Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 19 Oct 2004 17:26:46 +0200
From:      Benjamin Walkenhorst <krylon@gmx.net>
To:        Seth Henry <jshamlet@hotmail.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: Private (only) DNS server setup?
Message-ID:  <41753236.50309@gmx.net>
In-Reply-To: <BAY18-F2ZncJfKHmj9n00008ff3@hotmail.com>
References:  <BAY18-F2ZncJfKHmj9n00008ff3@hotmail.com>

next in thread | previous in thread | raw e-mail | index | archive | help
Hello,

Seth Henry wrote:

> I want to run a private DNS server which is visible internally only. 
> Comcast doesn't like servers, so I don't want to broadcast any DNS 
> information upstream. (this would also be kind of dumb, as the entries 
> would point to non-routable addresses)
>
> I also want to create a private, internal zone so that I can stop 
> passing hosts files around. (i.e. 192.168.1.1 -> internal_host1, etc) 
> IOW - I would like internal machines to point to my DNS server for 
> internal & external addresses. If the DNS server (on the router) can't 
> find the address in its local cache, I would like the router to 
> retrieve the record, and pass it along to the internal machine. In the 
> end, I want to block all DNS traffic from the internal network from 
> leaving the network - internal machines should only request DNS info 
> from the router.


I did exactly that recently. This is pretty easy to set up once you 
understand DNS - DNS *can* be complicated, but for what you want to do, 
it's simple.
You can find info in the FreeBSD-Handbook as well as in the BIND v9 
Administrator's Reference Manual (which can be found at www.bind9.net, 
also, it's installed locally along with BIND9).

>
> I am already running dhcpd - so i plan to simply point all of the 
> machines to my DNS server. If all goes  well, new machines should be 
> "network ready" right after the install.


Works in my network. =) As I said, it's rather easy.

>
> I have seen a large number of HOWTO's on the web, but all seem to 
> assume that you want to propogate internal DNS info back upstream.
>
> Can anyone refer me to an appropriate README, HOWTO?


See the FreeBSD handbook and the Bindv9 ARM for "caching-only nameserver".
Beyond that, you just need to set up an internal zone.
If you feel it might be helpful, I can send you a copy of my 
configuration and zone file/s.

Kind regards,
Benjamin



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?41753236.50309>