From owner-freebsd-questions@FreeBSD.ORG Sat Jan 8 17:04:54 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8F12016A4CE for ; Sat, 8 Jan 2005 17:04:54 +0000 (GMT) Received: from enterprise.thenetnow.com (enterprise.thenetnow.com [65.39.193.152]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0DA2243D1F for ; Sat, 8 Jan 2005 17:04:54 +0000 (GMT) (envelope-from gpeel@thenetnow.com) Received: from GRANT (hpeel.ody.ca [216.240.12.2])j08H4n368849 for ; Sat, 8 Jan 2005 12:04:49 -0500 (EST) (envelope-from gpeel@thenetnow.com) Message-ID: <00b501c4f5a3$e1ebae10$6401a8c0@GRANT> From: "Grant Peel" To: Date: Sat, 8 Jan 2005 12:02:46 -0500 Organization: The Net Now MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2180 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 Subject: DNS - FreeBSD X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Grant Peel List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Jan 2005 17:04:54 -0000 Hi all, I am sending this question to this list only thinking FreeBSD users may be the best source of info regarding networking on FreeBSD. I understand if many think I would be better serverd sending to some Bind or DNS list... That having been said .... I have: - one managed switch, the Gigabyte port is connected to our upstream provider; - 2 VLANS configured (LAN and WAN): - The VLANs are configured to allow access to LAN from LAN or to WAN from WAN only. - 5 FreeBSD boxes connected to this switch with s NICS each: - 1 NIC on each is the LAN NIC; - This LAN scheme is using 192.168.0.1/24 - The hosts are configured as 192.168.0.1,2,3,4,5,6; (the switch being #6). - 1 NIC on each is the WAN NIC. - Many different IP addresses (hosting etc); - 2 of the hosts are fully setup authoritive nameservers for mydomain.com and several hundred other domains. My questions revolve around DNS in general, as related to the above setup. 1.) The default 'make-localhost' script (originally ran before I had a managed switch and only 2 hosts on the network). Created the zone that looks as such: file /etc/namedb/192.168.1 $TTL 3600 @ IN SOA thishost.mydomain.com. root.thishost.mydomain.com. ( 20020527 ; Serial 3600 ; Refresh 900 ; Retry 3600000 ; Expire 3600 ) ; Minimum IN NS thishost.mydomain.com. 1 IN PTR localhost.mydomain.com. For whatever reason, I can't seem to get my head around what this file is for, and if (considering the 192.168.0.1/24 scheme I am using), if it is configured right. Q Any thoughts? Q Should I have a similar file on each of the other hosts? In my resolv.conf files on each host, I am using lines like: nameserver 192.168.0.2 nameserver 192.168.0.1 Q Are there any downsides to using this scheme? (the thought here was to keep the lookups from ns1 and ns2 from going through my providers router, therefor causing me to pay for bandwidth I could otherwise keep local). I have ipfw firewalls setup on all the hosts. I have rules allowing all outgoing traffic from all hosts, and rules to allow incomming traffic to port 53 UDP and TCP. Q Does there need to be other ports / protocols passed for the DNS to work correctly? Q Would there be any benifit to setting up a caching server on each of the three (Non nameserver) hosts? TIA, -Grant