On Tue, May 27, 2003 at 11:02:48PM -0400, Jerry Quinn wrote:
> Hi, all. I have a debian box serving as my firewall/router/dhcp
> server. The dhcp does the job fine, except for dns.
>
> I'd like to have dns lookups work correctly for my internal network.
> So is there a simple means of having my dhcp clients being able to
> have their names resolve to IP's easily (no or minimal config)?
>
> I'm not currently running a DNS server but can put one in. What I've
> read of configuring bind so far makes it sound like a sizable
> investment in time to get working what seems to me to be a pretty
> basic and common desire.
It's like everything else. It takes days of reading conflicting HOWTOs
that you don't realize until the end that they are for a different
version and reading huge manuals and weeks to let it soak in and looking
over other's config files until it hits you that it's a relatively
simple setup after all and then it only takes a few minutes and it works
fine for a year and then you need to change something and then the
process repeats.
Ok, here's my dhcpd.conf which sets fixed IPs based on MAC address.
default-lease-time 1200;
max-lease-time 7200;
# Empty for eth0
subnet 63.205.225.168 netmask 255.255.255.248 {
}
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.30 192.168.1.50;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option routers 192.168.1.1;
option domain-name "hank.org";
option domain-name-servers 192.168.1.1;
}
host laptop {
hardware ethernet 00:04:5A:7D:E0:38;
fixed-address 192.168.1.3;
}
[more hosts]
Then I run bind with "views" (I need to lookup who explained this to me
so I can give credit). The views make bind give different responses
depending on where the query comes from. So from inside:
$ nslookup laptop.hank.org
Name: laptop.hank.org
Address: 192.168.1.3
>nslookup laptop.hank.org
*** can't find laptop.hank.org: Non-existent host/domain
The advantage is that there's little client setup. If I wasn't running
bind anyways I'd just use /etc/hosts in each client.
Then I use the "options" part of named.conf that debian setup and then
do the following. I'm not bind expert, so hopefully someone else will
point out any errors.
acl mylan {
127.0.0.0/8; 192.168.0.0/24; 192.168.1.0/24; 63.205.225.170;
};
view "internal" {
match-clients { mylan; };
recursion yes;
notify no;
zone "hank.org" IN {
type master;
file "/etc/bind/hank.org.internal";
};
zone "1.168.192.in-addr.arpa" IN {
type master;
file "/etc/bind/db.192.168.1.x";
};
};
view "external" {
match-clients { any; };
recursion no;
allow-query { any; };
notify yes;
zone "hank.org" IN {
type master;
file "/etc/bind/hank.org";
};
};
That's not all my zones, but should give you an idea. I don't see any
reason you can't do this even if you are not running your own DNS for
your domain.
--
Bill Moseley
[EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
