logo

 

This site is now 100% read-only, and retired.

Question: How to setup DNS for home?

Posted by Asok on Mon 8 Aug 2005 at 20:14

Tags: ,

Can somebody point me in the right direction for setting up DNS for a small home network?

My main machine (Windows 2000 server) is running AD, and DNS and DHCP.

My router, which is connected to cable modem, is setup as my gateway.

I am going to start moving everything to a Debian based server with Samba, Bind9, and DHCP.

The part I'm not sure on is how to setup DNS.

 

 

 

#
Re: Question: How to setup DNS for home?
Posted by Anonymous (82.230.xx.xx) on Mon 8 Aug 2005 at 20:02
Use djbdns instead of Bind9! (http://packages.debian.org/stable/net/djbdns-installer)

Although you have to compile it, it is easy to set up and secure.

[ Parent ]

#
Re: Question: How to setup DNS for home?
Posted by Anonymous (62.253.xx.xx) on Mon 8 Aug 2005 at 20:49
As niol said: use dnsmasq. It is simple and elegant. It uses about 10 times less memory than bind, and serves DHCP too.

[ Parent ]

#
Re: Question: How to setup DNS for home?
Posted by Anonymous (67.108.xx.xx) on Thu 1 Sep 2005 at 13:50
Thanks!
That worked in about 10 seconds, as opposed to the wasted hours fighting with bind to coordinate with dhcpd... A really pleasant surprise!

[ Parent ]

#
Re: Question: How to setup DNS for home?
Posted by niol (213.41.xx.xx) on Mon 8 Aug 2005 at 21:42
[ View Weblogs ]
You can replace bind9 and dhcpd with dnsmasq which should perfectly suit your needs :
* DNS forwarder
* local machines name serving

[ Parent ]

#
Re: Question: How to setup DNS for home?
Posted by Steve (82.41.xx.xx) on Mon 8 Aug 2005 at 20:45
[ View Weblogs ]

Definitely.

For a small home setup you have no real need to use the full power of bind.

By contrast dnsmasq is trivial to setup.

Install it with:

apt-get install dnsmasq

Then modify the configuration file /etc/dnsmasq.conf to enable DHCP serving. The file is commented extensively and is very readable.

Any static hosts you have locally, like the router, you can simply add to /etc/hosts upon that machine - and they will be served via DNS too.

Steve
-- Steve.org.uk

[ Parent ]

#
Re: Question: How to setup DNS for home?
Posted by simonw (193.237.xx.xx) on Tue 9 Aug 2005 at 17:15
[ View Weblogs ]
Cough "ADS". If he is using ADS with client machines that need to find the ADS server via DNS, then he needs to include \..mumble..\netlogon.dns (IIRC) into the DNS.

I doubt dnsmasq will handle that.

In BIND you can just cut and paste the files contents into the relevant domain file (better use a "$include" so you can delete it easily later, or at least put some comments around each chunk).

You need to do this every time you add/remove ADS servers, or recreate any such servers.

Scary, a home network with ADS. I had one of those once, but I needed a Kriegspiel program and the only one available was written for Unix like operating systems, so I installed Slackware on the box, and haven't missed it.

If you need ADS, then use Microsoft DNS, or BIND 9, anything else is just asking for grief and hassle. If you choose Microsoft DNS be very careful what you let it talk to.

Simon, ex DNS guru ;)

PS: Despite this my Ubuntu box has real problems with BIND9, where as the Debian Sarge boxes work fine, guess that'll teach me to use the first Linux CD to hand....

[ Parent ]

#
Re: Question: How to setup DNS for home?
Posted by Steve (82.41.xx.xx) on Wed 10 Aug 2005 at 05:31
[ View Weblogs ]

True if you need AD then you're probably stuck with it.

I read the question as if the active directory was only being used for DNS purposes and that was what the submitter wished to have replaced though.

Steve
-- Steve.org.uk

[ Parent ]

#
Re: Question: How to setup DNS for home?
Posted by Anonymous (195.190.xx.xx) on Mon 8 Aug 2005 at 20:27
Use lwresd

http://packages.debian.org/stable/net/lwresd

[ Parent ]

#
Re: Question: How to setup DNS for home?
Posted by Serge (213.119.xx.xx) on Tue 9 Aug 2005 at 09:14
[ View Weblogs ]
Besides knowing which software package to use for your dns server, you might also wonder what local domain name to configure. What follows are my personal rules of thumb for a sane configuration, but it ain't "the only strict way" of course. (I haven't seen the light, yet.)

First question: do you have an domain of yourself?
If yes, use a private subdomain (like home.domain.com) for your LAN. Avoid using your plain domain directly, that gives you an illogic namespace, especially when - as most of us - behind a NAT device.
If not, use a totally private domain, like home.lan. But don't use home.com or any other domain that isn't yours. Strictly speaking, you should use a top level domain name according to rfc 2606, but the official choices ( .test .example .invalid .localhost) are quite limited, and do not provide a proper tld for private lans, which is why I prefer using a private subdomain of a real domain. This stuff is why IPv6 rules btw :)

Furthermore, don't forget to
- configure reverse lookup zones
- configure records in accordance with you dhcp addresses; mac based reservations linked to dns names instead of ip addresses can be a nice alternative to dynamic dns.

I welcome any comments on this and wonder how other DSA's [1] do it.

--

Serge van Ginderachter


[1] Debian System Administrators

[ Parent ]

#
Re: Question: How to setup DNS for home?
Posted by Steve (82.41.xx.xx) on Wed 10 Aug 2005 at 02:31
[ View Weblogs ]

Good comments.

I personally haved used the internal domain my.flat, or my.house for the past few years when I've been at home.

In a business context I'd use an internal domain which was related to the main companies domain. eg. If the company used foo.com then the internal names would be "steve.scotland.foo.com", or "steve.internal.foo.com", etc.

Using a full external domain name is a real source of pain and, as you say, should be avoided completely.

Steve
-- Steve.org.uk

[ Parent ]

#
Re: Question: How to setup DNS for home?
Posted by simms (69.157.xx.xx) on Thu 18 Aug 2005 at 21:00
very interesting comments, all.

but with regards to setting up a logical domain name, can someone explain as to why i "need" a domain at all for my local LAN?

i've never understood this particular issue, and i'm pretty sure my home network (mostly Debian boxes but occasionally M$ ones as well) has been running without one for years.

[ Parent ]

#
Re: Question: How to setup DNS for home?
Posted by Anonymous (84.130.xx.xx) on Sat 20 Aug 2005 at 23:08
Don't ask someone why she or he would do something. Some people just want to learn how and some other just want make it. Only the Matrix knows why!!!

[ Parent ]

#
Re: Question: How to setup DNS for home?
Posted by Steve (82.41.xx.xx) on Sun 21 Aug 2005 at 01:15
[ View Weblogs ]

I think there are a couple of good reasons for it:

  • It makes DNS lookups explicitly local, via the "search mydomain.name" in /etc/resolv.conf.
  • It allows you to refer to localhosts in /etc/hosts.deny using the readable name instead of IP address range.

I guess though that it is optionally, it's certainly possible to run hosts without a local domain. It's also possible to run a network without DNS although I've found the pain of keeping /etc/host files in sync above 5 machines makes DNS almost mandatory.

The second point makes it all worthwhile for me. Having renumbered local IP addresses in the past not having to change "192.168.1.0/24" because I'm matching client addresses against "my.flat" saves time and effort.

Steve
-- Steve.org.uk

[ Parent ]

#
Re: Question: How to setup DNS for home?
Posted by simonw (193.237.xx.xx) on Tue 9 Aug 2005 at 17:30
[ View Weblogs ]
Simplest case, create a recursive resolver using bind9 for Debian.

"apt-get install bind9"

To add a BIND 9 zone to the above;

$EDITOR /etc/bind/named.conf.local add something like;

zone "example.com" {
type master;
file "/etc/bind/example.com.zone";
};
(also uncomment the RFC1918 line if applicable).

Create example.com.zone
$TTL 1D
@ IN SOA thisbox.example.com. root.example.com. (
200406011 ; serial
3600 ; refresh
3600 ; retry
3600 ; expire
3h ) ; -ve TTL
;
NS thisbox ; nameserver

thisbox IN A 10.0.0.1

Do similar for the approprate in-addr.arpa zone as well for completeness.

Then reload "rndc reload" (hopefully - I forget if rndc configures itself out of the box).

For dynamic updates to these zone from the DHCP server - see my muttering on such elsewhere. But I think dynamic DNS is a waste of time, put services on boxes that don't move or allocate static IP addresses via DHCP using the mac address.

I'm with the others that this is overkill, unless you are just trying to understand how to do it properly. But then it only took me a few minutes because I've done a lot of it before.

[ Parent ]

#
Re: Question: How to setup DNS for home?
Posted by simonw (193.237.xx.xx) on Tue 9 Aug 2005 at 17:33
[ View Weblogs ]
Grr --- can we just have a plain text submission that keeps your plain text. Spaces matter!

I stuck before the NS and various other places to make it tidy, but confirm appears to take your previous entry, not the editted one. Life is too short to write HTML by hand all the time.

[ Parent ]

#
Re: Question: How to setup DNS for home?
Posted by simonw (193.237.xx.xx) on Tue 9 Aug 2005 at 17:36
[ View Weblogs ]
Grr - Grr - the unbreakable space was escaped first time, and then became itself, only to become a space again... argh I'm stuck in a mad Internet where everyone wants me to write HTML with inadequate tools.

Kupu where are you....

[ Parent ]

#
Re: Question: How to setup DNS for home?
Posted by Anonymous (131.251.xx.xx) on Mon 15 Aug 2005 at 13:54
I'd use dnsmasq for a small network. Nice and easy.

[ Parent ]