Can I control my own DNS?

padukes · Apprentice Joined: 27 Feb 2003 Posts: 232

Hey all,

I have a machine which acts as my firewall. It has a real IP from my ISP - something like 1.2.3.4. If I do a reverse lookup on that ip I get a horrible name - something like 1-2-3-4.grp12.sec8.state.cable.isp.com. This name is obviously unmanageable. I also have several machines behind firewall. So my questions are:

1. How can I make my own fully qualified domain name for my firewall machine? I understand that I can pay someone for this privilege. Can I do it myself? Can I spread padukes.com into the wild somehow?

2. Can I have my firewall machine rename my existing fqdn? Something like mymachine.grp12.sec8.state.cable.isp.com.

3. Can I have the machines behind the firewall do something similar to (2)?

4. Can I have the machines behind the firewall refer to each other by a FQDN that they at least recognize (e.g. a.padukes.com or a.padukes.top)?

Thanks for your help,
P

jeroenr · n00b Joined: 25 Aug 2003 Posts: 27 Location: Rotterdam, NL

padukes · Apprentice Joined: 27 Feb 2003 Posts: 232

Thanks for the quick reply - Here's some more questions:

5. I understand that I can make my own FQDN. However, in order to be in the wild it must be "registered". What does registering do? Why do I need it? Why can't I do it myself?

6. If I run my own DNS server (say on my firewall) I can declare a domain for my subnet (192.168.0.*) say padukes.com. If I start a web server on one of those machines it may believe that it is www.padukes.com. In addition all other machines on my subnet will see it as "www.padukes.com" or as "www". However, since I haven't "registered" no machines outside my subnet will find it. Correct?

7. If I understand correctly and I do 6, why will I have "a hard time when [I am] trying to send mail from [my] machine"?

Thanks,
P

funkmankey · Guru Joined: 06 Mar 2003 Posts: 304 Location: CH

registering is just the official mumbo-gumbo that needs to take place for domain names. if you wanted to, you could pay and become your own registrar of domain names (e.g. thru opensrs). you'd also have to provide an authoritative server for the domains registered under your service, dns server, etc. ...

or you could get a dyndns (or other similar service) domain as others have suggested, which is free. additionally, you could get opennic domain names, which are also free (but not yet widely supported...)

you can declare all the domain names you like on your LAN, but obviously that will break as soon as you try to associate it with ingoing/outgoing traffic... think glue and hierarchy.
_________________
I've got the brain, I'm insane, you can't stop the power

markkuk · Guru Joined: 29 Nov 2002 Posts: 446

taskara · Posted: Mon Oct 20, 2003 11:53 pm Post subject:

when you register your domain ( padukes.com) it will ask you for two domain name servers.

one of these will be your permanent ip address at your home, and the other should be a backup dns server on someother domain (you may be able to ask your ISP to backup your dns, and would therefore point the second name server to your ISP's dns server)

you do not need two name servers, but it is provided for redundency - however as you ALSO host your domain on your dns server, if your dns server goes down, so probably has your web and everything!

now once you have padukes.com pointing to your dns server, you need to have a dns server running there with an entry for padukes.com.

you will need to learn how dns works. you will point padukes.com to your own EXTERNAL ip address, and if you want things like www.padukes.com and mail.padukes.com to also resolve (they are called hosts btw), then you need to add these as "A records" or MX records (MX record is for mail, although it is not neccessary to receive mail) there are a variety of other hosts.

so when someone looks up padukes.com or www.padukes.com or mail.padukes.com they will all point to your permanent external ip address at home.

You will need to set up port forwarding or some such to make your webpage visible by pointing it to the machine on the local network that runs the server.

for example, your router may be 192.168.0.1.

if you look up www.padukes.com, then it goes to the 192.168.0.1 machine on port 80.

but you may have a webpage sitting on a linux server at 192.168.0.2.

so u need to forward port 80 from your firewall on to 192.168.0.2.

then when someone loos up www.padukes.com, it will transparently point to the web server running on 192.168.0.2.

you will have to do the same for your mail server, etc - unless all your servers are running on your firewall.

good luck

it's fun!
_________________
Kororaa install method - have Gentoo up and running quickly and easily, fully automated with an installer!