On Tue, 2004-01-06 at 00:29, Emmanuel Gravel wrote: > On Tue, 2004-01-06 at 00:12, Craig White wrote: > > --- > > ISC's dhcpd and bind (versions 3.0x and 9.2.x are current I think) are > > more than capable of ddns. This isn't all that easy to set up - though > > ddns on Active Directory is easier, it's also more costly. Other dhcp > > servers (i.e. Linksys dsl/cable modem routers) can be configured to > > entice the client to register ddns with dns server if you run a caching > > dns server on your lan. > > > > SOME dhcp servers are very consistent about leases and most modern > > computer OS's will try to re-lease the same ip address to prevent drift. > > Also, a typical dhcp server will let you make 'reservations' which fix > > the ip address 'issued' to a server based upon the MAC address of the > > network card. This is cool...your ip address is certain not to change > > but if you make a change in the dhcp configuration (i.e. dns server > > address changes, netbios server changes, ntp server changes, etc. - > > these changes are absorbed by the computer which gets its ip address > > from the unchanging reservation). > > > > BUT in answer to your question - when I set up a lan... > > typically a class C - 254 ip addresses / say 192.168.0.0 > > I will reserve 192.168.0.1 through 192.168.0.99 for fixed ip addresses > > I will have the dhcp server issue addresses 192.168.0.100 through > > 192.168.0.199 > > I will have the default gateway at 192.168.0.254 (internet access) > > 192.168.0.0 is network address and no host is given that address > > 192.168.0.1 is primary network server > > 192.168.0.2 through 192.168.0.49 is for other servers > > 192.168.0.50 through 192.168.0.999 is for printers > > > > and yes, it's a good idea to 'fix' server addresses so that they never > > move and make entries into dns server for those servers. > > > > I also tend to use A records for the host names... > > 192.168.0.1 linserv1.domain.com linserv1 > > 192.168.0.2 virtualip.domain.com virtualip #another ip from server > > > > and then create CNAME records for common services... > > www.domain.com linserv1.domain.com > > ftp.domain.com linserv1.domain.com > > mail.domain.com linserv2.domain.com > > so that I can change the server without going around to each machine. > > For example, if everyone points their MUA (mail client program) to use > > mail.domain.com and I decide to bring in a new server to handle the > > mail, I only need to change the CNAME record and everyone finds the new > > mail server. > > > > As for your analogy with windows, \\SERVER\SHARE - it's no different > > with nfs - consider only the above information. With DNS it's actually > > simpler when you have a plan. > > > > YMMV > > > > Craig > > Lots of info here :) My needs are a lot simpler though. Here's what I > was thinking of doing in my network: > > 1- Firewall, FreeBSD, would also serve as DNS server, and I was > initially thinking DHCP server as well (they use ISC's implementation of > DHCP, so that ties in to what you were saying). Would run a SSH server > as well, but that would be pretty much it (SSH/DNS/DHCP/ipfilter/ipnat). > Will kill the FTP server if there's one running (don't care yet, not > fully configured, using another Linux box as firewall right now). > > 2- Main Linux box, would serve as an internal mail server (still haven't > setup postfix on it yet though) and I'd have to figure a way of > forwarding all of FreeBSD's typical internal mail to root to that box. > Possible, just don't know how yet. Would also serve as a SAMBA PDC for > the WinXP boxen in my network. FTP and SSH servers would be running here > too. And eventually, when I get around to it, fax server. Already serves > as a scanner server (wife's pretty happy she can scan from her WinXP > system when the scanner's connected to the Linux box). For many of these > services, I need either a constant hostname, or IP. I'd think that DDNS > would be overkill here, so simply reserving an IP for this box with DHCP > should be enough, and putting a static entry in DNS for that IP should > suffice I think. > > Apart from that, all other systems are Windows, and I think that the > \\server\share\ analogy will be a constant one with or without a PDC, > with or without static IP's or DNS entries (they already recognize each > other and I don't have a DNS server up, so...) Since I won't have to > access my Windows systems from the Linux system, apart from maybe using > samba shares, and after careful consideration, I think I only need two > static IP's, the firewall's, and the Linux box. > > Thanks for all the input! --- I don't always want to go to all the effort unless I want to learn how to use the technology before I have to learn in trial by fire - which is how I had to learn LDAP (not the recommended way of learning LDAP I might add) Anyway, I didn't expect that you would jump on this as DDNS is a complicated thing to set up - even surprisingly on Windows. It's just that Windows makes it easier because they don't worry about security and dns security is very much a concern for ISC. ;-) Craig