basic client setup plus name resolving from HW router
Sten Carlsen
sten at s-carlsen.dk
Sun May 14 22:38:33 UTC 2006
The use of .local is reserved by Apple. If you do not use macs, you
don't have to care.
Whatever you do I recommend not to use .local. .home is safe.
This is based on personal experience and documents from Apple. Look for
rendevous.
Simon Hobson wrote:
> Olivier Schreiber wrote:
>
>
>> > You need to have dhcp-server and bind installed (you do not need
>>
>>> dhcp-client on the machine you use as the server).
>>> On bind, configure a forward and reverse zone for your network
>>>
>> > (ie mydomain.com and 123.168.192.arpa).
>>
>> Would you mind clarifying the two above addrsses?
>> I am not sure they are chosen or imposed by reading your explanations
>> below. The `arpa' string is confusing me.
>>
>
> OK, the two zones in DNS you need are :
>
> mydomain.com - this is what is commonly referred to as the 'forward'
> zone, it is used when you type in something like "ssh
> somemachine.mydomain.com" to resolve the name to an address.
> mydomain.com is however just an example, you should use your own
> domain here.
>
> 123.168.192.arpa - this is the 'reverse' zone, used to do lookups in
> the reverse direction to normal. When you (for example) ssh into
> another machine, it will most likely try and resolve your address for
> the benefit of logs etc - so it can log a connection from
> "mylaptop.mydomain.com" instead of 192.168.123.42. The way it works
> is that whatever address is given, reverse the order of the octets,
> and append "in-addr.arpa" - this makes the address into something
> with the same structure as the domain names so it can easily be
> handled by the same delegation process.
>
> To see how this works, try :
> dig +trace www.thehobsons.co.uk
> dig +trace -x 212.159.9.131
>
> This will show you the nameservers/delegations used to get from the
> root of the dns tree down to an individual node.
>
>
> However, by setting up the two zones in your own dns server, queries
> for addresses in these zones will never be sent outside as your own
> server already has answers. Thus, within your own network, you can
> resolve (eg) somemachine.mydomain.com to an IP address, and resolve
> an IP address in the 192.168.123.0/24 network to a name.
>
> You can configure your dns server in two ways for dealing with
> names/addresses that are not in your network :
> 1) forward any other queries to other dns servers (typically those
> provided by your ISP) - generally called a "forwarder".
> 2) go find the results itself, starting at the root nameservers.
>
> All this is definitely not DHCP related, there is much out there on
> dns, but I would recommend an O'Reilly book called "DNS and Bind" by
> Paul Albitz and Cricket Liu. It includes a lot of advanced stuff that
> you can ignore, but it starts by explaining the fundamentals, how
> they work, and why it's done that way.
>
>
>> > <pet moan>
>>
>>> Do not just 'make up' a domain, or use ".local", or use a domain that
>>> someone else is using. Using .local is wrong - it's a reserved domain
>>> name for ZeroConf (cf Apple's Rendevous, multicast DNS, ...) and
>>> whilst Windows networks work fine with a .local address, Macs will
>>> barf and the network doesn't work right.
>>> If you just 'make up' a domain name, at some point it could be
>>> registered by someone else - and then you would be using someone
>>> elses domain name.
>>> Using someone elses domain name is just plain bad manners. Apart from
>>> not being able to access anything in their domain, the domain you use
>>> internally DOES leak out (eg in mail headers) and it's bad to be
>>> using someone elses name.
>>> Getting your own domain name registered is so cheap and easy these
>>> days that there really isn't any excuse if you want to do things
>>> properly.
>>> </pet moan>
>>>
>> Would you mind outlining more a HOWTO approach to your `moan' like
>> which domain is the forward, which one is the backward--given a
>> commercial ISP non-fixed IP address and how to get said domain name?
>> I totally agree with your concern that people do the right thing but
>> most of the time, they don't because they think it is too complicated.
>>
>
> There are many places where you can buy a domain name, I can't
> recommend any one in particular as I've got my domain names and web
> hosting via my ISP as part of my ADSL package.
>
> If you are stuck with a dynamic IP address then that makes it rather
> difficult to run your own mail server. My ISP gives fixed addresses
> so I can run my own mail, and so can apply my own spam prevention
> measures such as greylisting which I find very effective - most
> definitely to be preferred over an ISPs mail server that accepts
> everything and then throws half your genuine mail away with the spam !
>
> I have asked in a number of places about a suitable domain to use for
> private use and never had a good answer. Many use .local because it
> seems to make sense and I believe it is recommended by Microsoft when
> setting up a Small Business Server, but as stated above, it isn't a
> particularly good choice. Others just make up a domain name (eg
> 'fredshouse.com') and hope no-one ever comes along and registers it.
> Others make up a top level domain that isn't used and use that - eg
> "fredshouse.private". As far as I know, there is no top level domain
> reserved for private use.
>
> Of the options, best is to register your own domain name, after that,
> using something like mydomain.private seems reasonable since it
> doesn't seem too likely that ICANN will create .private as a new top
> level domain.
>
>
>
More information about the dhcp-users
mailing list