I know I'm coming in late to this discussion but here's what I was using (what I'm using now is further down). Alix box with DNSMasq as DHCP & DNS. I've never setup Bind so I have no idea of the relative effort involved.
My requirements are: Static IP pool from x.y.z.1 to x.y.z.99 DHCP pool from x.y.z.100 to x.y.z.254 Functionally static IPs for two NAS devices This worked great and allowed all my internal machines to see each other. The only thing I had to do was turn off the DHCP server on my Linksys router. Current network: My earlier infrastructure was a hybrid of 100GB/GigE and I built a new network anchored by a DLINK DSR-250 that is pure GigE with a couple of VLANs to separate traffic. The DSR-250 does VLANs and IP/MAC mapping out of the box so no issues there. Interestingly I had a bit messing around to get DNSMasq to resolve hostnames on my local network but got it working. The DSR-250 did it out of the box. I would not hesitate to go back to DNSMasq if I ever found unresolvable issues with my current setup. Cheers, John J. On Mon, 2013-08-12 at 01:29 -0600, Shawn wrote: > Thanks All. > > I've used Bind in the past, but it has been a couple of years. I do > remember that it was a little more of a technical pain in the butt, but > effective. But seeing as it's been a while, I thought I'd ask. > > I checked out DNSmasq and it seems to be a reasonable solution in my > case. At least worth trying out. If it doesn't work out I can always > go back to BIND. > > Shawn > > On 13-08-12 12:53 AM, Gustin Johnson wrote: > > dnsmasq is used by default on OpenWRT IIRC as well. > > > > Bind may be a "heavy" solution, but it is ultimately the one I chose. I > > have 3 bind servers on my LAN. The primary is actually a VM (KVM) with > > the slave installs living on the firewall itself (vanilla Ubuntu 13.04 > > server) and the KVM server host. > > > > I used to have the isc dhcp server update the zone file, but now I > > statically assign the DNS to avoid collisions so this is possible, it > > just does not work out of the box like it does with dnsmasq (I do not > > actually want this enabled in my primary LAN). > > > > To actually answer your question, either solution will work, but I am a > > fan of Bind so I will probably always suggest it :) > > > > > > On Sun, Aug 11, 2013 at 9:57 PM, Anand Singh <an...@linizen.com > > <mailto:an...@linizen.com>> wrote: > > > > I'm actually an Untangle reseller and only have it installed as a > > firewall/gateway at two small sites. For larger networks I use it > > in bridge mode behind another firewall. It's just not a robust > > gateway solution. > > > > For Internet facing DNS zones Bind is the way to go, but is overkill > > for your application. DNSmasq is a better option since it is light > > weight, and has a built-in DHCP server to allow automatic name > > creation in the DNS responder based on the DHCP hostname. i.e.: If > > mygamebox picks up a DHCP lease, it automatically gets a DNS entry. > > > > DNSmasq is used by many firewall distributions (including Untangle) > > to provide that functionality. > > > > Anand. > > > > > > On Sun, Aug 11, 2013 at 9:32 PM, Shawn <sgro...@open2space.com > > <mailto:sgro...@open2space.com>> wrote: > > > > So I have a basic network set up now via my Asus RT-N56U > > wireless router with updated firmware (which happens to have > > parental controls too!!). The one thing it seems to be missing > > is name resolution. I can't ping any other boxes on the network > > by name with the firewall as my gateway and name resolver. > > > > The obvious short term solution is to add my boxes into my > > /etc/hosts file. That only affects my local box though. So I'm > > looking at setting up a DNS server on my network and thought I'd > > ask here for tips and such first. (my previous firewall - > > Untangle - has failed on me, but allowed me to add HOSTS entries > > on the firewall that would be used for internal resolution...) > > > > Is Bind still the best DNS server? Is there another/simpler > > name resolution solution I'm missing? > > > > Thanks for any tips. > > > > Shawn > > > > _________________________________________________ > > clug-talk mailing list > > clug-talk@clug.ca <mailto:clug-talk@clug.ca> > > http://clug.ca/mailman/__listinfo/clug-talk_clug.ca > > <http://clug.ca/mailman/listinfo/clug-talk_clug.ca> > > Mailing List Guidelines (http://clug.ca/ml_guidelines.__php > > <http://clug.ca/ml_guidelines.php>) > > **Please remove these lines when replying > > > > > > > > _______________________________________________ > > clug-talk mailing list > > clug-talk@clug.ca <mailto:clug-talk@clug.ca> > > http://clug.ca/mailman/listinfo/clug-talk_clug.ca > > Mailing List Guidelines (http://clug.ca/ml_guidelines.php) > > **Please remove these lines when replying > > > > > > > > > > _______________________________________________ > > clug-talk mailing list > > clug-talk@clug.ca > > http://clug.ca/mailman/listinfo/clug-talk_clug.ca > > Mailing List Guidelines (http://clug.ca/ml_guidelines.php) > > **Please remove these lines when replying > > > > _______________________________________________ > clug-talk mailing list > clug-talk@clug.ca > http://clug.ca/mailman/listinfo/clug-talk_clug.ca > Mailing List Guidelines (http://clug.ca/ml_guidelines.php) > **Please remove these lines when replying _______________________________________________ clug-talk mailing list clug-talk@clug.ca http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
