[ previous ] [ next ] [ threads ]
 From:  "Chris Marcellin" <canus at teksavvy dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  newbie question
 Date:  Wed, 31 Aug 2005 19:14:18 -0400
hey all again;

wow, i'm very impressed with this board, you have all given great advice and
point of views.

i thank you.

the reason why i want to host my own dns servers is because i'm going to be

web hosting, and it would be so much easier doing it myself, perhaps more
difficult in

the beginning setting it up, but in the end much easier in the sense of

to call my domain provider to keep on updating it and having to deal with

politics, and secondly because i get experience from it.  

so, to get this straight, y'all agree in my idea of setting it up.

opt1/dmz for my servers using a private adress ( for example)
using natting 1:1, and port forwarding 80,53 etc...

lan for workstations (

1 more question, perhaps a stupid one, although i don't believe a stupid
question exists

can i use the same switch that i'll be using on the lan, for example using
the lan and the opt1/dmz

on an unmanaged switch, in other words having and on
the same switch, without vlan's, will

the switch pass packets through to the right pc's/server's, or do i need 2
switches, 1 for each network


I also run my own DNS on an ADSL link and I use a free secondary server:


and I'm pretty happy about it (for that price...)


Vince Van De Coevering wrote:

>>-----Original Message-----

>>From: Chris Buechler [mailto:cbuechler at gmail dot com] 

>>Overall I'd agree with this, but unless you really, really want to for

>>some reason, I'd avoid using your own DNS servers.  You typically get

>>free and solid DNS with domain name registration (and if not, transfer

>>to a registrar that does offer this).  Not to mention they'll give you

>>a primary and secondary, and if they do things right they'll be on

>>separate /24 networks, at a minimum, and maybe in two different

>>physical locations.  Unless you run a serious NOC yourself, I wouldn't

>>consider hosting your own DNS.



> That may be true for ISPs that provide service in your area

> But my ISP charges a per month per domain fee to host DNS.

> To further their monopoly they refuse to follow the RFC for

> Classless reverse addressing.


> I host my own DNS for just that reason.


> The Private Public DNS server model is another reason to

> Host your own DNS.  In that model you set up a DNS server

> That provides zone transfers to the DNS servers defined

> As primary and secondary for your domain.  Any change you

> Make will be sent up to these servers.  You don't have to

> Worry about configuration inconsistencies between the two

> Servers since they draw their info from the same source.


> I use zones extensively in Bind.  I have a zone that provides

> Answers to DNS questions in the safe side of the firewall

> Using LAN addresses and another zone that answers requests

> Using the public IP addresses for requests from the wild

> Side of the firewall. 


> I guess it's a matter of preference...


> Vince Van De Coevering

> IT Manager

> Figaro's Italian Pizza, Inc.

> 503-371-9318 x216

> vpv at figaros dot com