LARTC - Mar 2002 - DNS (bind vs dnsmasq for small dsl network)

http://www.thekelleys.org.uk/dnsmasq/doc.html

Have any of you used this? Thoughts/oppinions?

I''m setting up a router/firewall/etc to replace my current hardware dsl
router, and installed bind, but this looks much nicer and usable (for
something small like my setup).

I''ll have 5 computers behind my firewall all the time, and up to 10-15
once
every other month or so for lan parties.

I''ve got htb/ingress/etc all happy now, just need to decide on the
extras :)

On Thu, Mar 21, 2002 at 05:02:30PM -0600, Bill Williamson
wrote:
> I''m setting up a router/firewall/etc to replace my current
hardware dsl
> router, and installed bind, but this looks much nicer and usable (for
> something small like my setup).
I recommend you seriously consider using djbdns from
http://cr.yp.to/djbdns.html.

If you need help setting it up, E-mail me -- its pretty easy and for a
small setup, you''ll end up editing one line per DNS entry in a text
file.
> I''ll have 5 computers behind my firewall all the time, and up to
10-15 once
> every other month or so for lan parties.
> 
> I''ve got htb/ingress/etc all happy now, just need to decide on the
extras :)
-- 
Michael T. Babcock
CTO, FibreSpeed Ltd.     (Hosting, Security, Consultation, Database, etc)
http://www.fibrespeed.net/~mbabcock/

is djbdns powerful enough to handle more than 500 domains ? many people
told me that djbdns is more secure than Bind, is it true ? I''ve
installed
djbdns on my development server but don''t have courage to install it on
my
production server, my consideration is the stability, reliability and
security...

regards,
Jeffery Samuel
------------------------
"Don''t reinvent the wheel. Inherit the wheel." - unknown




                    "Michael T.
                    Babcock"                 To:     LARTC List
<lartc@mailman.ds9a.nl>
                    <mbabcock@fibresp        cc:
                    eed.net>                 Subject:     Re: [LARTC] DNS
(bind vs dnsmasq for
                    Sent by:                 small dsl network)
                    lartc-admin@mailm
                    an.ds9a.nl


                    03/22/2002 08:33
                    PM






On Thu, Mar 21, 2002 at 05:02:30PM -0600, Bill Williamson
wrote:
> I''m setting up a router/firewall/etc to replace my current
hardware dsl
> router, and installed bind, but this looks much nicer and usable (for
> something small like my setup).
I recommend you seriously consider using djbdns from
http://cr.yp.to/djbdns.html.

If you need help setting it up, E-mail me -- its pretty easy and for a
small setup, you''ll end up editing one line per DNS entry in a text
file.
> I''ll have 5 computers behind my firewall all the time, and up to
10-15
once
> every other month or so for lan parties.
>
> I''ve got htb/ingress/etc all happy now, just need to decide on the
extras
:)
--
Michael T. Babcock
CTO, FibreSpeed Ltd.     (Hosting, Security, Consultation, Database, etc)
http://www.fibrespeed.net/~mbabcock/
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

On Fri, Mar 22, 2002 at 09:16:51PM +0700, JefferySamuel@binus.ac.id
wrote:
> 
> is djbdns powerful enough to handle more than 500 domains ? many people
If you read up at the cr.yp.to/djbdns.html page, you''ll find that some
people are using it for _thousands_ of domains.  It is very powerful; it
uses disk caching to cache responses however, so frequently changing the
domain file will decrease performance somewhat; although write-through
caching should get you the same benefits if your OS has it.
> told me that djbdns is more secure than Bind, is it true ? I''ve
installed
It is highly secure (no security bugs yet that I''m aware of;
there''s a
cash reward if you find any though).  It is well-written from what I''ve
read
of its source although variable naming is quite obscure but being written
by a mathematician probably explains that.
> djbdns on my development server but don''t have courage to install
it on my
> production server, my consideration is the stability, reliability and
> security...
It has never crashed for me.
It has never failed to respond for me.
It is my production DNS server (feel free to hammer away at fibrespeed.net
DNS requests if you like) ;-).
It has great local diagnostic tools and logging for any user-caused errors.
-- 
Michael T. Babcock
CTO, FibreSpeed Ltd.     (Hosting, Security, Consultation, Database, etc)
http://www.fibrespeed.net/~mbabcock/