Clarification on roles of networking components.

[Robert Moskowitz]

Flaschen, Matthew S wrote:
>> If he has internal servers that local hosts need access to.
>>     
>
>   
>> For example. If he is running an Netbios server and the clients need to 
>> access shares on it.
>>     
>
> Right.
>
>   
>> He does not want the world to know about this NAS, 
>>     
>
> Obviously.
>
>   
>> plus it probably has an RFC1918 address.
>>     
>
> I would definitely recommend a local-only address for the local services.
>
>   
>> So with a local BIND server, he would set up an Internal view.
>>     
>
> He /could/ do that but you haven't said why he should.  If he wants his DNS/DHCP server connected to the outside internet, I would recommend he get two ethernet cards, eth0 and eth1, then configure dnsmasq to only serve on only the local interface.  Note that this doesn't require any DNS-specific configurations.  It is inherently simple and secure.
>
>   
>> Perhaps he has an internal WiKi. I can go on with internal servers that 
>> need name resolution. 
>>     
>
> I think he wants name resolution for all local hosts (why not?).
>
>   
>> He can maintain all of this in hosts files on each 
>> client as he seems to have done, or he can run his own internal DNS 
>> server with an internal view. 
>>     
>
> Nowhere do you say why the complexity of BIND is necessary.  He would be served very well (no pun intended) with a far simpler DNS implementation.

So your issue is not DNS, but rather the BIND implementation of DNS.

I have been working with BIND since '93. I have not spent any time 
looking at any other implementations of DNS

Go with whatever floats your boat.

Webmin DOES make working with BIND reasonable.