Steven W. Orr wrote: > On 09/24/09 16:49, quoth Bruno Wolff III: >> On Thu, Sep 24, 2009 at 16:04:03 -0400, >> "Steven W. Orr" <steveo@xxxxxxxxxxx> wrote: >>> What I want to do is to set up the DNS Caching Nameserver. The goal is: >>> * for saturn to use OpenDNS.org >>> * For client machines in my network to use saturn via the caching server >> Do you know that you can set up your own resolver/cache instead of a >> forwarder/cache and then not have to deal with opendns? > > Ok. I'll byte. Where do I start reading? Somebody has to be my resolver. > Either I pick it or it's assigned to me by my ISP. Either way,m it seemed like > a good idea to cache what I collected and then to make my machines on the > inside of my net take advantage of the cache. What am I missing? And I don't > understand the difference between what you're saying as different between a > resolver cache vs a forwarder cache. > > While you are reading, you may want to check into some of the other name server. I like dnsmasq, but you should find what works best for you. The advantage is easy setup. For example, dnsmasq can read your /etc/hosts file, and add that, instead of you having to set up a zone file for the local network. It can also operate as a dhcp server, and automatically incorporate the IP addresses. With a slight change to the dhclient configuration on saturn, you can have it use your ISP's assigned name servers if you want. One disadvantage is that they do not usually run in a chroot environment, so there may be a bit more of a security risk. But when it is only going to be assessable by the local network, and the fact that it tends to be a lot simpler code, I believe the risk evens out. You both tell it to only respond to requests for the interface for the local network, and firewall off connection attempts from the Internet. (You would want to do the same thing with bind.) Bind has a lot of nice features, but few of them are needed for a home or small office network. They are necessary if you are running an Internet accessible name server. Mikkel -- Do not meddle in the affairs of dragons, for thou art crunchy and taste good with Ketchup!
Attachment:
signature.asc
Description: OpenPGP digital signature
-- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
