DNS possible for private networks?

Simon Waters Simon at wretched.demon.co.uk
Thu Oct 23 21:57:49 UTC 2003 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

David C. Hoos wrote:
>
> I have the following questions about this, viz.:
>
>   1.  Can I do this?

Well it is easy to do ;)

>   2.  How do I do it?

We'd need to know more about the network other than say set up a DNS
server. Do the different networks have to remain private from each
other? Does it matter if a client looks up a name on another network
even if it can't reach it?

Bu initially it looks simple. You didn't mention anythingabout redundacy
of name service!

>   3.  Can I use my own made-up (i.e. unregistered domain name -- e.g.
> domain1, and domain2) or must I use a registered domain name?

Either will work. It is more a choice of picking a method that is
sensible for your needs.

>   4.  If I must use a registered domain name, can I use our corporate
> domain name?

Yes, although this tends to require you to keep two copies of that zone
in sync, a private one and a public one. A subdomain is often preferred,
even if never made public, that can mean long names, but may allow some
advantages if you ever decide to "open up" access more widely.

>   5.  If this is doable, is there any way to have a common database of
> hostnames vs. IP addresses for use by both DHCP and DNS (BIND), or
> must I duplicate the information for both?

"man dhcpd.conf" ?

Depends what you want the names for.

You can just put names in the DNS for each host, this is simple and
effective, be my first choice to examine. What you put in the DHCP
hostname option is up to you, DHCP hostname is optional in ISC DHCP, it
defaults to "hostname" I believe.

The DHCP server can be authoriative for names, telling the DNS server,
and clients (although they'll probably ignore it), what things are called.

The clients can send their names to the DHCP server which can pass them
on to the DNS server (or in some cases (Microsoft) the clients can tell
the DNS server themselves).

Sometimes having more ways to do things just leads to more confusion. If
you find the whys and wherefores of naming computers remarkably
confusing, you've probably just about understood all you need to know ;)
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE/mE7aGFXfHI9FVgYRApIJAKCCHU8ySp0hr+fUZWnP6HgK+3haigCfTOk0
bTOGJk02mnmqTJc6s+rnSns=
=HsYN
-----END PGP SIGNATURE-----

More information about the bind-users mailing list