From owner-freebsd-questions@FreeBSD.ORG Fri Jun 23 15:55:04 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DF98216A47B for ; Fri, 23 Jun 2006 15:55:03 +0000 (UTC) (envelope-from keramida@ceid.upatras.gr) Received: from igloo.linux.gr (igloo.linux.gr [62.1.205.36]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0EE4A43D46 for ; Fri, 23 Jun 2006 15:55:02 +0000 (GMT) (envelope-from keramida@ceid.upatras.gr) Received: from gothmog.pc (host5.bedc.ondsl.gr [62.103.39.229]) (authenticated bits=128) by igloo.linux.gr (8.13.7/8.13.7/Debian-1) with ESMTP id k5NFsh7d029669 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Fri, 23 Jun 2006 18:54:45 +0300 Received: from gothmog.pc (gothmog [127.0.0.1]) by gothmog.pc (8.13.7/8.13.7) with ESMTP id k5NFsbCB030730; Fri, 23 Jun 2006 18:54:37 +0300 (EEST) (envelope-from keramida@ceid.upatras.gr) Received: (from giorgos@localhost) by gothmog.pc (8.13.7/8.13.7/Submit) id k5NFsXKm030729; Fri, 23 Jun 2006 18:54:33 +0300 (EEST) (envelope-from keramida@ceid.upatras.gr) Date: Fri, 23 Jun 2006 18:54:33 +0300 From: Giorgos Keramidas To: Drew Tomlinson Message-ID: <20060623155433.GA30666@gothmog.pc> References: <449C0711.3080803@mykitchentable.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <449C0711.3080803@mykitchentable.net> X-Hellug-MailScanner: Found to be clean X-Hellug-MailScanner-SpamCheck: not spam, SpamAssassin (score=-3.411, required 5, autolearn=not spam, ALL_TRUSTED -1.80, AWL 0.99, BAYES_00 -2.60) X-Hellug-MailScanner-From: keramida@ceid.upatras.gr X-Spam-Status: No Cc: freebsd-questions@freebsd.org Subject: Re: Simple DNS For Private LAN X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Jun 2006 15:55:04 -0000 On 2006-06-23 08:21, Drew Tomlinson wrote: > I'm having a hard time understanding what I need to do. I have > a small home network that uses a 3Com DSL modem/router as the > last hop to the Internet. Currently, the DSL modem/router to > provides DNS for both my home network and the Internet. > Basically I have a few static entries for machines on my home > network and then the DSL modem/router queries my ISPs name > servers for everything else. > > When I registered my domain, I used ZoneEdit as my name > servers. 'whois mykitchentable.net' gives this output: > > domain: mykitchentable.net > owner-name: Drew Tomlinson > nserver: ns3.zoneedit.com 209.61.140.1 > nserver: ns4.zoneedit.com 216.98.150.236 Are machines from your `internal' network visible outside? If not, you can set up a locally-visible fake domain, i.e. `*.drew', and run a local caching name server. This name server can be a master for the ``drew.'' zone (``zones'' is what BIND calls parts of the Domain Name System) and, at the same time, a slave for the ``mykitchentable.net'' zone. > Now I'm changing ISPs and the DSL modem/router will be removed. > I am going to use a FBSD 6.x box to be my router, firewall, and > DNS server. I read the handbook regarding DNS but remain > confused. The Handbook needs a bit of work around that area :-/ > Should I be a master for mykitchentable.net? Not necessarily. You can leave the name-servers of zoneedit as masters. > I'm thinking not because ZoneEdit is the master, correct? Correct :-) > So should I be a slave? This would be nice. > And if I'm a slave, will my DNS get it's updates from ZoneEdit? This depends on whether ZoneEdit allows ``zone transfers'' from their master name servers to the one you will set up as a slave. > Or should I become master for my zone and make ZoneEdit a > backup DNS? I'd probably leave ZoneEdit as the master, unless your DSL has a static IP address. Even if you *do* have a static IP address, then it is still a good idea to leave ZoneEdit as the master, as long as they let you become a slave NS. > I'm a complete newbie to DNS but know that it's important to > get it right or lots of stuff gets broken. Can someone please > guide me in the right direction? I don't mind reading if you > send me a link. :) I think the next step should be to check if ZoneEdit allows you to become a slave NS for your zones. Then you need to decide if the systems you have behind the FreeBSD gateway will have publicly-visible addresses or use NAT. If you use NAT, then I can guide you through setting up a local ``master zone'' that is only visible inside your home network, and a ``slave zone'' that pulls stuff from ZoneEdit for the ``mykitchentable.net'' domain. I already have a similar setup at home, to let my internal systems (workstation, laptop) see each other with internal names and still use my ISP's name servers for everything else. If you don't use NAT, things are going to be much easier, since you only have to set up the names at ZoneEdit and pull the master zone from there. Regards, Giorgos