dcsimg

Preventing Vexation and Woe: DNS Fundamentals, Part 1 - Page 2

 By Carla Schroder | Posted Jan 30, 2003
Page 2 of 2   |  Back to Page 1
Print Article

WEBINAR:
On-Demand

EUC with HCI: Why It Matters


LAN Cache

Another option is to use a single cache for the entire LAN. Install dnscache on a computer with a static IP and then configure the other computer's resolvers to point to it, replacing any existing nameserver entries:

nameserver 192.168.1.110

This is called an external cache because other hosts are allowed to access it. dnscache comes with built-in authentication, so you must specify which hosts are allowed access. Never ever expose your DNS cache to the world at large. Ever. It's a big security hole.

FQDN

Host names are a continual source of confusion. Fully-qualified domain names (FQDNs) are always needed for DNS to work correctly. The Internet domain hierarchy is in a tree format, with the first-level domains at the top. FQDNs are read right-to-left. For example, in server1.bratgrrl.com,

  • com is the first-level domain (like .org, .net, .gov, .info, and so forth),
  • bratgrrl is the second-level domain name, and
  • server1 is the specific machine hostname.
There is a limited, official list of first-level domain names. The first- and second-level names combine to form registered domain names. Add a machine hostname, and that makes a FQDN. I own bratgrrl.com, so everything@bratgrrl.com belongs to me. Mine all mine. I can use any designation on my servers that I want, like weirdname.bratgrrl.com or my.cool.server.at.bratgrrl.com.

Setting the hostname on a Linux PC is easy. In /etc/hostname, give the machine a hostname only, such as server1, and in /etc/hosts, give the FQDN mapped to the IP address, then the hostname:

192.168.1.110 server1.bratgrrl.com server1

Use the hostname and the dnsdomainname commands to test that it was done correctly:

$ hostname
server1
$ dnsdomainname
bratgrrl.com

Red Hat does this slightly differently; it uses /etc/sysconfig/network. Other Linuxes may vary as well, so check your documentation. The various Windows versions vary somewhat, too; start at the Network and Dial-Up Connections control panel. Just because it's easy doesn't mean you should do it; changing hostnames will affect a variety of network functions.

There are two types of domains: Internet-connected and private. The first- and second-level names only matter for Internet-connected domains -- for running Web, mail, and FTP servers, and such. For these you have to purchase unique names in an approved format from a domain name registrar. For a strictly local domain on a private LAN, you can name your hosts anything you like: server.here.andnow, this.weird.name.because.ican, etc.

In Part 2 we'll take a look at running a DNS server, security considerations, and mixed networks. Please see Resources for excellent companion articles.

Resources
Internet Assigned Numbers Authority
Tinydns: Kiss Your Bind Good-Bye
Kiss Your BIND Good-bye: In-Depth Configuration with Tinydns
djbdns home page
Stroud's CWSApps, search here for a variety of Windows DNS and proxy software
man resolver, man hosts

» See All Articles by Columnist Carla Shroder


Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter

By submitting your information, you agree that enterprisenetworkingplanet.com may send you ENTERPRISENetworkingPLANET offers via email, phone and text message, as well as email offers about other products and services that ENTERPRISENetworkingPLANET believes may be of interest to you. ENTERPRISENetworkingPLANET will process your information in accordance with the Quinstreet Privacy Policy.