Re: A domain question for a private network
On 7/17/05, Kevin [EMAIL PROTECTED] wrote: P.S. Skip the reverse DNS part unless you really need it. That part can cause more headaches than it will likely ever be worth in a smallish network like the one you describe. Preparing for a reverse lookup is rather simple; there are plenty of examples available with the system. Providing such a lookup will probably save you the annoyance of having to wait for ssh logins, etc. As listed in the FAQ: http://www.openbsd.org/faq/faq8.html#RevDNS P.P.S. No, you don't need to register a domain if you take the approach Jason langdeldt.net describe for your local network If you have both an external and an internal domain, you may want to separate the two: domain.tld for the external one; domain.local for the internal version. Cheers, Rogier -- If you don't know where you're going, any road will get you there.
Re: A domain question for a private network
On Jul 17, 2005, at 11:27 AM, Vivek Ayer wrote: Hi guys, I'm kind of a newbie at setting up domains on my private networks. I have a firewall (OpenBSD 3.7) connected to the internet, a wireless network, and a wired network. It serves internet to the wired and wireless network via pf (NAT). The router is headless. I have clients on both wired and wireless networks. I'm not running a DNS server anyway. In fact, I'm not sure how to setup named. But I was wondering, since the router is headless and I have to ssh into it, I need to login without worrying about stupid ip addresses. I don't want register any domains, just something for network to identification is easier. In fact, I don't even want a domain presence outside the networks. to ssh into the firewall, I have to: ssh [EMAIL PROTECTED] Rather, I would like to just ssh firewall (or whatever hostname is given to it) Say I have two comps on the wired network and two comps on the wireless network and the firewall. I would like to assign everything to a common domainname (whether they run linux, windows, whatever). Say the domainname is daemonized.net. when I do ssh [EMAIL PROTECTED] from a client to admin the firewall, I get nothing to work. What are the steps (in detail) I have to do get this working. Do I even need a DNS server to register the ip address with the names? This seems like a no-brainer question, but I'd say I'm relatively new in networking. I hope you guys don't grill me for this. Thanks a bunch. Appreciate it. I'll send out any system info after any replies. Run named on your firewall with recursion enabled. Create local forward and reverse zones for some domain on your private subnet. Use dhcp to hand out the DNS server info to your clients. Make sure you only allow DNS queries from your LAN. Yes, this is a birds-eye. If you want detail, start reading the various DNS (Bind) and TCP/IP networking books and learn from breaking things. ;-) -- Jason Dixon DixonGroup Consulting http://www.dixongroup.net
Re: A domain question for a private network
Run named on your firewall with recursion enabled. Create local forward and reverse zones for some domain on your private subnet. Use dhcp to hand out the DNS server info to your clients. Make sure you only allow DNS queries from your LAN. Yes, this is a birds-eye. If you want detail, start reading the various DNS (Bind) and TCP/IP networking books and learn from breaking things. ;-) Vivek, What you're after and the approach Jason mentions are a very, very common setup. Once you've done it a couple of times, you'll find it's a total piece of cake--especially on OpenBSD, since so many of the things you need are available and just need to be turned on. I think setting an OBSD machine up like this takes me something like 15 minutes now from start to finish. Getting there the first time will likely take you quite a bit longer. If you're looking for a good primer on DNS, look here: http://www.langfeldt.net/DNS-HOWTO/BIND-9/ It discusses all the stuff Jason mentions in good detail and should put you on the right track. Kevin P.S. Skip the reverse DNS part unless you really need it. That part can cause more headaches than it will likely ever be worth in a smallish network like the one you describe. P.P.S. No, you don't need to register a domain if you take the approach Jason langdeldt.net describe for your local network -- http://www.ebiinc.com : EBI: the background screening experts Leaders in corporate background checks, worldwide.
Re: A domain question for a private network
Thanks a bunch. Will look into it. Vivek