On 11/15/07, Jonathan Thornburg <[EMAIL PROTECTED]> wrote: > I'm setting up a home firewall, intended to (try to) protect "client" > machines (mostly family members' MS-Windoze laptops) from misc internet > threats. I have a couple of questions about how best to handle DNS > on/through the firewall:
just use named in caching mode (should work out of the box) and forget your isp's name servers. it costs next to nothing performance-wise and works relly well. a soekris 4501 firewall (100MHz/ 64 MB RAM) does handle a DSL-type connection (4 MBit) including dhcpd, named and ntpd very well. --knitti