DNS discovery / FreeBSD Firewall

Olivier Nicole on at cs.ait.ac.th
Mon Jul 3 03:37:15 UTC 2006


> 	The questions is; How do I have the internal network machines
> get the DNS server settings from the Firewall?  The two scenarios I
> can think of are: that the Firewall also acts as a DHCP server and
> somehow set the DNS of the internal net machines to the Firewalls
> resolv.conf entries; or I can have the Firewall act as a DNS
> server/relay and forward the DNS requests.

If your ISP keep changing their DNS server I'd suggest another
solution: set your own DNS server, but on a machine different from the
firewall.

Just make sure that the filrewall let domain traffic (udp/53 and
tcp/53) go through. And configure the firewall to use your own DNS
server.

DNS server needs NO resources, an old PIII 500 will do the trick.

It is always a good choice to have the firewall be only a firewall and
nothing else. If you add DNS on your firewall and DNS has somore
vulnerabilities, your firewall would be comprimised...

Bests,

Olivier


More information about the freebsd-questions mailing list