On Fri, 28 Jul 2000, Razvan Sandu wrote about, DNS - a FAQ:
> Hello!
>
> Could someone please give me an answer to the following problem, which - I
> think - it's almost a FAQ ? Or, at least, to point to the appropriate Web
> page ?
I think you have missed one very easy but important thing.
ipchains
> I have a simple LAN (the simplest: one Ethernet segment). Workstations are
> Win95. One machine can dual boot also Linux and, when in Linux, acts as a
> gateway (it has a modem and it connects to the ISP through dial-up on a
> normal, switched line). It provides WWW browsing and e-mail to all Win95
> clients.
Like many others.
>
> For various reasons, I want to set up a small DNS for INTERNAL use. Since I
> DON'T HAVE AN OFFICIAL DOMAIN, I use 192.168.1.0 addreses and all my
> machines are in the "fakedomain.lan" domain.
You say 192.168.1.0 as addresses i hope you mean. 192.168.1.0 as a network
meaning you do not try and configure machines with that number.
As i see it you do not need to configure your machine as a dns sever et al.
>
> Reading Nicolai Langfeldt's DNS-HOWTO, I didn't understand how should I set
> up my DNS for this type of configuration, in order not to disturbe anyone.
> Cause my LAN is neither completely isolated, nor a part of my official ISP
> domain.
I have not read this howto, never found it nessacary.
>
> As usual, my ISP allocates a dynamic, non-fixed IP address to the gateway,
> every time when it connects through dial-up.
>
> As a note, I HAVE to use the "notify yes" clause, since I also plan to have
> a secondary nameserver on my LAN.
Simply use ipchains on the linux gate machine, it will isolate your lan
giving it protection and possably speed things up as well.
#!/bin/sh
#protect your win machines from others with;
#
/sbin/ipchains -M -S 7200 10 160
/sbin/ipchains -P forward DENY
#
# Allow the local machines to access the internet on a IP defined basis
# Can be a used as a network clause.
#
/sbin/ipchains -A forward -s 192.168.0.2/32 -j MASQ
#
# Thats it.
Configure your win machines with the DNS address of your isp.
Thats what i do. O and of course set a default route via the linux machine.
>
> Thanks a lot,
> Razvan
--
Regards Richard
[EMAIL PROTECTED]
http://people.zeelandnet.nl/pa3gcu/
-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to [EMAIL PROTECTED]
Please read the FAQ at http://www.linux-learn.org/faqs
