Re: [RndTbl] simple name service

most routers I have seen have IP address reservation option available; just set DNS gateway in w/s's to point to the gateway router for gateway and dns addy. Set the DHCP in the router to be enabled and create a list of essentially static assigned reserved addresses corresponding to specified MAC addresses that you have.

works ok locally using hostnames instead of ip addies; unless you lose the gateway and have to sub with a switch then you will need accurate host files.

Only problem I have have found is if running a s/w firewall that you lock on w/s's inside the home network or if you drop the WAN connexion to outside world windows boxes will cause their assigned ip addresses to change to the default 169. series of addresses because an active real dns server h/s is missing. There was a reg fix for that but it soon was defeated on subsequent updates so now that doesn't work either.

On 12-01-22 07:00 PM, Dan Martin wrote:

Thanks guys!

Laziness is one of my main virtues. (I think virtues and vices are like features and bugs ;) )

Seriously, my entire wired network is in the basement. I vacated the basement after discovering I have significant radon gas levels. I do most of my work on a main floor machine connected by wireless. I try to limit the amount of time in the basement, so reading through a Linux book and hacking on the gateway for several hours is not an option.

I ultimately want to learn more and do more with it, but for now I just want it to work.

On 2012-01-22, at 11:54 AM, Adam Thompson wrote:

...

...

Make sure that your machines DNS settings go to the gateway, not your upstream providers DNS servers. If you've been setting the IP's statically you may have set it to something other than your gateway. In fact, you most likely have. You'll need to change /etc/resolv.conf if you have.

I've used small bind installs on a fair number of systems now, and honestly, they are dirt simple. I'd suggest following a guide like that and posting to the list if you have an issue with anything specific. I know most people at MUUG who run DNS servers run Bind, or are very familiar with it, so we'll be able to help you out.

Another option: If you know which MAC addresses go to which machines, you could setup a small DHCP server and have their addresses set in /etc/dhcpd.conf. This would allow you to change the IP range fairly easily, and also push custom DNS options down without having to touch each machine.

Following on Rob's suggestions, I would recommend combining those two functions into one by using dnsmasq (http://thekelleys.org.uk/dnsmasq/doc.html). This software is used successfully on many small firewall distros and is in fact embedded in many home routers. Its primary advantage is simplicity, compared to an integrated DNS+DHCP setup using BIND and DHCPD, but the fact that it also captures DHCP machine names might be a substantial benefit in Dan's situation.

That might be handy. Up until now I have avoided DHCP partly because the network was quite static and partly for security reasons.

It seems everything these days is DHCP - my wireless printer expects it by default. I understand that one could maintain a list of eligible MAC addresses for wireless connection, so security may not be much of an issue.

At present I have manually entered static addresses, but I can change to DHCP if there are advantages.

...

It additionally uses /etc/hosts on the firewall/gateway as an additional source of names,

I like the sound of that.

...

so you don't have to configure multiple name databases. Its big downside is the lack of flexibility - it's designed to solve a small handful of use cases, and it does those very well, but it can't do everything BIND or DHCPD can do.

On a related note, if you're interested in using commodity hardware to run a firewall/router/gateway/DNS server/DHCP server/proxy server, and your objective isn't specifically to learn Linux, I would recommend pfSense (www.pfsense.org), which is based on FreeBSD, and integrates all the common use cases into a fairly clean GUI. (FYI, I'll likely be doing a presentation on pfSense at a meeting sometime this year.)

That may be useful. Hope to see your presentation!

...

-Adam Thompson athompso@athompso.net

---

Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable

Dan Martin GP Hospital Practitioner Computer Scientist ummar143@shaw.ca (204) 831-1746 answering machine always on

---

Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable