I've tried out DNSMasq and it seems to be straight forward, with a
little research.
Compared to bind, the configuration feels more natural - no "A" or
"CNAME" records to setup or getting the "." right. Just configure the
/etc/dnsmasq.conf file, add my internal (static) boxes to my /etc/hosts
file, restart dnsmasq, and voila.
Never that simple of course. It turns out that if you tell dnsmasq to
use the /etc/hosts file as a source for resolution, this gets used for
DHCP clients as well. The problem is when you have
127.0.0.1 my.internal.box
Your DHCP enabled boxes will try to look to 127.0.0.1 for
my.internal.box - which is themselves. And this fails of course.
Replacing the IP with the correct internal IP solves this issue. i.e.
10.10.10.3 my.internal.box
Just to complete the details, my current config file looks something
like this:
#-------------
domain-needed
bogus-priv
domain=mydomaincom
expand-hosts
local=/mydomain.com/
listen-address=127.0.0.1
listen-address=172.16.1.25
bind-interfaces
#dhcp range
dhcp-range=lan,172.16.1.100,172.16.1.150
#default gateway, dns server
dhcp-option=lan,3,172.16.1.1
dhcp-option=lan,6,172.16.1.25
#upstream name servers
server=8.8.8.8
server=8.8.4.4
#-------------
And I used this article by Carla Schroder as a starting point:
http://www.linux.com/learn/tutorials/516220-dnsmasq-for-easy-lan-name-services
Right now my network is nice and perky, like it should be, and things
are returning to normal. Thanks for the tips!
Shawn
On 13-08-12 09:22 AM, John Jardine wrote:
I know I'm coming in late to this discussion but here's what I was using
(what I'm using now is further down).
Alix box with DNSMasq as DHCP & DNS. I've never setup Bind so I have no
idea of the relative effort involved.
My requirements are:
Static IP pool from x.y.z.1 to x.y.z.99
DHCP pool from x.y.z.100 to x.y.z.254
Functionally static IPs for two NAS devices
This worked great and allowed all my internal machines to see each
other. The only thing I had to do was turn off the DHCP server on my
Linksys router.
Current network:
My earlier infrastructure was a hybrid of 100GB/GigE and I built a new
network anchored by a DLINK DSR-250 that is pure GigE with a couple of
VLANs to separate traffic. The DSR-250 does VLANs and IP/MAC mapping out
of the box so no issues there.
Interestingly I had a bit messing around to get DNSMasq to resolve
hostnames on my local network but got it working. The DSR-250 did it
out of the box.
I would not hesitate to go back to DNSMasq if I ever found unresolvable
issues with my current setup.
Cheers,
John J.
On Mon, 2013-08-12 at 01:29 -0600, Shawn wrote:
Thanks All.
I've used Bind in the past, but it has been a couple of years. I do
remember that it was a little more of a technical pain in the butt, but
effective. But seeing as it's been a while, I thought I'd ask.
I checked out DNSmasq and it seems to be a reasonable solution in my
case. At least worth trying out. If it doesn't work out I can always
go back to BIND.
Shawn
On 13-08-12 12:53 AM, Gustin Johnson wrote:
dnsmasq is used by default on OpenWRT IIRC as well.
Bind may be a "heavy" solution, but it is ultimately the one I chose. I
have 3 bind servers on my LAN. The primary is actually a VM (KVM) with
the slave installs living on the firewall itself (vanilla Ubuntu 13.04
server) and the KVM server host.
I used to have the isc dhcp server update the zone file, but now I
statically assign the DNS to avoid collisions so this is possible, it
just does not work out of the box like it does with dnsmasq (I do not
actually want this enabled in my primary LAN).
To actually answer your question, either solution will work, but I am a
fan of Bind so I will probably always suggest it :)
On Sun, Aug 11, 2013 at 9:57 PM, Anand Singh <an...@linizen.com
<mailto:an...@linizen.com>> wrote:
I'm actually an Untangle reseller and only have it installed as a
firewall/gateway at two small sites. For larger networks I use it
in bridge mode behind another firewall. It's just not a robust
gateway solution.
For Internet facing DNS zones Bind is the way to go, but is overkill
for your application. DNSmasq is a better option since it is light
weight, and has a built-in DHCP server to allow automatic name
creation in the DNS responder based on the DHCP hostname. i.e.: If
mygamebox picks up a DHCP lease, it automatically gets a DNS entry.
DNSmasq is used by many firewall distributions (including Untangle)
to provide that functionality.
Anand.
On Sun, Aug 11, 2013 at 9:32 PM, Shawn <sgro...@open2space.com
<mailto:sgro...@open2space.com>> wrote:
So I have a basic network set up now via my Asus RT-N56U
wireless router with updated firmware (which happens to have
parental controls too!!). The one thing it seems to be missing
is name resolution. I can't ping any other boxes on the network
by name with the firewall as my gateway and name resolver.
The obvious short term solution is to add my boxes into my
/etc/hosts file. That only affects my local box though. So I'm
looking at setting up a DNS server on my network and thought I'd
ask here for tips and such first. (my previous firewall -
Untangle - has failed on me, but allowed me to add HOSTS entries
on the firewall that would be used for internal resolution...)
Is Bind still the best DNS server? Is there another/simpler
name resolution solution I'm missing?
Thanks for any tips.
Shawn
_________________________________________________
clug-talk mailing list
clug-talk@clug.ca <mailto:clug-talk@clug.ca>
http://clug.ca/mailman/__listinfo/clug-talk_clug.ca
<http://clug.ca/mailman/listinfo/clug-talk_clug.ca>
Mailing List Guidelines (http://clug.ca/ml_guidelines.__php
<http://clug.ca/ml_guidelines.php>)
**Please remove these lines when replying
_______________________________________________
clug-talk mailing list
clug-talk@clug.ca <mailto:clug-talk@clug.ca>
http://clug.ca/mailman/listinfo/clug-talk_clug.ca
Mailing List Guidelines (http://clug.ca/ml_guidelines.php)
**Please remove these lines when replying
_______________________________________________
clug-talk mailing list
clug-talk@clug.ca
http://clug.ca/mailman/listinfo/clug-talk_clug.ca
Mailing List Guidelines (http://clug.ca/ml_guidelines.php)
**Please remove these lines when replying
_______________________________________________
clug-talk mailing list
clug-talk@clug.ca
http://clug.ca/mailman/listinfo/clug-talk_clug.ca
Mailing List Guidelines (http://clug.ca/ml_guidelines.php)
**Please remove these lines when replying
_______________________________________________
clug-talk mailing list
clug-talk@clug.ca
http://clug.ca/mailman/listinfo/clug-talk_clug.ca
Mailing List Guidelines (http://clug.ca/ml_guidelines.php)
**Please remove these lines when replying
_______________________________________________
clug-talk mailing list
clug-talk@clug.ca
http://clug.ca/mailman/listinfo/clug-talk_clug.ca
Mailing List Guidelines (http://clug.ca/ml_guidelines.php)
**Please remove these lines when replying
