BIND 9 on a dynamic ip address

Mon Apr 11 14:47:14 PDT 2005

>
>
>Date: Sun, 10 Apr 2005 16:22:07 -0500
>From: "Ryan J. Cavicchioni" <ryan at confabulator.net>
>Subject: Re: BIND 9 on a dynamic ip address
>To: Ash <omniBSD at speakeasy.net>,	FreeBSD Questions
>	<freebsd-questions at freebsd.org>
>Message-ID: <425998FF.8040208 at confabulator.net>
>Content-Type: text/plain; charset=ISO-8859-1
>
>All I am really looking to do is learn DNS and BIND as well as host my
>own local DNS server for faster DNS lookups within my home network.
>Would using the invalid LAN domain have any negative afters on my web or
>ftp server? I am really new at BIND, sorry if I seem clueless. Thank you
>for taking the time to help me out.
>
>Ash wrote:
>
>  
>
>>> Ryan J. Cavicchioni wrote:
>>>
>>    
>>
>>>>> Thank you for the replies. Ash, can I use my dynamic dns hostname as
>>>>> the domain which actually points to my network? Would that still be
>>>>> trouble?
>>>>>
>>>>> Ash wrote:
>>>>>
>>>      
>>>
>>>
>>>
>>> You can use your dynamic host name as the domain, however I'm not
>>> really sure why you would want to. By definition dynamic domain names
>>> change; Why would you want to reconfigure your DNS server
>>> configuration files as well as all of your hosts every time your ISP
>>> assigns a new IP/host name to you?
>>>
>>> I don't see any advantage in using your dynamic host name over an
>>> invalid TLD. What are the goals that you are trying to resolve by
>>> using your dynamic host name as your local LAN's domain name? Perhaps
>>> we can come up with a solution that requires less work, but still
>>> addresses your concerns.
>>>
>>> -Ash
>>>
>>

If I understand correctly what you want to do, what you name your 
network internally isn't connected to your dynamic DNS hostname at all. 
The dynamic DNS hostname only gets internet traffic to your firewall. 
Your firewall rules tell your firewall what to do with inbound connections.

So your external hostname might be "cavicchioni.dyndns.org" But 
internally, your network can have whatever name you want. For instance, 
if you were a Star Trek fan, and had all your computers named after 
characters on Star Trek, you might name your internal network 
"ryantrek.lan". If you try to access cavicchioni.dyndns.org from a 
computer on your internal network, it has to go out to an external DNS 
server to get your external (dynamic) IP, and it will essentially route 
back to yourself, and your firewall rules will determine what happens to 
your connection. But if you want to access "spock.ryantrek.lan" from 
your internal network, it only goes to your local DNS server, and you 
connect directly to spock. Note that your dynamic dns hostname and your 
local network hostnames aren't connected in any way.

Also note that ".lan" is an invalid TLD on the internet, but to my 
(probably warped) way of thinking, that's a bonus, as there will never 
be a site on the internet called ryantrek.lan that you might want to 
visit and not be able to because of your internal DNS.

Or maybe I've misunderstood and this whole explanation is worthless. ;)

Finally, I found the website http://www.sendmail.org/tips/private-dns/ 
to be very helpful in setting up my local DNS server. YMMV.

Christopher