DNS - FreeBSD
Grant Peel
gpeel at thenetnow.com
Sat Jan 8 09:04:54 PST 2005
Hi all,
I am sending this question to this list only thinking FreeBSD users may be
the best source of info regarding networking on FreeBSD. I understand if
many think I would be better serverd sending to some Bind or DNS list...
That having been said ....
I have:
- one managed switch, the Gigabyte port is connected to our upstream
provider;
- 2 VLANS configured (LAN and WAN):
- The VLANs are configured to allow access to LAN from LAN or to WAN
from WAN only.
- 5 FreeBSD boxes connected to this switch with s NICS each:
- 1 NIC on each is the LAN NIC;
- This LAN scheme is using 192.168.0.1/24
- The hosts are configured as 192.168.0.1,2,3,4,5,6;
(the switch being #6).
- 1 NIC on each is the WAN NIC.
- Many different IP addresses (hosting etc);
- 2 of the hosts are fully setup authoritive nameservers for mydomain.com
and several hundred other domains.
My questions revolve around DNS in general, as related to the above setup.
1.) The default 'make-localhost' script (originally ran before I had a
managed switch and only 2 hosts on the network). Created the zone that looks
as such:
file /etc/namedb/192.168.1
$TTL 3600
@ IN SOA thishost.mydomain.com. root.thishost.mydomain.com.
(
20020527 ; Serial
3600 ; Refresh
900 ; Retry
3600000 ; Expire
3600 ) ; Minimum
IN NS thishost.mydomain.com.
1 IN PTR localhost.mydomain.com.
For whatever reason, I can't seem to get my head around what this file
is for, and if (considering the 192.168.0.1/24 scheme I am using), if it is
configured right.
Q Any thoughts?
Q Should I have a similar file on each of the other hosts?
In my resolv.conf files on each host, I am using lines like:
nameserver 192.168.0.2
nameserver 192.168.0.1
Q Are there any downsides to using this scheme? (the thought here was to
keep the lookups from ns1 and ns2 from going through my providers router,
therefor causing me to pay for bandwidth I could otherwise keep local).
I have ipfw firewalls setup on all the hosts. I have rules allowing all
outgoing traffic from all hosts, and rules to allow incomming traffic to
port 53 UDP and TCP.
Q Does there need to be other ports / protocols passed for the DNS to
work correctly?
Q Would there be any benifit to setting up a caching server on each of
the three (Non nameserver) hosts?
TIA,
-Grant
More information about the freebsd-questions
mailing list