Looking for a Name Resolution solution

[Eric "Shubes"]

Craig White wrote:
> On Wed, 2006-12-20 at 06:32 -0700, Eric "Shubes" wrote:
>> Dazed_75 wrote:
>>> I think I have found the answer.  It looks to me like a router which has
>>> dnsmasq functionality is exactly what I am looking for.  It would have
>>> been nice to find a no cost solution, but I think this is the right
>>> answer.  Looks like it meets all the criteria and beyond the initial
>>> setup seems to be mostly maintenance free.
>>>
>>> For those that have a single machine sharing its network connection with
>>> the rest of the LAN, they can do this totally with dnsmasq software.
>>>
>> L,
>> I'm glad you've found something that meets your requirements. Three comments:
>>
>> 1) The first criteria was that no 'computers' are always turned on. I guess
>> you're not including a router as a computer. Your DHCP/DNS server would
>> *have* to be on all the time. ;)
>>
>> 2) A solution that's been working for me is IPCop (http://ipcop.org) on a
>> formerly retired emachines 333mh box. Pretty much a firewall on steroids,
>> IPCop provides a slew of neat features including DHCP and DNS (caching and
>> local hosts) services. I use every feature available (except web proxy) to
>> one extent or another. It's very easy to configure, as everything after
>> initial NIC configuration (part of installation) is web based. However,
>> TTBOMK IPCop does not have a way to automatically update DNS hosts from
>> dynamic DHCP leases. It's very simple though to assign static IP addresses
>> to servers in DHCP and add them to the DNS hosts file. At least all
>> maintenance is consolidated this way, and is easy to do (gui web, from any
>> machine that's running on the LAN).
>>
>> 3) While not necessarily a concern in the environment(s) you're addressing,
>> updating DNS with dynamic DHCP leases can be a security risk in some
>> (business) environments. I'm guessing this is why you don't see much of it
>> going on.
>>
>> Just my .02
>>
>> P.S. Samba might be more what you're looking for, but that only covers the
>> DNS (name resolution) part. You'd still need a DHCP server available to hand
>> out local IP addresses.
> ----
> I definitely agree on ipcop but:
> 
> - businesses definitely use dynamic dns with dhcp leases...that is
> standard operational mode for Windows AD and even if using ISC's DHCPd,
> Windows machines will try to do an RRSET on the dns server. I routinely
> use ISC's DHCPd and BIND and routinely use dynamic updating and set the
> appropriate ACL's

Agreed. However, Dazed's configuration isn't using Windows AD.

> - Samba doesn't do DNS resolution by default, but uses NetBIOS and WINS
> resolutions which are clearly not DNS, don't provide fqdn (fully
> qualified domain name) and not appropriate for resolution on typical
> tcp/ip based services.

I'm thinking that Dazed's LAN would not need fqdn's. Perhaps I'm mistaken.
Your point that samba is not a robust DNS solution is certainly valid though.

> - While I don't recall ipcop's web based interface having options for
> ddns and I don't use ipcop to provide DHCP or DNS services, I can see
> that the versions are more than capable of supporting ddns and can
> easily be manually configured to do so.

That'd certainly be worth looking into. It'd be a nice feature to request
for the base distro too.

> Craig
> 
Thanks, Craig. The howto you referenced at http://www.brennan.id.au/ looks
very nice.

-- 
-Eric 'shubes'