From owner-freebsd-questions Sun Mar 25 5: 1:10 2001 Delivered-To: freebsd-questions@freebsd.org Received: from what.ifelse.org (what.ifelse.org [208.171.40.202]) by hub.freebsd.org (Postfix) with ESMTP id 6117237B719 for ; Sun, 25 Mar 2001 05:01:07 -0800 (PST) (envelope-from billt@ifelse.org) Received: from zaius.poa (2416419hfc44.tampabay.rr.com [24.164.19.44]) by what.ifelse.org (8.9.3/8.9.3/Debian 8.9.3-21) with ESMTP id IAA21130; Sun, 25 Mar 2001 08:00:36 -0500 X-Authentication-Warning: what.ifelse.org: Host 2416419hfc44.tampabay.rr.com [24.164.19.44] claimed to be zaius.poa Date: Sun, 25 Mar 2001 08:07:10 -0500 (EST) From: bill X-X-Sender: To: trini0 Cc: Questions Subject: Re: DNS Part II In-Reply-To: <3ABCB6A7.1000702@optonline.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, 24 Mar 2001, trini0 wrote: > > > why not? how else do you expect your NS to navigate the domain > > namespace? Your DNS was doing iterative queries to the root and lower > > servers to resolve the recursive query from your LAN. > > Ideally, I would prefer my box to handle requests for "internal" lan requests, > and then if it doesn't know to query my ISP's ns.. the 'listen-on' option will set the ip address that bind will listen for queries. set it to your internal ip address and it will only serve for internal lan. other options like 'allow-query' and 'allow-recursion' might be of interest. > Im not "supposed" to be running any form of servers on my cable link. > This is purely educational, for when I get out in the "real" world, > Ill know what Im doing. > If my ISP doesn't know, the better.. Hope you understand. if you are listening on the inside, then there is no server on your cable link. > >> My resolve.conf file specifies to use my nameserver first and then my > >> ISP's primary then secondary. > > > that's fine for when your LAN NS is unreachable > > > >> Am I going about things wrongly. Is it even possible to have a private > >> dns box where it resolves for the lan > > > > To resolve for the LAN, your LAN's boxes have to be in a (private, > > internal) zone for which your DNS is authoritative. Have you set up a > > "private" zone for your LAN with your NS as authoritative for it, > > something private and non-conflictual like mydomain.trini ? > > Im using fictional domain "example.net" ick :) probably should set 'notify' to 'no' in named.conf > >> and if queries aren't found there, to go and query my ISP's name > >> servers?? > > > > The forwarding setup works, too, but it's not the only way. It does > > have the advantage of less traffic on your internet link it the latter > > is a dial-up modem, but is not really much advantage if you have > > hi-speed link such as cable or DSL. yes... i don't use forwarders and have not been troubled by delays on a cable link. an advantage of using forwarders is that you have at your disposal a cache that is probably very large since much of the entire cable netowrk is querying it. but, imo, the advantage of not using forwarders is a twisted sense of being self-sufficient... a little more 'real world'! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message