On Tue, 2004-01-06 at 00:12, Craig White wrote:
> ---
> ISC's dhcpd and bind (versions 3.0x and 9.2.x are current I think) are
> more than capable of ddns. This isn't all that easy to set up - though
> ddns on Active Directory is easier, it's also more costly. Other dhcp
> servers (i.e. Linksys dsl/cable modem routers) can be configured to
> entice the client to register ddns with dns server if you run a caching
> dns server on your lan.
>
> SOME dhcp servers are very consistent about leases and most modern
> computer OS's will try to re-lease the same ip address to prevent drift.
> Also, a typical dhcp server will let you make 'reservations' which fix
> the ip address 'issued' to a server based upon the MAC address of the
> network card. This is cool...your ip address is certain not to change
> but if you make a change in the dhcp configuration (i.e. dns server
> address changes, netbios server changes, ntp server changes, etc. -
> these changes are absorbed by the computer which gets its ip address
> from the unchanging reservation).
>
> BUT in answer to your question - when I set up a lan...
> typically a class C - 254 ip addresses / say 192.168.0.0
> I will reserve 192.168.0.1 through 192.168.0.99 for fixed ip addresses
> I will have the dhcp server issue addresses 192.168.0.100 through
> 192.168.0.199
> I will have the default gateway at 192.168.0.254 (internet access)
> 192.168.0.0 is network address and no host is given that address
> 192.168.0.1 is primary network server
> 192.168.0.2 through 192.168.0.49 is for other servers
> 192.168.0.50 through 192.168.0.999 is for printers
>
> and yes, it's a good idea to 'fix' server addresses so that they never
> move and make entries into dns server for those servers.
>
> I also tend to use A records for the host names...
> 192.168.0.1 linserv1.domain.com linserv1
> 192.168.0.2 virtualip.domain.com virtualip #another ip from server
>
> and then create CNAME records for common services...
> www.domain.com linserv1.domain.com
> ftp.domain.com linserv1.domain.com
> mail.domain.com linserv2.domain.com
> so that I can change the server without going around to each machine.
> For example, if everyone points their MUA (mail client program) to use
> mail.domain.com and I decide to bring in a new server to handle the
> mail, I only need to change the CNAME record and everyone finds the new
> mail server.
>
> As for your analogy with windows, \\SERVER\SHARE - it's no different
> with nfs - consider only the above information. With DNS it's actually
> simpler when you have a plan.
>
> YMMV
>
> Craig
Lots of info here :) My needs are a lot simpler though. Here's what I
was thinking of doing in my network:
1- Firewall, FreeBSD, would also serve as DNS server, and I was
initially thinking DHCP server as well (they use ISC's implementation of
DHCP, so that ties in to what you were saying). Would run a SSH server
as well, but that would be pretty much it (SSH/DNS/DHCP/ipfilter/ipnat).
Will kill the FTP server if there's one running (don't care yet, not
fully configured, using another Linux box as firewall right now).
2- Main Linux box, would serve as an internal mail server (still haven't
setup postfix on it yet though) and I'd have to figure a way of
forwarding all of FreeBSD's typical internal mail to root to that box.
Possible, just don't know how yet. Would also serve as a SAMBA PDC for
the WinXP boxen in my network. FTP and SSH servers would be running here
too. And eventually, when I get around to it, fax server. Already serves
as a scanner server (wife's pretty happy she can scan from her WinXP
system when the scanner's connected to the Linux box). For many of these
services, I need either a constant hostname, or IP. I'd think that DDNS
would be overkill here, so simply reserving an IP for this box with DHCP
should be enough, and putting a static entry in DNS for that IP should
suffice I think.
Apart from that, all other systems are Windows, and I think that the
\\server\share\ analogy will be a constant one with or without a PDC,
with or without static IP's or DNS entries (they already recognize each
other and I don't have a DNS server up, so...) Since I won't have to
access my Windows systems from the Linux system, apart from maybe using
samba shares, and after careful consideration, I think I only need two
static IP's, the firewall's, and the Linux box.
Thanks for all the input!
Manu