Chattanooga
Unix
Gnu
Android
Linux
Users
Group

 

Hot Topics:

Sponsoring:

internal DNS

From: Nick Smith 
------------------------------------------------------
Hey Guys!

Im looking for an internal DNS solution to be able to resolve my internal
machines by name and not screw up external lookups.

My home network has grown enough and im lazy enough that i dont want to
keep trying to remember each machines ip address haha.

I dont want a full blown AD type environment, and i know samba can act as a
domain controller but ive never tried to use it as such. I dont need all
the security stuff involved with an AD/LDAP type environment, just
something purely for local name resolution.

Short of editing the hosts files on every single machine is there something
out there that does what ive described and makes it easy to manage if i
add/remove a machine or change an IP address?
It can be a dedicated box or I can add it to one of my many linux VMs.
Hoping for a linux solution but it doesnt have to be.

My pfsense box finally died and i never got around to trying to make it a
local dns server. So now im on a stock asus router. (and i get alot more of
my gig speed with it vs pfsense so im going to stick with it for now)

Thanks for any suggestions.

-- 
--------------
Nick Smith
nick at nicksmith dot us

=============================================================== From: Mike Harrison ------------------------------------------------------ RG5zbWFzccKgCgpUaGUgcGVyZmVjdCBzb2x1dGlvbi7CoAoKSXQgZG9lcyBuaWNlIHRyaWNrcyB3 aGVuIGNvdXBsZWQgd2l0aCBjZXJ0YWluIERIQ1AgY29uZmlndXJhdGlvbnMuCgoKRnJvbSBteSBB bmRyb2lkIHBob25lIG9uIFQtTW9iaWxlLiBUaGUgZmlyc3QgbmF0aW9ud2lkZSA0RyBuZXR3b3Jr LgoKLS0tLS0tLS0gT3JpZ2luYWwgbWVzc2FnZSAtLS0tLS0tLQpGcm9tOiBOaWNrIFNtaXRoIDxu aWNrQG5pY2tzbWl0aC51cz4gCkRhdGU6IDEwLzA2LzIwMTMgIDE6NDQgUE0gIChHTVQtMDU6MDAp IApUbzogQ0hVR0FMVUcgPGNodWdhbHVnQGNodWdhbHVnLm9yZz4gClN1YmplY3Q6IFtDaHVnYWx1 Z10gaW50ZXJuYWwgRE5TIAogCkhleSBHdXlzIQoKSW0gbG9va2luZyBmb3IgYW4gaW50ZXJuYWwg RE5TIHNvbHV0aW9uIHRvIGJlIGFibGUgdG8gcmVzb2x2ZSBteSBpbnRlcm5hbCBtYWNoaW5lcyBi eSBuYW1lIGFuZCBub3Qgc2NyZXcgdXAgZXh0ZXJuYWwgbG9va3Vwcy4KCk15IGhvbWUgbmV0d29y ayBoYXMgZ3Jvd24gZW5vdWdoIGFuZCBpbSBsYXp5IGVub3VnaCB0aGF0IGkgZG9udCB3YW50IHRv IGtlZXAgdHJ5aW5nIHRvIHJlbWVtYmVyIGVhY2ggbWFjaGluZXMgaXAgYWRkcmVzcyBoYWhhLgoK SSBkb250IHdhbnQgYSBmdWxsIGJsb3duIEFEIHR5cGUgZW52aXJvbm1lbnQsIGFuZCBpIGtub3cg c2FtYmEgY2FuIGFjdCBhcyBhIGRvbWFpbiBjb250cm9sbGVyIGJ1dCBpdmUgbmV2ZXIgdHJpZWQg dG8gdXNlIGl0IGFzIHN1Y2guIEkgZG9udCBuZWVkIGFsbCB0aGUgc2VjdXJpdHkgc3R1ZmYgaW52 b2x2ZWQgd2l0aCBhbiBBRC9MREFQIHR5cGUgZW52aXJvbm1lbnQsIGp1c3Qgc29tZXRoaW5nIHB1 cmVseSBmb3IgbG9jYWwgbmFtZSByZXNvbHV0aW9uLgoKU2hvcnQgb2YgZWRpdGluZyB0aGUgaG9z dHMgZmlsZXMgb24gZXZlcnkgc2luZ2xlIG1hY2hpbmUgaXMgdGhlcmUgc29tZXRoaW5nIG91dCB0 aGVyZSB0aGF0IGRvZXMgd2hhdCBpdmUgZGVzY3JpYmVkIGFuZCBtYWtlcyBpdCBlYXN5IHRvIG1h bmFnZSBpZiBpIGFkZC9yZW1vdmUgYSBtYWNoaW5lIG9yIGNoYW5nZSBhbiBJUCBhZGRyZXNzPwpJ dCBjYW4gYmUgYSBkZWRpY2F0ZWQgYm94IG9yIEkgY2FuIGFkZCBpdCB0byBvbmUgb2YgbXkgbWFu eSBsaW51eCBWTXMuIEhvcGluZyBmb3IgYSBsaW51eCBzb2x1dGlvbiBidXQgaXQgZG9lc250IGhh dmUgdG8gYmUuCgpNeSBwZnNlbnNlIGJveCBmaW5hbGx5IGRpZWQgYW5kIGkgbmV2ZXIgZ290IGFy b3VuZCB0byB0cnlpbmcgdG8gbWFrZSBpdCBhIGxvY2FsIGRucyBzZXJ2ZXIuIFNvIG5vdyBpbSBv biBhIHN0b2NrIGFzdXMgcm91dGVyLiAoYW5kIGkgZ2V0IGFsb3QgbW9yZSBvZiBteSBnaWcgc3Bl ZWQgd2l0aCBpdCB2cyBwZnNlbnNlIHNvIGltIGdvaW5nIHRvIHN0aWNrIHdpdGggaXQgZm9yIG5v dykKClRoYW5rcyBmb3IgYW55IHN1Z2dlc3Rpb25zLgoKLS0gCi0tLS0tLS0tLS0tLS0tCk5pY2sg U21pdGgKbmljayBhdCBuaWNrc21pdGggZG90IHVz

=============================================================== From: David White ------------------------------------------------------ You could also do this with BIND. The first thing I googled for was "bind for internal DNS" and found this link on how you can setup BIND for a dual-prong approach: providing internal DNS, but also acting as your DNS to the outside world: http://www.howtoforge.com/two

=============================================================== From: Dave Brockman ------------------------------------------------------ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 https://www.isc.org/downloads/bind/ Regards, dtb -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJSUcgZAAoJEMP+wtEOVbcdv4oH/A3G9+mCaRcK6raQdgV0lkF+ XFz9FmmsZ/Ir86j09Orik4XAQ1n7gKJvRdY1ZjINVe5unTBVLFb8p/kmAOQjt3zn a8FDvRZY8OBOXmmyeNgEm1Qnu3nFllL3ZkFtHb7peA6Vqj3mFnS4Lve84hCt6SKy X2uVLUqhgvMGai6EqX66pwXspOyX9QP9CAUifbcebfCNNhTGW+MMBcylwqTppMzf 20zRHEvIg9KbaUTfu/WFVa2e1YkUdFZY+bOlvKCGGTIlbSG3k3nsphQU/lyjoMud LZmM7EOSq5t+RRQA6nCfWN0DqcHFsAQLzKWZwaN28SbGf9/IQa9s30gsaGKKgh0= =ptRm -----END PGP SIGNATURE-----

=============================================================== From: Dave Brockman ------------------------------------------------------ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 You *should* do this with BIND. You should also learn how to use DDNS integrated with your DHCPd as well.

=============================================================== From: Mike Harrison ------------------------------------------------------ Run Bind for real DNS servers that face the internet and will be maintained carefully. For internal networks: DNSMasq. It was designed to do exactly what he is needing, and allows you to "lie" about certain domains and FQDN depending on the source ip address. ie: if from internal: voip.foo.com is 192.168.1.10 if from guest network: voip.foo.com is 192.168.99.10 Useful for dev websites and all kinds of things.

=============================================================== From: Mike Harrison ------------------------------------------------------

=============================================================== From: Dave Brockman ------------------------------------------------------ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

=============================================================== From: Rod-Lists ------------------------------------------------------ What os? apt-cache search dns pulls up unbound,powerdns and a few other goodies. ----- Original Message -----

=============================================================== From: Nick Smith ------------------------------------------------------ Thanks for the responses everyone. I have used BIND before, I maintain some BIND servers at work, didnt know it did internal DNS as well. I think its a bit overkill for what im trying to do. Gonna give Dnsmasq a shot before i set things up the "right" way. I really have no desire to host my own public DNS.

=============================================================== From: Dave Brockman ------------------------------------------------------ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ... Besides the fact that you only allow hosts behind your firewall to query the server itself, what is special about internal DNS zone(s)? Regards, dtb -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJSUrBBAAoJEMP+wtEOVbcdy58H/iefjoCWx1FX3on/bM0dYTbN a0TrBpukvRGB1cD3z+mZ9KiETXO4D0GWySZns1LuIx2bFw2dCg47EIhpmkL+9+0v Q/cnZDmbTOkds9v7srexCPRFKMSrpFi2cr5EMmBGUOW8/WlhNEQMQ/pewdcqzix4 2yzyX6DfJJB/FEKuoAGvo7aNH+fk+y8NsoVCLOsbAGTDK2Da89CiaJcOr9TSY0Ue x425CViTz6xbfI83etyAOkLCJQuGb5c5dWQdPCY5Corg2n6hEFbnweBoXWAtYjrW yk8m3NW3XFof3b0Ch1BOp+HKjmenIoizln3crPz8zbePrZLein2rOAlItKP3xyY= =l45L -----END PGP SIGNATURE-----

=============================================================== From: Benjamin Stewart ------------------------------------------------------ +1 for dnsmasq. You missed out on it when you ran pfsense--that's where I discovered dnsmasq in the first place!

=============================================================== From: Nick Smith ------------------------------------------------------ Well i decided to go the bind route. It was very simple to setup. Found a great tutorial here if anyones interested: http://mixeduperic.com/ubuntu/seven-easy-steps-to-setting-up-an-interal-dns-server-on-ubuntu.html Thought it would be more complicated than that. Not much overhead either. Edit one file and restart bind to add a new machine name. Got everything rockin along resolving internal names now. Not really crazy about how ubuntu changed resolv.conf i guess now you have to add it to /etc/resolvconf/resolv.conf.d/base to get the same effect. Or just add it to the static interfaces settings. Thanks for all the help and suggestions! On Mon, Oct 7, 2013 at 9:08 AM, Benjamin Stewart wrote: