This is part of The Pile, a partial archive of some open source mailing lists and newsgroups.
To: debian-user@lists.debian.org
From: David Fokkema <dfokkema@ileos.nl>
Subject: DNS for small network with internet connection
Date: Fri, 11 Jul 2003 19:53:33 +0200
Hi group,
I thought I had it all worked out, sort of, :-/
There must be an easy solution to this...
Currently, I use dhcp and dnsmasq to serve my local LAN. Very, very
easy to set up and it works as a charm. I use dhcp-client to acquire an
IP addres for the internet, which then rewrites /etc/resolv.conf to
incorporate the name servers for the internet.
My problem is that my server has no idea what the internal LAN is all
about: its nameservers are the ones provided by my ISP. If I add my
local dns server (dnsmasq) to /etc/resolv.conf, it is overwritten the
next time the lease is renewed. Telling dhclient.conf to _not_ write to
/etc/resolv.conf will not update my nameservers for the internet, so
there must be another way, I think.
===
To: debian-user@lists.debian.org
From: "Jamin W. Collins" <jcollins@asgardsrealm.net>
Subject: Re: DNS for small network with internet connection
Date: Fri, 11 Jul 2003 12:39:51 -0600
On Fri, Jul 11, 2003 at 07:53:33PM +0200, David Fokkema wrote:
> Currently, I use dhcp and dnsmasq to serve my local LAN. Very, very
> easy to set up and it works as a charm. I use dhcp-client to acquire
> an IP addres for the internet, which then rewrites /etc/resolv.conf to
> incorporate the name servers for the internet.
>
> My problem is that my server has no idea what the internal LAN is all
> about: its nameservers are the ones provided by my ISP. If I add my
> local dns server (dnsmasq) to /etc/resolv.conf, it is overwritten the
> next time the lease is renewed. Telling dhclient.conf to _not_ write
> to /etc/resolv.conf will not update my nameservers for the internet,
> so there must be another way, I think.
>
> Any suggestions?
Tried reading the man page? Specifically the man page for the config
file:
man dhclient.conf
Then specifically, the section:
OPTION MODIFIERS
===
To: debian-user@lists.debian.org
From: David Fokkema <dfokkema@ileos.nl>
Subject: Re: DNS for small network with internet connection
Date: Fri, 11 Jul 2003 20:47:30 +0200
On Fri, Jul 11, 2003 at 12:39:51PM -0600, Jamin W. Collins wrote:
> On Fri, Jul 11, 2003 at 07:53:33PM +0200, David Fokkema wrote:
>
> > Currently, I use dhcp and dnsmasq to serve my local LAN. Very, very
> > easy to set up and it works as a charm. I use dhcp-client to acquire
> > an IP addres for the internet, which then rewrites /etc/resolv.conf to
> > incorporate the name servers for the internet.
> >
> > My problem is that my server has no idea what the internal LAN is all
> > about: its nameservers are the ones provided by my ISP. If I add my
> > local dns server (dnsmasq) to /etc/resolv.conf, it is overwritten the
> > next time the lease is renewed. Telling dhclient.conf to _not_ write
> > to /etc/resolv.conf will not update my nameservers for the internet,
> > so there must be another way, I think.
> >
> > Any suggestions?
>
> Tried reading the man page? Specifically the man page for the config
> file:
>
> man dhclient.conf
>
> Then specifically, the section:
>
> OPTION MODIFIERS
<ashamed>
I feel stupid. I _have_ read the manpage, of course, but I missed the
importance _and_ usefullness of this section. I'm going to work it out
right away...
Thanks!
David
</ashamed>
===
To: debian-user@lists.debian.org
From: Thomas Hood <jdthood@yahoo.co.uk>
Subject: Re: DNS for small network with internet connection
Date: 12 Jul 2003 10:56:42 +0200
It was to solve exactly this sort of problem that I created the
resolvconf package. With resolvconf installed, DHCP clients
send their information to resolvconf; resolvconf then generates
a /etc/resolv.conf file for applications to use, and a separate
/var/run/dnsmasq/resolv.conf file for dnsmasq to use.
Thus, in your case, with resolvconf installed, the /etc/resolv.conf
file will contain:
nameserver 127.0.0.1
nameserver 1.2.3.4
nameserver 5.6.7.8
(the first line supplied by dnsmasq, the other two by dhclient)
whereas the /var/run/dnsmasq/resolv.conf file will contain:
nameserver 1.2.3.4
nameserver 5.6.7.8
For this to work without your having to do manual configuration,
get the latest versions of dhcp3-client and dnsmasq and make
sure you haven't changed their configuration files such that the
integration with resolvconf is disabled.
Resolvconf isn't absolutely necessary, given that various packages
have implemented their own kludgy solutions to these problems.
(Dhclient has its option modifiers and dnsmasq can monitor several
resolv.conf files.) However, it is nice in that it solves the
problem of contention over the resolv.conf file quite generally,
centrally and flexibly. Resolvconf also provides hooks so that
applications can arrange to be notified when the resolver
configuration changes.
You can get the latest resolvconf deb from the resolvconf section
of the update-resolv project at alioth:
http://alioth.debian.org/projects/update-resolv
Read the README file for more information. Please let me know
if you run into any problems.
===
To: debian-user@lists.debian.org
From: "Jamin W. Collins" <jcollins@asgardsrealm.net>
Subject: Re: DNS for small network with internet connection
Date: Sat, 12 Jul 2003 08:12:00 -0600
On Sat, Jul 12, 2003 at 10:56:42AM +0200, Thomas Hood wrote:
> It was to solve exactly this sort of problem that I created the
> resolvconf package.
But the resolvconf package is not needed for this situation. Instead
only reading the man page for the dhclient.conf and then a simple
editing of /etc/dhclient.conf.
===
To: debian-user@lists.debian.org
From: David Fokkema <dfokkema@ileos.nl>
Subject: Re: DNS for small network with internet connection
Date: Sat, 12 Jul 2003 20:02:02 +0200
On Sat, Jul 12, 2003 at 10:56:42AM +0200, Thomas Hood wrote:
> It was to solve exactly this sort of problem that I created the
> resolvconf package. With resolvconf installed, DHCP clients
> send their information to resolvconf; resolvconf then generates
> a /etc/resolv.conf file for applications to use, and a separate
> /var/run/dnsmasq/resolv.conf file for dnsmasq to use.
Hmm... seems nice, but the solution from Jamin Collins works out pretty
well, although I'm wondering what will happen in slightly more complex
situations or when dhclient is unable to get an address from my ISPs
server. I'll take a look at your package.
===
To: debian-user@lists.debian.org
From: Jerry Quinn <jlquinn@optonline.net>
Subject: How to make DNS and DHCP server play nice?
Date: Tue, 27 May 2003 23:02:48 -0400
Hi, all. I have a debian box serving as my firewall/router/dhcp
server. The dhcp does the job fine, except for dns.
I'd like to have dns lookups work correctly for my internal network.
So is there a simple means of having my dhcp clients being able to
have their names resolve to IP's easily (no or minimal config)?
I'm not currently running a DNS server but can put one in. What I've
read of configuring bind so far makes it sound like a sizable
investment in time to get working what seems to me to be a pretty
basic and common desire.
I used to have a smoothwall until the box blew up. At that point
I moved my old debian desktop into service as the router. Smoothwall
uses dnrd as a forwarding dns proxy, but it didn't support
transferring in dhcp hostnames.
===
To: debian-user@lists.debian.org
From: "Jeffrey L. Taylor" <jeff@austinblues.dyndns.org>
Subject: Re: How to make DNS and DHCP server play nice?
Date: Tue, 27 May 2003 22:30:36 -0500
Quoting Jerry Quinn <jlquinn@optonline.net>:
> Hi, all. I have a debian box serving as my firewall/router/dhcp
> server. The dhcp does the job fine, except for dns.
>
> I'd like to have dns lookups work correctly for my internal network.
> So is there a simple means of having my dhcp clients being able to
> have their names resolve to IP's easily (no or minimal config)?
>
> I'm not currently running a DNS server but can put one in. What I've
> read of configuring bind so far makes it sound like a sizable
> investment in time to get working what seems to me to be a pretty
> basic and common desire.
>
Setting up DNS takes a couple of hours in one go. Getting around it
will take about the same amount of time in smaller chunks. You have
three (or more) alternatives:
1) configure DHCP server to always give out the same IP address to the
same NIC each time and edit /etc/hosts on each box as new hosts added.
2) configure DHCP server to give out the same IP address each time and
configure DNS with the names and IP addresses once and edit
/etc/resolv.conf once on each box.
3) configure DHCP and DNS servers to use Dynamic DNS, so DHCP server
updates DNS server each time an IP address changes.
Having done all three at one time or another, I've settled on number
two.
===
To: Jerry Quinn <jlquinn@optonline.net>
From: moseley@hank.org
Subject: Re: How to make DNS and DHCP server play nice?
Date: Tue, 27 May 2003 22:33:53 -0700
On Tue, May 27, 2003 at 11:02:48PM -0400, Jerry Quinn wrote:
> Hi, all. I have a debian box serving as my firewall/router/dhcp
> server. The dhcp does the job fine, except for dns.
>
> I'd like to have dns lookups work correctly for my internal network.
> So is there a simple means of having my dhcp clients being able to
> have their names resolve to IP's easily (no or minimal config)?
>
> I'm not currently running a DNS server but can put one in. What I've
> read of configuring bind so far makes it sound like a sizable
> investment in time to get working what seems to me to be a pretty
> basic and common desire.
It's like everything else. It takes days of reading conflicting HOWTOs
that you don't realize until the end that they are for a different
version and reading huge manuals and weeks to let it soak in and looking
over other's config files until it hits you that it's a relatively
simple setup after all and then it only takes a few minutes and it works
fine for a year and then you need to change something and then the
process repeats.
Ok, here's my dhcpd.conf which sets fixed IPs based on MAC address.
default-lease-time 1200;
max-lease-time 7200;
# Empty for eth0
subnet 63.205.225.168 netmask 255.255.255.248 {
}
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.30 192.168.1.50;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option routers 192.168.1.1;
option domain-name "hank.org";
option domain-name-servers 192.168.1.1;
}
host laptop {
hardware ethernet 00:04:5A:7D:E0:38;
fixed-address 192.168.1.3;
}
[more hosts]
Then I run bind with "views" (I need to lookup who explained this to me
so I can give credit). The views make bind give different responses
depending on where the query comes from. So from inside:
$ nslookup laptop.hank.org
Name: laptop.hank.org
Address: 192.168.1.3
>nslookup laptop.hank.org
*** can't find laptop.hank.org: Non-existent host/domain
The advantage is that there's little client setup. If I wasn't running
bind anyways I'd just use /etc/hosts in each client.
Then I use the "options" part of named.conf that debian setup and then
do the following. I'm not bind expert, so hopefully someone else will
point out any errors.
acl mylan {
127.0.0.0/8; 192.168.0.0/24; 192.168.1.0/24; 63.205.225.170;
};
view "internal" {
match-clients { mylan; };
recursion yes;
notify no;
zone "hank.org" IN {
type master;
file "/etc/bind/hank.org.internal";
};
zone "1.168.192.in-addr.arpa" IN {
type master;
file "/etc/bind/db.192.168.1.x";
};
};
view "external" {
match-clients { any; };
recursion no;
allow-query { any; };
notify yes;
zone "hank.org" IN {
type master;
file "/etc/bind/hank.org";
};
};
That's not all my zones, but should give you an idea. I don't see any
reason you can't do this even if you are not running your own DNS for
your domain.
===
To: debian-user@lists.debian.org
From: Jerry Quinn <jlquinn@optonline.net>
Subject: Re: How to make DNS and DHCP server play nice?
Date: Wed, 28 May 2003 08:26:52 -0400
Jeffrey L. Taylor <jeff@austinblues.dyndns.org> writes:
>
> Setting up DNS takes a couple of hours in one go. Getting around it
> will take about the same amount of time in smaller chunks. You have
> three (or more) alternatives:
>
> 1) configure DHCP server to always give out the same IP address to the
> same NIC each time and edit /etc/hosts on each box as new hosts added.
>
> 2) configure DHCP server to give out the same IP address each time and
> configure DNS with the names and IP addresses once and edit
> /etc/resolv.conf once on each box.
>
> 3) configure DHCP and DNS servers to use Dynamic DNS, so DHCP server
> updates DNS server each time an IP address changes.
> Having done all three at one time or another, I've settled on number
> two.
Thanks for the info.
This is clearly depressing. I was hoping someone had already made it
simple to Do The Right Thing(tm).
Ah, well. I guess I can add fixing a DNS server to work right to the
list of many projects I might get around to doing some day.
===
To: Debian User <debian-user@lists.debian.org>
From: William Cooper <BillCooper@mailandnews.com>
Subject: Re: How to make DNS and DHCP server play nice?
Date: Wed, 28 May 2003 10:29:47 -0400
Jerry Quinn wrote:
>
<snip>
> Thanks for the info. This is clearly depressing. I was
> hoping someone had already made it
> simple to Do The Right Thing(tm). Ah, well. I guess I
> can add fixing a DNS server to work right to the
> list of many projects I might get around to doing some day.
> Thanks,
> Jerry
>
Hi,
what about just using the dhcp-dns package? Using it only
requires minimal changes to the DNS setups.
Here's the relevant sections of the DNS files.
> zone "company.internal" {
> type master;
// this is the ip of my dhcp server you need this line to be
the same as your dhcp server
> allow-update { 192.168.1.13;}; file
> "company.internal";
> };
> zone "1.168.192.in-addr.arpa" {
> type master;
> allow-update { 192.168.1.13;};
> file "0.1.168.192";
> };
Here the dhcp-dns.conf file
> $DDNSHOME="/var/lib/dhcp-dns";
> $DHCPD="/var/dhcp/dhcpd.leases";
> #$DOMAIN="__DOMAIN__";
> $DOMAIN="company.internal";
> $NSUPDATE="/usr/sbin/nsupdate";
In my "company.internal" I have entries for a SOA for my DNS
server and that about it for changes. I don't have anything
fancy like secured updates or the like, this is a small
internal network.
If you need more help ask I'll do what I can.
===
To: debian-user@lists.debian.org
From: "Jeffrey L. Taylor" <jeff@austinblues.dyndns.org>
Subject: Re: How to make DNS and DHCP server play nice?
Date: Wed, 28 May 2003 09:31:57 -0500
Quoting Jerry Quinn <jlquinn@optonline.net>:
> Jeffrey L. Taylor <jeff@austinblues.dyndns.org> writes:
> >
> > Setting up DNS takes a couple of hours in one go. Getting around it
> > will take about the same amount of time in smaller chunks. You have
> > three (or more) alternatives:
> >
> > 1) configure DHCP server to always give out the same IP address to the
> > same NIC each time and edit /etc/hosts on each box as new hosts added.
> >
> > 2) configure DHCP server to give out the same IP address each time and
> > configure DNS with the names and IP addresses once and edit
> > /etc/resolv.conf once on each box.
> >
> > 3) configure DHCP and DNS servers to use Dynamic DNS, so DHCP server
> > updates DNS server each time an IP address changes.
>
> > Having done all three at one time or another, I've settled on number
> > two.
>
> Thanks for the info.
>
> This is clearly depressing. I was hoping someone had already made it
> simple to Do The Right Thing(tm).
>
> Ah, well. I guess I can add fixing a DNS server to work right to the
> list of many projects I might get around to doing some day.
>
You might try using Webmin to administer DNS. The one problem is that
you do need to understand DNS before using it. Also, don't allow the
Internet access to your DNS server (i.e., firewall port 53) and you
don't have to worry about security as much. This is assuming a SOHO
LAN behind a firewall with NAT (AKA IP masquerading).
===
To: Jerry Quinn <jlquinn@optonline.net>
From: "Stephen A. Witt" <sawitt@electra.rsc.raytheon.com>
Subject: Re: How to make DNS and DHCP server play nice?
Date: Wed, 28 May 2003 14:30:37 -0700 (PDT)
On Tue, 27 May 2003, Jerry Quinn wrote:
> Hi, all. I have a debian box serving as my firewall/router/dhcp
> server. The dhcp does the job fine, except for dns.
>
> I'd like to have dns lookups work correctly for my internal network.
> So is there a simple means of having my dhcp clients being able to
> have their names resolve to IP's easily (no or minimal config)?
>
> I'm not currently running a DNS server but can put one in. What I've
> read of configuring bind so far makes it sound like a sizable
> investment in time to get working what seems to me to be a pretty
> basic and common desire.
>
It sounds like you are talking about a small network behind a firewall
that is also doing NAT. A very easy way of doing this is to use the
dnsmasq package. This is really easy to set up. It is purpose-built for a
small network where bind would be WAY overkill. I think it is really cool.
It was very easy to setup.
===
To: "Stephen A. Witt" <sawitt@electra.rsc.raytheon.com>
From: Jerry Quinn <jlquinn@optonline.net>
Subject: Re: How to make DNS and DHCP server play nice?
Date: Wed, 28 May 2003 23:06:34 -0400
Stephen A. Witt writes:
> On Tue, 27 May 2003, Jerry Quinn wrote:
>
> > Hi, all. I have a debian box serving as my firewall/router/dhcp
> > server. The dhcp does the job fine, except for dns.
> >
> > I'd like to have dns lookups work correctly for my internal network.
> > So is there a simple means of having my dhcp clients being able to
> > have their names resolve to IP's easily (no or minimal config)?
>
> It sounds like you are talking about a small network behind a firewall
> that is also doing NAT. A very easy way of doing this is to use the
> dnsmasq package. This is really easy to set up. It is purpose-built for a
> small network where bind would be WAY overkill. I think it is really cool.
> It was very easy to setup.
Excellent pointer! Except for the fact that it doesn't seem to work.
I had to manually configure it to read the dhcp lease file (which I
think should happen by default), but even afterwards it fails to
resolve other machine on my network.
I think this is the Right Approach (tm). Do you have any ideas what
might be broken for me?
===
To: debian-user@lists.debian.org
From: Jerry Quinn <jlquinn@optonline.net>
Subject: Re: How to make DNS and DHCP server play nice?
Date: Wed, 28 May 2003 23:44:21 -0400
Jerry Quinn writes:
> Stephen A. Witt writes:
> > On Tue, 27 May 2003, Jerry Quinn wrote:
> > > Hi, all. I have a debian box serving as my firewall/router/dhcp
> > > server. The dhcp does the job fine, except for dns.
>
> Excellent pointer! Except for the fact that it doesn't seem to work.
> I had to manually configure it to read the dhcp lease file (which I
> think should happen by default), but even afterwards it fails to
> resolve other machine on my network.
Turns out it was working and the machine I was trying to ping was
asleep and therefore had no lease.
This is great! I put in a wishlist to have dnsmasq read the dhcp
lease file out of the box. Then dnsmasq will really be plug and
play.
===
To: debian-user@lists.debian.org
From: R Ransbottom <vze4zk6s@verizon.net>
Subject: Re: How to make DNS and DHCP server play nice?
Date: Thu, 29 May 2003 16:55:33 -0400
> This is great! I put in a wishlist to have dnsmasq read the dhcp
> lease file out of the box. Then dnsmasq will really be plug and
> play.
Since only one dhcp server should exist on a segment it is a bad
idea to have such a package work without, at least, forcing the user to
set it up.
===
To: rir.gsmi@verizon.net
From: Jerry Quinn <jlquinn@optonline.net>
Subject: Re: How to make DNS and DHCP server play nice?
Date: Thu, 29 May 2003 19:11:12 -0400
R Ransbottom writes:
>
>
> > This is great! I put in a wishlist to have dnsmasq read the dhcp
> > lease file out of the box. Then dnsmasq will really be plug and
> > play.
>
> Since only one dhcp server should exist on a segment it is a bad
> idea to have such a package work without, at least, forcing the user to
> set it up.
However, dnsmasq already serves as a dns proxy out of the box for
whatever server was handed you by dhcp. And it reads your hosts
file. The package seems to be explicitly designed for this use (small
network dns service) and as such, I would think that finishing the job
would make sense. We're trying to make life easier for people, not
harder.
If I have more complex DNS requirements on my internal network, I
should be using bind or one of the other complete DNS servers, not
dnsmasq.
For the paranoid, there could be a debconf message asking you if you
want the server to be turned on at install time or not ...
===
To: debian-user@lists.debian.org
From: Bill Moseley <moseley@hank.org>
Subject: Re: How to make DNS and DHCP server play nice?
Date: Thu, 29 May 2003 17:04:42 -0700
On Thu, May 29, 2003 at 07:11:12PM -0400, Jerry Quinn wrote:
> R Ransbottom writes:
> >
> >
> > > This is great! I put in a wishlist to have dnsmasq read the dhcp
> > > lease file out of the box. Then dnsmasq will really be plug and
> > > play.
> >
> > Since only one dhcp server should exist on a segment it is a bad
> > idea to have such a package work without, at least, forcing the user to
> > set it up.
>
> However, dnsmasq already serves as a dns proxy out of the box for
> whatever server was handed you by dhcp. And it reads your hosts
> file. The package seems to be explicitly designed for this use (small
> network dns service) and as such, I would think that finishing the job
> would make sense. We're trying to make life easier for people, not
> harder.
I setup a machine for a friend about a year ago with dnsmasq. I just
looked at my notes as I was wondering why I used dnsmasq instead of
bind. I'd like to uppate my notes. Is the issue that dnsmask will
watch resolve.conf for changes where it's hard(er) to make bind do that?
===
To: Bill Moseley <moseley@hank.org>
From: Jerry Quinn <jlquinn@optonline.net>
Subject: Re: How to make DNS and DHCP server play nice?
Date: Thu, 29 May 2003 22:51:38 -0400
Bill Moseley writes:
> On Thu, May 29, 2003 at 07:11:12PM -0400, Jerry Quinn wrote:
> > R Ransbottom writes:
> > >
> > >
> > > > This is great! I put in a wishlist to have dnsmasq read the dhcp
> > > > lease file out of the box. Then dnsmasq will really be plug and
> > > > play.
> > >
> > > Since only one dhcp server should exist on a segment it is a bad
> > > idea to have such a package work without, at least, forcing the user to
> > > set it up.
> >
> > However, dnsmasq already serves as a dns proxy out of the box for
> > whatever server was handed you by dhcp. And it reads your hosts
> > file. The package seems to be explicitly designed for this use (small
> > network dns service) and as such, I would think that finishing the job
> > would make sense. We're trying to make life easier for people, not
> > harder.
>
> I setup a machine for a friend about a year ago with dnsmasq. I just
> looked at my notes as I was wondering why I used dnsmasq instead of
> bind. I'd like to uppate my notes. Is the issue that dnsmask will
> watch resolve.conf for changes where it's hard(er) to make bind do that?
That's one. You don't have to go out of your way in the simple case
to get dnsmasq to forward dns requests upstream. It also incorporates
/etc/hosts into its cache.
The real value for me is that dnsmasq will watch dhcpd.leases and
incorporate dynamic IP clients into its cache. I have the common
configuration of a single gateway with a handful of machines behind
it. Running dhcp on the gateway makes it simpler to admin internal
addresses. And dnsmasq means I get name services for the dynamic
clients without working hard.
That saved me the two hours or so of forcing fixed dhcp addresses for
each client or setting up (and learning enough of) bind to permit
dynamic updates.
===
To: debian-user@lists.debian.org
From: Bill Moseley <moseley@hank.org>
Subject: Re: How to make DNS and DHCP server play nice?
Date: Thu, 29 May 2003 21:41:20 -0700
On Thu, May 29, 2003 at 10:51:38PM -0400, Jerry Quinn wrote:
> That's one. You don't have to go out of your way in the simple case
> to get dnsmasq to forward dns requests upstream. It also incorporates
> /etc/hosts into its cache.
Just so I'm clear, the reason it reads /etc/hosts is so that some other
machine can look up the IP of the machine where dnsmasq is running. In
other words, dnsmasq can figure out all the hosts (and their IPs) from
reading the leases file except the machine running dhcpd (and also
dnsmasq) won't have an entry in the leases file so dnsmasq has to read
it from the /etc/hosts file.
I just connected to my friends machine and noticed this:
$ dig @localhost blackdell
[...]
;; ANSWER SECTION:
blackdell. 175 IN A 192.168.1.81
blackdell. 475 IN A 192.168.1.81
I suppose that's not a problem. (Round-robin DNS pointing to the same
IP...)
> The real value for me is that dnsmasq will watch dhcpd.leases and
> incorporate dynamic IP clients into its cache. I have the common
> configuration of a single gateway with a handful of machines behind
> it. Running dhcp on the gateway makes it simpler to admin internal
> addresses. And dnsmasq means I get name services for the dynamic
> clients without working hard.
Very nice. I don't think the bind config is overly complicated (once
you figure it out) but dnsmasq is nice because you don't need to
duplicate information. I have internal hosts listed in dhcpd.conf
(fixed IP numbers), and in a local zone for forward lookups, and in
another zone for reverse.
I wonder if I could use bind on eth0 and dnsmasq on eth1. Seems like
I'd have a lame server for my real domains when an internal machine
asked the dnsmasq/bind machine to do a lookup.
By the way, on my LAN (that uses fixed IPs via dhcpd and MAC address) my
leases file does not show "client-hostname". Is there something that
needs to be setup with dhclient to send the hostname to dhcpd?
===
To: debian-user@lists.debian.org
From: Vineet Kumar <debian-user@virtual.doorstop.net>
Subject: Re: How to make DNS and DHCP server play nice?
Date: Fri, 30 May 2003 00:10:29 -0700
* Jeffrey L. Taylor (jeff@austinblues.dyndns.org) [030527 20:53]:
> 2) configure DHCP server to give out the same IP address each time and
> configure DNS with the names and IP addresses once and edit
> /etc/resolv.conf once on each box.
You could use the dhcp server options "domain-name" and "domain-name
server" to save yourself the step of editing /etc/resolv.conf on each
machine.
===
To: Bill Moseley <moseley@hank.org>
From: Jerry Quinn <jlquinn@optonline.net>
Subject: Re: How to make DNS and DHCP server play nice?
Date: Fri, 30 May 2003 22:31:53 -0400
Bill Moseley writes:
> On Thu, May 29, 2003 at 10:51:38PM -0400, Jerry Quinn wrote:
>
> > That's one. You don't have to go out of your way in the simple case
> > to get dnsmasq to forward dns requests upstream. It also incorporates
> > /etc/hosts into its cache.
>
> Just so I'm clear, the reason it reads /etc/hosts is so that some other
> machine can look up the IP of the machine where dnsmasq is running. In
> other words, dnsmasq can figure out all the hosts (and their IPs) from
> reading the leases file except the machine running dhcpd (and also
> dnsmasq) won't have an entry in the leases file so dnsmasq has to read
> it from the /etc/hosts file.
It can figure out all the dynamic hosts from the leases file. Any
static ones you would add to /etc/hosts on the dnsmasq machine
(including the dnsmasq server).
> > The real value for me is that dnsmasq will watch dhcpd.leases and
> > incorporate dynamic IP clients into its cache. I have the common
> > configuration of a single gateway with a handful of machines behind
> > it. Running dhcp on the gateway makes it simpler to admin internal
> > addresses. And dnsmasq means I get name services for the dynamic
> > clients without working hard.
>
> Very nice. I don't think the bind config is overly complicated (once
> you figure it out) but dnsmasq is nice because you don't need to
> duplicate information. I have internal hosts listed in dhcpd.conf
> (fixed IP numbers), and in a local zone for forward lookups, and in
> another zone for reverse.
Yeah, bind isn't horrible. It's just that I didn't feel like playing
with it further. I can certainly figure out just about anything, but
my time is limited, so there's only so many parts of the system I can
manage in depth.
> I wonder if I could use bind on eth0 and dnsmasq on eth1. Seems like
> I'd have a lame server for my real domains when an internal machine
> asked the dnsmasq/bind machine to do a lookup.
Sounds like your network is more complex than simple single external
dialup/cable/adsl connection plus a few machines. Do your internal
machines have externally visible IP's?
> By the way, on my LAN (that uses fixed IPs via dhcpd and MAC address) my
> leases file does not show "client-hostname". Is there something that
> needs to be setup with dhclient to send the hostname to dhcpd?
My dhclient is stock debian testing. But I'm also not using fixed
IP's. Perhaps there is an issue there?
===