Ricardo Rodriguez Peralta wrote:
On 10/17/05, *Mikkel L. Ellertson* <[EMAIL PROTECTED]
If I understand correctly, then you may want to look into the dnsmasq
package instead of using a full-blown name server. It is not nearly as
full-featured as a package like bind, but it will provide a nice local
cache, and you can specify what name servers it will use forward
lookups, as well as how it does it. It also has other features that may
or may not be needed on your local lan. If you want, it can provide DNS
information for machines on your local network, as well as functioning
as a DHCP server. This is nice if you want to be able to access other
machines on the local network by name, without having to keep a local
/etc/hosts file up to date on each machine.
One thing the package will not do well is act as a domain DNS server.
For example, if I were hosting infinity-ltd.com
<http://infinity-ltd.com> on a local machine, and
needed to provide DNS information to the Internet from a local name
server, dnsmasq would not be the package to run.
Mikkel
OK Mikke thank you for your comments but I'm still a little bit confuse
and not so sure if dnsmasq is what I need. I read package information
and I think it will only work as a local DNS, I guess the only use would
be to find other computers 'in' my network by a machine name, right?
What I need is to provide DNS services to computers networked without a
DNS server in that network. That's why these computers need to go thru
a VPN to use my other network local DNS, got it?
Example:
Network A has a local DNS_A (I do not want all my computers in this
network to use my ISP DNS) and every computer in network A ask this
DNS_A how to get to infinity-ltd.com <http://infinity-ltd.com>.
Network B do not have a local DNS_B provider so for this computer to be
able to access infinity-ltd.com <http://infinity-ltd.com> they would use
my VPN to ask DNS_A how to get there.
I'm trying to avoid this extra traffic and hassel and use a Mandriva box
as a DNS_B so they can go out without needing to get to network A first.
Let's say network A is down, this will also affect users in network B
for no reason. By having their own local DNS users in network B could
get to infinity-ltd.com <http://infinity-ltd.com> and pay $1000 for
proofreading advertising e-mail (I don't think you'll like to miss that
because network A is down).
I think I should use a DNS service other than dnsmasq. Am I wrong?
Thank you.
Actualy, it may do what you want. What you do is tell all the machines
on network B to use the Linux machine running dnsmasq as their name
server. If a machine asks for a domain name that it does not know about,
it will use the name server(s) specified in the config file, or
otherwise specified, to get the IP address. It will also "remember" this
IP address so that if another machine asks for it, it will be able to
give it without having to ask other name servers. This cuts down on name
server trafic when you have several machines that vist the same sites.
If you run a copy on both network A and network B, you have the option
of having the copy on network B ask the copy on network A first, or go
directly to the Internet.
What dnsmasq does not do is get information directly from the root name
servers. You need some higher level name server that it can ask for
information. On network A, you would normaly use ISP A's name servers.
On network B, you would use ISP B's name servers. The requests would not
go over the VPN to network A, but directly over the Internet to the
nameservers specified. (Unless network B can only connect to the
Internet over the VPN.) In any case, talking directly to the root name
servers is discuraged when you can use an ISP's name server, to keep the
DNS trafic down to a managable level.
The program as origionaly written for networks that used dialup to
connect to the Internet. It both cuts down on DNS lookup trafic by both
prevent duplicate lookups when more then one machine on the network
wants the same site. You can also have a list of names that never get
looked up, or are given a specific local address. This is nice if you
want to eliminate all the bandwith used to show the doubleclick adds in
the web pages, or replace them with your own version. :-)
I actualy have it running on my home network. I can get to almost
everyware on the Internet, even though all the other programs and
machines use it for their DNS server. (If I try to go to
doubleclick.net, I get my local web server, and it doesn't do
Doubleclick URLs.)
There are other programs that do the same job - they are usualy classed
as chaching name servers. They are designed to provide DNS service for
the local network. They normaly get thier information from your ISP's
name servers. (Your ISP's name servers may also be this type of name
server.) Full name servers can also be configured to do this, but it is
not what they are best at.
Mikkel
--
Do not meddle in the affairs of dragons,
for thou art crunchy and taste good with Ketchup!
____________________________________________________
Want to buy your Pack or Services from Mandriva?
Go to http://store.mandriva.com
Join the Club : http://www.mandrivaclub.com
____________________________________________________
