name server via dhcp, but don't want dhcp assigned addresses

Joel Rees joel.rees at gmail.com
Tue Sep 22 05:31:01 UTC 2009 

On Mon, 21 Sep 2009 17:37:12, Sam Varshavchik replied,

> Joel Rees writes:
>
>> The WAN side of the router runs dhcp to my ISP, and gets the dns  
>> server addresses by dhcp, as well.
>
>
> Check your router's documentation. The way that 99% of these  
> routers are set up, is that they run a caching nameserver  
> internally, and on the local LAN they give their own IP address as  
> the DNS server's address, via DHCP.

Well, yeah, it does that. That is, I think the one page of docs said  
that it did, and I think I remember testing it when I first got it  
six or seven years ago. (Sure didn't expect to be using it this  
long.) Small cache, but shouldn't be so small that I would notice  
delays or anything, even on a big YUM update.

It's a black box, if it's using open source, and if NEC has published  
the source, they sure haven't made it easy to find it. Probably  
closed source. I seem to be able to telnet in, but it doesn't  
recognize any command I give it except "quit". (or was it "goodbye?")  
I don't really trust it, if I could afford the money and time to  
replace it with something I could load openBSD on, I would. (Come to  
think of it, it's rental, I should be able to justify the cost of  
replacement by how much it has cost to rent it all this time.)

I guess, if I trust it to route, and if I can't shut the DNS function  
off, I might as well trust the DNS function as well. If somebody gets  
far enough into it to do a MIM on the DNS function, they can probably  
MIM the routes as easily.

>> In the past, the ISP had told us to set the primary and secondary  
>> dns server addresses statically, so I had the router set to serve  
>> dhcp with those address. But I have also set the dns primary and  
>> secondary server addresses for all the boxes by hand to the dns  
>> servers
>
>
> Chances are that this is unnecessary. You should've just set your  
> servers to use your router as the DNS server.

It was the ISP's original recommendation.

>> So, my problem is that I need to tell each Fedora box to accept  
>> the DNS server addresses provided by the DHCP server (the router,  
>> actually, which worries me), but not ask for a host IP address for  
>> itself, but the GUI dialogs in current Fedora don't provide that  
>> as an option.
>
>
> Why don't you test setting your server as full blown DHCP client,  
> and see what DNS address your router gives you for your DNS server.  
> Chances are that it's your router's IP address. In which case you  
> just need to configure your servers to use a static DNS server on  
> your router's IP address.


The ISP recommends leaving the DNS addresses to be set via DHCP,  
rather than setting the router as the DNS server. Not that  
recommendations for the average customer are the only way to do  
things, of course.

Well, since I seem to be able to set the Macs on the network to keep  
a static host IP address and use the DNS server addresses passed  
along by the DHCP server, I was hoping I could do that with the  
graphical UI stuff on Fedora. Or even with /etc/dhclient.conf. (Not  
really seeing how yet from the man pages, so now I'm wondering if  
that's actually part of the standard.)

OK. Thanks for pushing me to think a little further about the  
implications of trusting the router. (And about whether I should  
consider investing in a router I can control, as an investment  
against the cost of more rent.)

Joel Rees

More information about the fedora-list mailing list