 4 17:34:01 UTC 2009
Flaschen, Matthew S wrote:
>> If he has internal servers that local hosts need access to.
>>
>
>
>> For example. If he is running an Netbios server and the clients need to
>> access shares on it.
>>
>
> Right.
>
>
>> He does not want the world to know about this NAS,
>>
>
> Obviously.
>
>
>> plus it probably has an RFC1918 address.
>>
>
> I would definitely recommend a local-only address for the local services.
>
>
>> So with a local BIND server, he would set up an Internal view.
>>
>
> He /could/ do that but you haven't said why he should. If he wants his DNS/DHCP server connected to the outside internet, I would recommend he get two ethernet cards, eth0 and eth1, then configure dnsmasq to only serve on only the local interface. Note that this doesn't require any DNS-specific configurations. It is inherently simple and secure.
>
>
>> Perhaps he has an internal WiKi. I can go on with internal servers that
>> need name resolution.
>>
>
> I think he wants name resolution for all local hosts (why not?).
>
>
>> He can maintain all of this in hosts files on each
>> client as he seems to have done, or he can run his own internal DNS
>> server with an internal view.
>>
>
> Nowhere do you say why the complexity of BIND is necessary. He would be served very well (no pun intended) with a far simpler DNS implementation.
So your issue is not DNS, but rather the BIND implementation of DNS.
I have been working with BIND since '93. I have not spent any time
looking at any other implementations of DNS
Go with whatever floats your boat.
Webmin DOES make working with BIND reasonable.
More information about the fedora-list
mailing list