Clarification on roles of networking components.

Simon Slater pyevet at iinet.net.au
Wed Mar 4 20:51:14 UTC 2009 

On Wed, 2009-03-04 at 12:34 -0500, Robert Moskowitz wrote:
> Flaschen, Matthew S wrote:
> >> If he has internal servers that local hosts need access to.
> >>     
At the moment one server offering limited services internally, nothing
external.
> >   
> >> For example. If he is running an Netbios server and the clients need to 
> >> access shares on it.
> >>     
> > Right. 
> >> He does not want the world to know about this NAS, 
> > Obviously
> >> plus it probably has an RFC1918 address.
> > I would definitely recommend a local-only address for the local services. 
> >> So with a local BIND server, he would set up an Internal view.
> > He /could/ do that but you haven't said why he should.  If he wants his DNS/DHCP server connected to the outside internet, I would recommend he get two ethernet cards, eth0 and eth1, then configure dnsmasq to only serve on only the local interface.  Note that this doesn't require any DNS-specific configurations.  It is inherently simple and secure.
> > 
> >> Perhaps he has an internal WiKi. I can go on with internal servers that 
> >> need name resolution. 
> >>     
> >
> > I think he wants name resolution for all local hosts (why not?).
> >
Yes
> >> He can maintain all of this in hosts files on each 
> >> client as he seems to have done, or he can run his own internal DNS 
> >> server with an internal view. 
> >>     
> >
> > Nowhere do you say why the complexity of BIND is necessary.  He would be served very well (no pun intended) with a far simpler DNS implementation.
> 
> So your issue is not DNS, but rather the BIND implementation of DNS.
> 
> I have been working with BIND since '93. I have not spent any time 
> looking at any other implementations of DNS
> 
> Go with whatever floats your boat.
> 
> Webmin DOES make working with BIND reasonable.
> 
> 
Now I've caught up on some sleep I can continue with a clearer head.
The single server has 2 nics, one internal the other to the dsl router.
For now internal name resolution and dhcp is the issue, but more
internal services will be added down the road, as well as web server
usw.  I started with dhcpd but this does seem more powerful than I need
now.  I'll check out dnsmasq today.

-- 
Regards,
Simon Slater
Registered Linux User #463789. Be counted at: http://counter.li.org/

More information about the fedora-list mailing list