true, I realize this, but I belive I was led astray by the following statement in
Liinux
Network Toolkit p46. this during the installation and setup of RH5 in chapter 1. (you
know what they say about a little knowledge.....
guess it's time to delve back into Linux Undercover and TCP/IP Network Administration.
".... On your own LAN it is reasonable to use your Linux box as your name server.
Thus,
if you include all you local network addresses in the /etc/hosts file. then your other
computers can ask your Linux box for the actual addresses of any computer on your
LAN by name and you do not have to store individual tables on each computer."
It then goes on to recommend putting the same ip address as assigned to the linux box,
under the primary nameserver section. I've been through the entire book and nowhere
does he actually tell you how to setup BIND, he never really touches on the subject of
local DNS again except to refer to the above statements.
This is what has always thrown me as I was certain there was something more to this....
On 13 Sep 98, at 12:02, David A. Ranch wrote:
> Without DNS (the program "bind") running on the Samba server, you can NOT
> point any computer's (be it Windows 95/98/NT/Linux, etc) DNS settings to
> use the Samba machine. The /etc/hosts file is NOT the same thing as the
> Bind program. The /etc/hosts file is ONLY used by the local Unix
> machine's programs internally.
rightO, I had forgotten about that, been using basic MS netbeui internally so long. So
basically I have to setup BIND right? Or? what else do I have to check/tweak
> Also.. the Windows95 file c:\windows\hosts.sam is only a SAMple file. For
> windows to use it, you must RENAME it to just "hosts" and reboot. With
> this in place, you will be able to ping, by name, all hosts defined in
> that c:\windows\hosts file. BUT.. Internet access will still not work
> properly.
Oh fer sure, I have no intention to leave it that way, I just wanted to make sure I
could
get masq running properly b4 I added all the firewall rules, making it much easier to
troubleshoot. (the space thing was a typo when I sent the email, it is not like that
in
reality)
> for ipfwadm are
> >ipfwadm -F -p deny
> >ipfwadm -F -a m -S192.168.1.0/24 -D 0.0.0.0/0
> Thats fine for a first wack but do this insteasd (notice the space
> between -S and 192 and the -W command.
Hmm, interesting, that's not the way I would have thought of using the -W switch, I
guess thats why they pay you the big bucks eh ; - )
also why you mentioned in a posting recently about updating the ipmasq how-to with
Ambrose, that it include the proper way to use the -W switch
> ipfwadm -F -p deny
> ipfwadm -F -a m -S 192.168.1.0/24 -D 0.0.0.0/0 -W eth1
>
> Later.. I highly recommend to impliment a stronger IPFWADM
> ruleset like the one from the MASQ WWW page or my TrinityOS doc.
okay, I will try your info, I printed it out last night, but haven't had a chance to
read it yet.
> This is because you need to rename the hosts.sam to hosts and then reboot.
> Also.. do NOT configure your Windows machines to use the Linux box as a
> DNS server unless you configure bind on the Linux box. Setting up DNS and
> many other topics are documented in the TrinityOS doc.
can one actually run bind when using DHCP? I seem to remember reading discussions
about dynamic DNS and how that would be the best way to implement for people using
DHCP. The isp's DNS servers are both listed in the /etc/resolv.conf file
auto-magically!
> This is because your Windows machines are trying to use DNS services
> from the Linux box. But the Linux box isn't running Bind. If you aren't
> interested in running bind on the Linux box, configure the Windows boxes
> to use the DNS servers provided from your ISP. Also configure these same
> DNS servers in the /etc/resolve.conf file on the linux box.
>
oh, well it must be done by dhcp or some daemon, since it wasn't me who entered the
info
> I don't beleive DHCP will modify your /etc/resolv.conf file. This
> file is statically configured.
got it already thanks, am gonna read it through after I get some lunch in me.
Thanks
> Ps. If you are interested, the TrinityOS doc can be found here:
Harondel J. Sibble
Sibble Computer Consulting
email >> [EMAIL PROTECTED]
website >> http://www.pdscc.com
pgp key >> available on request or from keyserver
(604) 739-3709 (voice/fax)
(604) 686-2253 (pager)
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]
