Looking for a Name Resolution solution

Wed Dec 20 11:54:11 MST 2006

> members of SLUG

umm, is that possibly "Sydney *Linux User Group* (*SLUG*)<http://slug.org.au/>
"?
  (http://slug.org.au/)
or maybe the "Spokane *Linux Users Group* - [...]<http://www.spokanelinux.org/>
"?
  (http://www.spokanelinux.org/)
?
-- 
Mike Schwartz
Glendale  AZ
schwartz at acm.org
Mike.L.Schwartz at gmail.com


On 12/20/06, Dazed_75 <lthielster at gmail.com> wrote:
>
> WOW, thanks for all the input.  Frankly most of the replies violate the
> first criteria since most seem to require an always on computer system (and
> while a router such as a Linksys WRT54 really is a computer, I do not count
> it for that criteria).  And the only solution I still see is the one of
> using a router with dnsmasq.  For example by using open-wrt on any of the
> supported routers such as the wrt54gl (not the model I currently have).
>
> I am not sure Craigs message denigrating "appliance" devices applies to
> something like open-wrt but I also do not know what djb is and a web search
> was not revealing.  I do know that dnsmasq allows you to choose lease
> duration, and my linksys router does retain leases at least for their
> duration.
>
> FYI, machines on my network run Ubuntu 6.06, 6.10, kubuntu 6.06, Windows
> XP, 98SE, and sometimes Win ME, win2k, Mepis, SUSE 10.1, puppy, knoppix,
> DSL, LFS, even tried Mandrake and gentoo.  I have not run RedHat in years
> but have run 4, 5, 6, 8, and even 9.  Never ran Fedora.  I probably add and
> remove an average of two machines per week.  LOW maintenance is critical.  I
> think a solutuion for me would also work for TONS of people with simpler
> needs and for members of SLUG.  That is why I would prefer the whole
> enchilada be in an off-the-shelf router.  I just have not found one with it
> built in.
>
> On 12/20/06,  Eric Shubes <plug at shubes.net>wrote:
> >
> > Craig White wrote:
> > > On Wed, 2006-12-20 at 06:32 -0700, Eric "Shubes" wrote:
> > >> Dazed_75 wrote:
> > >>> I think I have found the answer.  It looks to me like a router which
> > has
> > >>> dnsmasq functionality is exactly what I am looking for.  It would
> > have
> > >>> been nice to find a no cost solution, but I think this is the right
> > >>> answer.  Looks like it meets all the criteria and beyond the initial
> > >>> setup seems to be mostly maintenance free.
> > >>>
> > >>> For those that have a single machine sharing its network connection
> > with
> > >>> the rest of the LAN, they can do this totally with dnsmasq software.
> > >>>
> > >> L,
> > >> I'm glad you've found something that meets your requirements. Three
> > comments:
> > >>
> > >> 1) The first criteria was that no 'computers' are always turned on. I
> > guess
> > >> you're not including a router as a computer. Your DHCP/DNS server
> > would
> > >> *have* to be on all the time. ;)
> > >>
> > >> 2) A solution that's been working for me is IPCop (http://ipcop.org)
> > on a
> > >> formerly retired emachines 333mh box. Pretty much a firewall on
> > steroids,
> > >> IPCop provides a slew of neat features including DHCP and DNS
> > (caching and
> > >> local hosts) services. I use every feature available (except web
> > proxy) to
> > >> one extent or another. It's very easy to configure, as everything
> > after
> > >> initial NIC configuration (part of installation) is web based.
> > However,
> > >> TTBOMK IPCop does not have a way to automatically update DNS hosts
> > from
> > >> dynamic DHCP leases. It's very simple though to assign static IP
> > addresses
> > >> to servers in DHCP and add them to the DNS hosts file. At least all
> > >> maintenance is consolidated this way, and is easy to do (gui web,
> > from any
> > >> machine that's running on the LAN).
> > >>
> > >> 3) While not necessarily a concern in the environment(s) you're
> > addressing,
> > >> updating DNS with dynamic DHCP leases can be a security risk in some
> > >> (business) environments. I'm guessing this is why you don't see much
> > of it
> > >> going on.
> > >>
> > >> Just my .02
> > >>
> > >> P.S. Samba might be more what you're looking for, but that only
> > covers the
> > >> DNS (name resolution) part. You'd still need a DHCP server available
> > to hand
> > >> out local IP addresses.
> > > ----
> > > I definitely agree on ipcop but:
> > >
> > > - businesses definitely use dynamic dns with dhcp leases...that is
> > > standard operational mode for Windows AD and even if using ISC's
> > DHCPd,
> > > Windows machines will try to do an RRSET on the dns server. I
> > routinely
> > > use ISC's DHCPd and BIND and routinely use dynamic updating and set
> > the
> > > appropriate ACL's
> >
> > Agreed. However, Dazed's configuration isn't using Windows AD.
> >
> > > - Samba doesn't do DNS resolution by default, but uses NetBIOS and
> > WINS
> > > resolutions which are clearly not DNS, don't provide fqdn (fully
> > > qualified domain name) and not appropriate for resolution on typical
> > > tcp/ip based services.
> >
> > I'm thinking that Dazed's LAN would not need fqdn's. Perhaps I'm
> > mistaken.
> > Your point that samba is not a robust DNS solution is certainly valid
> > though.
> >
> > > - While I don't recall ipcop's web based interface having options for
> > > ddns and I don't use ipcop to provide DHCP or DNS services, I can see
> > > that the versions are more than capable of supporting ddns and can
> > > easily be manually configured to do so.
> >
> > That'd certainly be worth looking into. It'd be a nice feature to
> > request
> > for the base distro too.
> >
> > > Craig
> > >
> > Thanks, Craig. The howto you referenced at http://www.brennan.id.au/looks
> > very nice.
> >
> > --
> > -Eric 'shubes'
> > ---------------------------------------------------
> > PLUG-discuss mailing list - [...]<PLUG-discuss at lists.plug.phoenix.az.us><http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss>
> >
>
> [...] <PLUG-discuss at lists.plug.phoenix.az.us>
> ---------------------------------------------------
> PLUG-discuss mailing list - [...] <PLUG-discuss at lists.plug.phoenix.az.us><PLUG-discuss at lists.plug.phoenix.az.us><http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20061220/bb75b22a/attachment-0001.htm