Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

dnsmasq VS. separate dns?
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
ak47
n00b
n00b


Joined: 27 Dec 2005
Posts: 16
PostPosted: Tue Dec 27, 2005 3:42 pm    Post subject: dnsmasq VS. separate dns? Reply with quote
i've been reading these article


http://www.gentoo.org/doc/en/home-router-howto.xml#doc_chap5

http://www.gentoo.org/doc/en/articles/linux-24-stateful-fw-design.xml

http://gentoo-wiki.com/HOWTO_Iptables_for_newbies to setup a ip masq. gateway for my 5 pc at home.

the first link is suggesting to install dnsmasq but i'm not sure if i should. is it better idea to run it on my gateway rather to having a separate dns server? and is it safe to do so if i run dnsmasq on the gateway?

all 3 links showing in little different way to approach and don't know what would be my best choice.

thanks for your help and time in advance.
Back to top
View user's profile Send private message
daeghrefn
Tux's lil' helper
Tux's lil' helper


Joined: 02 Jan 2005
Posts: 112
PostPosted: Tue Dec 27, 2005 3:48 pm    Post subject: Reply with quote
It, like everything else, depends on what you want. You have many different options for DNS. You could use dnsmasq which provides both DNS and DHCP support. You could also use DJBDNS which is supposedly the most secure DNS server available. You could also use BIND, which is what I personally use. I integrate dhcpd into my DNS so I have dynamic DNS on my network. So, it really depends on what you want.

And the security of course is going to be based on what ports you have open on the outside. IF you block all incoming traffic, no one can get to the services on the inside... so it doesn't matter.

If you want to put DNS up on a separate machine, then do so. If you want to have a single server, for whatever reasons, then put DNS on your router.
Back to top
View user's profile Send private message
PaulBredbury
Watchman
Watchman


Joined: 14 Jul 2005
Posts: 7310
PostPosted: Tue Dec 27, 2005 4:02 pm    Post subject: Reply with quote
I've had no problems with bind.
Back to top
View user's profile Send private message
ak47
n00b
n00b


Joined: 27 Dec 2005
Posts: 16
PostPosted: Tue Dec 27, 2005 5:07 pm    Post subject: Reply with quote
I think i'll setup a separate dns on my other linux box (FC4) and see how it goes. I need to build it first though in a few days. until then i'll use dnsmasq and unmerge it later on.

daeghrefn wrote:
It, like everything else, depends on what you want. You have many different options for DNS. You could use dnsmasq which provides both DNS and DHCP support. You could also use DJBDNS which is supposedly the most secure DNS server available. You could also use BIND, which is what I personally use. I integrate dhcpd into my DNS so I have dynamic DNS on my network. So, it really depends on what you want.

And the security of course is going to be based on what ports you have open on the outside. IF you block all incoming traffic, no one can get to the services on the inside... so it doesn't matter.

If you want to put DNS up on a separate machine, then do so. If you want to have a single server, for whatever reasons, then put DNS on your router.
Back to top
View user's profile Send private message
ocbMaurice
Tux's lil' helper
Tux's lil' helper


Joined: 14 Feb 2003
Posts: 90
Location: Switzerland
PostPosted: Tue Dec 27, 2005 5:52 pm    Post subject: Reply with quote
If you want to integrate dhcpcd and bind you may also look here (it's a bit old but should still work)
https://forums.gentoo.org/viewtopic-t-37326-highlight-.html

if you have an internal server that is on 24/365 I would recommend to install bind and dhcpcd there, if the gateway is the only server that is on 24/365 than install it there (just be sure to limit access to your internal lan, either by configuring your firewall or by telling dhcpcd/bind just to bind/listen on you local ethernet device).
Back to top
View user's profile Send private message
ak47
n00b
n00b


Joined: 27 Dec 2005
Posts: 16
PostPosted: Mon Jan 02, 2006 9:29 pm    Post subject: Reply with quote
PaulBredbury wrote:
I've had no problems with bind.


Paul thx for the suggestion. I looked at HOW-TO BIND from gentoo's site it was showing to change many default bind dir to named and didn't like it. i was just looking for a simple solution. on the other hand i think your solution is very simple yet showing both for caching-only dns server and real dns that is authoritative. i'm thinking of running mail/web server on the same machine where the dns is going to run. but for now, i will use the 1st solution in the link. btw, other guy suggested dhcpcd which will play with my new bind dns. any other dhcp that you think might be getting along with bind? or u think setting up bind itself is ok? i have less than 10 pc at home that will be served by BIND though.

thx for your time and help.
Back to top
View user's profile Send private message
PaulBredbury
Watchman
Watchman


Joined: 14 Jul 2005
Posts: 7310
PostPosted: Mon Jan 02, 2006 10:00 pm    Post subject: Reply with quote
I don't know enough about dhcp to comment. I personally prefer to use fixed IP addresses (192.168.0.x) for a simple home network.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy