Hello everyone!
Well, I have been assigned the task of setting up a DNS server on our local intranet. Pretty straight forward as I have worked with DNS before.

HOWEVER! This could be my chance to persuade the suits to let me implement a *BSD box.

What I need to do first is install, setup and configure a DNS server on our local intranet. Once I get that up, then I can bring in a *BSD box. (I tried and tried to persuade them to let me use the *BSD box for DNS, but they want to go with Linux first.)

Here is what I wanted to do. I wanted to get some feedback as well.
I am going to try and make this DNS box go as easy as possible. With that in mind, let me lay some groundwork and get some suggestions and feedback on what would best way to roll out this DNS server.

I would like to make DNS server on our Private LAN and only available to our intranet users. Basically, let the DNS server go out and update, but not let anyone on the internet use our DNS server.

The suits want to use RH 8.0 running latest version of BIND.
I had a couple of questions:

1) Before I start rolling stuff out, anyone have any suggestions? Recommendations? Thoughts?

2) Has anyone used djbdns? I have not used this, but I have heard good things about it?

3) Can anyone think of possible problems I may run into with what I am trying to implement?

Ok...let the posting begin!

Looking forward to hearing some good response.

Tarballed

djbdns is the way to go I think.

If the DNS server is on your internal LAN and is private no one else will be able to use it.

Here's a how-to I wrote whixh describes setting up a DNS server with BIND on OpenBSD. It also works well with FreeBSD to.

http://screamingelectron.org/phpBB2/viewtopic.php?t=246

i've also written one up for freebsd using djbdns

http://bsdhound.com/modules.php?name=News&file=article&sid=90

I've also done something similar to elmore's how-to on a Red Hat Linux box (cuz I had to aight!!!!) which also works... using h2n that is. It took some hacking BTW but nothing I'm sure you're not capable of :wink:

Hmmm... about the Linux... just fire up FreeBSD and use gnome with some linux-like icons and how will they ever know???

Couple thoughts (as you asked):

1) You say "the lates BIND" in near the same sentence as djbdns. They're entirely seperate entities.

2) Again... you say "the latest BIND"... by that do you mean 9?

I haven't fiddled with it yet but from what I've seen lately, djbdns is the way to go at the moment in contrast to BIND.... particularly since you plan to do a cache.

If you plan to use elmore's how-to for h2n and bind, be advised that cutting and pasting the script portion from SE doesn't work cuz the text wrap gets hosed and you end up with a mess :roll:

My final vote: go for djbdns

Good luck!

Hmmm... about the Linux... just fire up FreeBSD and use gnome with some linux-like icons and how will they ever know???

Hehehe...as much as I would like to, it would not work. Reason being is that the Manager who hired me would most likely SSH into the box after I have it set up. Once he finds out he cant do some Linux commands, hmm, errr.

But, I do have permission to setup a *BSD box for one of my workstations. I honestly believe that they just have no idea about *BSD and just how good it is. Once I get a *BSD box up and running, show them how much it rocks, I think I can put up some more.

For now, I will get rocking on the Linux DNS server. Like I said, I have never plaed with djbdns, but I am looking forward to it. I do have some research to do as I have to plan, document and present it to the suits.

I will be visiting frequently to post any questions or suggestions along the way.

Thanks guys. I appreciate it.

Tarballed

the Manager who hired me would most likely SSH into the box after I have it set up. Once he finds out he cant do some Linux commands, hmm, errr.


alias uname="echo Linux `hostname` 2.4.18-26.8.0smp \#1 SMP Mon Feb 24 09:44:00 EST 2003 i686 i686 i386 GNU/Linux"
echo Red Hat Linux release 8.0 \(Psyche\) > /etc/redhat-release
echo Red Hat Linux release 8.0 \(Psyche\) > /etc/issue
echo Kernel 2.4.18 on an i686 >> /etc/issue
cp /etc/issue /etc/issue.net
echo >> /etc/issue

and if he checks anything else, tell him it's set up that way "for security reasons" - won't be lying that way either ;-)

alias uname="echo Linux `hostname` 2.4.18-26.8.0smp \#1 SMP Mon Feb 24 09:44:00 EST 2003 i686 i686 i386 GNU/Linux"
echo Red Hat Linux release 8.0 \(Psyche\) > /etc/redhat-release
echo Red Hat Linux release 8.0 \(Psyche\) > /etc/issue
echo Kernel 2.4.18 on an i686 >> /etc/issue
cp /etc/issue /etc/issue.net
echo >> /etc/issue

and if he checks anything else, tell him it's set up that way "for security reasons" - won't be lying that way either ;-)

OMG!
LMAO!

That just made my day!!

Tarballed

oh man i didnt know that one... hahahahahaha time to go and really confuse some people

outstanding i just realized that djbdns Does have support for IPV6 YAAA! that just makes it all that much better! :D