[ previous ] [ next ] [ threads ]
 From:  "James W. McKeand" <james at mckeand dot biz>
 To:  "'sylikc'" <sylikc at gmail dot com>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Different DHCP DNS Server list per Interface
 Date:  Tue, 14 Sep 2004 13:05:40 -0400
I have ran DHCPd on a Linux system in the past - simple to setup if I
remember. I am currently using a Microsoft SBS 2003 (Windows 2003 Server +
Exchange 2003 + Fax Server). Which by default runs DHCP, DNS, WINS, RRAS,
IIS, AD... (Oddly enough I had to setup IAS - Internet Auth Services? - to
have RADIUS support for my PPTP.) You would only need WINS if you support
NT4 and 9x on your LAN, they prefer WINS for name resolution. 2000 and XP
look first to DNS when resolving names by default. 

I changed to Microsoft because I am now supporting more clients that use SBS
2000 & 2003. It is easier to support someone if I have something like what
they have for comparison.
James W. McKeand

-----Original Message-----
From: sylikc [mailto:sylikc at gmail dot com] 
Sent: Tuesday, September 14, 2004 12:21 PM
To: James W. McKeand
Cc: m0n0wall at lists dot m0n0 dot ch
Subject: Re: [m0n0wall] Different DHCP DNS Server list per Interface


> I should of pointed out that without a hack I do not know a way to do 
> this though the default WebGUI. I probably should of held my response 
> - it was very close to the end of a very long day... ;-)

Hack-a-time!  Not really... I'm not a hacker of m0n0 just yet, but maybe
I'll contribute when I figure out how to make something new work.  And
right, it's okay, it was a Friday, and I appreciate your quick response
anyhow. :)

> IMHO the DHCP supplied in devices such as m0n0 is intended to be 
> simple and lightweight. They generally do not have the full complement 
> of scope options. The WINS server is supplied, but is the NBT node 
> type? (On a Windows DHCP server these are usually given out together) 
> I could check, but I'm too lazy to go upstairs, fire up my son's pc, and
do an ipconfig /all.

I haven't yet used WINS on my network for the sake that on one of the other
threads, the second I brought up WINS in a WIN2K network, someone mentioned
that if I have to rely on WINS, I have some issues in the network
infrastructure (which is quite true after I read up on WINS).

> My advice would be to use a separate DHCP for your LAN, giving you the 
> full flexibility of scope options. Let the "untrusted" guest users use 
> the DNS Forwarder on the m0n0 - which should use the DNS supplied by 
> your ISP. Do not give out WINS to the "untrusted". Your DMZ should be 
> statically assigned IP - I assume this subnet contains just a few 
> servers. The DMZ could still use the DNS (and WINS if you need it) on 
> your LAN, but you will need rules to allow the traffic to the LAN.

So, you mentioned you used a DHCP / DNS server on your LAN.  What is it
running?  Maybe I'll have to set up a server in the LAN afterall


To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch