Re: how best to handle DNS on firewalled home network?

In message http://marc.info/?l=openbsd-miscm=119514716426646w=1, I wrote: I'm setting up a home firewall, intended to (try to) protect client machines (mostly family members' MS-Windoze laptops) from misc internet threats. [[...]] My plan is to have the firewall run its own dhcpd on its inside

Re: how best to handle DNS on firewalled home network?

On 2007/11/19 23:46, Jonathan Thornburg wrote: One person also mentioned that s/he uses uses opendns.com instead of ISP nameservers. N.B. by default they will return a positive response for non- existent domains (for typo correction) and bogus responses to provide warnings about phishing

Re: how best to handle DNS on firewalled home network?

Jonathan Thornburg wrote: My plan is to have the firewall run its own dhcpd on its inside interface, giving out private client addresses in the 192.168.0.0/16 address range. (This way clients can be kept at the same MS-Windoze configure everything automagically DHCP settings they would use

Re: how best to handle DNS on firewalled home network?

On Thu, 15 Nov 2007, Daniel Melameth wrote: On 11/15/07, Jonathan Thornburg [EMAIL PROTECTED] wrote: (a) When the firewall boots, after the outside network is configured (via /etc/rc running dhclient) a shell/grep/perl script on the firewall copies the DNS server addresses from

Re: how best to handle DNS on firewalled home network?

On 2007/11/15 17:02, Jonathan Thornburg wrote: (b) The firewall's dhcpd is configured to tell clients that the firewall itself is a DNS server. I find ISP DNS servers to give enough trouble that I always do this, even if it means not benefitting from their cache. The firewall also runs a

Re: how best to handle DNS on firewalled home network?

On 11/15/07, Jonathan Thornburg [EMAIL PROTECTED] wrote: I'm setting up a home firewall, intended to (try to) protect client machines (mostly family members' MS-Windoze laptops) from misc internet threats. I have a couple of questions about how best to handle DNS on/through the firewall:

Re: how best to handle DNS on firewalled home network?

On 11/15/07, Jonathan Thornburg [EMAIL PROTECTED] wrote: I'm setting up a home firewall, intended to (try to) protect client machines (mostly family members' MS-Windoze laptops) from misc internet threats. I have a couple of questions about how best to handle DNS on/through the firewall:

Re: how best to handle DNS on firewalled home network?

On Thu, Nov 15, 2007 at 08:00:22PM +0100, knitti wrote: just use named in caching mode (should work out of the box) and forget your isp's name servers. it costs next to nothing performance-wise and works relly well. a soekris 4501 firewall (100MHz/ 64 MB RAM) does handle a DSL-type connection

Re: how best to handle DNS on firewalled home network?

Jonathan Thornburg wrote: The purpose of this message is to ask for advice on how to handle DNS on the firewall. I can see two basic options: (a) When the firewall boots, after the outside network is configured (via /etc/rc running dhclient) a shell/grep/perl script on the firewall