Re: DNS discovery / FreeBSD Firewall
The questions is; How do I have the internal network machines get the DNS server settings from the Firewall? The two scenarios I can think of are: that the Firewall also acts as a DHCP server and somehow set the DNS of the internal net machines to the Firewalls resolv.conf entries; or I can have the Firewall act as a DNS server/relay and forward the DNS requests. If your ISP keep changing their DNS server I'd suggest another solution: set your own DNS server, but on a machine different from the firewall. Just make sure that the filrewall let domain traffic (udp/53 and tcp/53) go through. And configure the firewall to use your own DNS server. DNS server needs NO resources, an old PIII 500 will do the trick. It is always a good choice to have the firewall be only a firewall and nothing else. If you add DNS on your firewall and DNS has somore vulnerabilities, your firewall would be comprimised... Bests, Olivier ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
DNS discovery / FreeBSD Firewall
Hello, I have a FreeBSD 6.1 firewall (pf) between my cable-modem and router, with an IP address set by DHCP. My ISP recently changed their DNS server IP adresses which I have set manually on the computers on my home office network. The questions is; How do I have the internal network machines get the DNS server settings from the Firewall? The two scenarios I can think of are: that the Firewall also acts as a DHCP server and somehow set the DNS of the internal net machines to the Firewalls resolv.conf entries; or I can have the Firewall act as a DNS server/relay and forward the DNS requests. Is one of these preferable or easier than the other? Are there other ways to do this? I feel there must be someone on this list who is doing the same thing and has a solution or can at least point me in the right direction. Any and all help is greatly appreciated. Thanks in advance, sincerely Mark Moellering ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
