Well, Bob I'm glad you asked. I run a local dns caching server at my office to significantly speed up name resolution and thus web browsing for my workstations. I also run one on my laptop because on some networks I plug in to, they don't have a local dns cache.
I'm currently using bind on my office dns server. dnscache is part of the djbdns package. I've installed it on my laptop as a test environment. I'm intending to replace bind with djbdns (tinydns or dnscachex) on my work dns server. To answer your other questions, No we don't have an intranet here at PA. We have some internal webservers that right now are giving me a development bed to make some web based perl admin tools (ie a nice perl script that parses smbstatus so I can see current samba connections and locked files, or another tool that tells me who's logged in to a sql server and if anyone has a process that is blocking other processes). But you asked about dns. I have setup bind to be the master for the petersen-arne.com locally. I've setup my null MX record to point to my internal mail server and www points to webserver. Without this trying to connect to www.petersen-arne.com would have resulted in the client trying to connect to our public ip, which the firewall would have dropped since I have not setup any rules to DNAT my local clients to my local webserver. Allowing the clients to connect to the local webserver could have been done with either the firewall rules, or dns. I chose dns, however I don't recommend bind. Learning how to properly setup a bind configuration and zone file was annoying, but useful. I'm also using the dhcp-dns package which is a set of scripts to parse the dhcp leases file from dhcpd, then pass dynamic additions and deletions to bind. This allows me to say 'ping acct1.petersen-arne.com' or just 'ping acct1' and it will hit the right ip address (almost always). Note that dhcp-dns works with bind. Before replacing bind, I'll have to either find or write something that will update tinydns/dnscachex with the new hosts. Back to djbdns and one cool thing about it that works very well for my laptop. I have a great working vpn through which I seamlessly connect when I'm remote. Whether in the office or out, I use mutt to check my email with a scripted command: mutt -f imap://cory@mars/inbox. In the office my local dns cache resolves mars to the appropriate ip. Outside the office, mars normally wouldn't resolve. This is because my dhcp client receives the near by dns servers and puts them in /etc/resolv.conf, and they know nothing about the computer named "mars", nor my 10.x network. I could and have used a hosts file, however this does not work with my dhcp clients as their ip addresses are changed and dns is updated automatically. The solution? I wrote a script to put the ip address of my office dns server in /etc/resolv.conf after getting an ip address. While it gave me the functionality I wanted, it had the unfortunate draw back of all dns lookups traversing the public internet, then my half t1 then back. djbdns' dnscache has a cool feature where one can say, anything for petersen-arne.com ask this server 10.0.0.x. Anything else, ask the servers in /etc/resolv.conf. Bind can probably do this, but here's how to do it in dnscache: # cd /service/dnscache/root/servers # echo 10.0.0.x>petersen-arne.com # echo 10.0.0.x>10.in-addr.arpa # svc -t /service/dnscache Another cool package from the author of djbdns is the daemontools package, which is required for dnscache. In it is a service scanner that monitors and restarts specified services so they are always running and available. The service scanner is run by inittab, so it is very difficult to kill it, even if you try really hard. Cory -----Original Message----- From: Bob Miller [mailto:kbob@;jogger-egg.com] Sent: Sunday, November 03, 2002 7:11 PM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: running dnscache on laptop Cory, we saw on Saturday that you dnscache on your laptop. Does Petersen Arne have any sort of intranet, that is, hosts that have DNS info inside Petersen Arne, but not outside? Do any of the other sites your laptop visits have intranets? If so, how do you handle that with dnscache? My laptop gets plugged in to various intranets and I didn't want to mess with restarting dnscache whenever I changed networks, so I haven't installed it. -- Bob Miller K<bob> kbobsoft software consulting http://kbobsoft.com [EMAIL PROTECTED] _______________________________________________ Eug-LUG mailing list [EMAIL PROTECTED] http://mailman.efn.org/cgi-bin/listinfo/eug-lug
