# DNS server for local network



## bsus (Sep 11, 2011)

Hi,
I want to set up a DNS server for my local network.

I read already the DNS server section with named in the handbook. But in the handbook they make the configuration of a WAN DNS Server I just need a LAN. My question is if what I have to change for this action in my namedb conf?

Regards


----------



## Anonymous (Sep 11, 2011)

bsus said:
			
		

> My question is if what I have to change for this action in my namedb conf?



There is nothing special, only that the names in your zone records would point to local IP addresses.

You can even decide whether you want to have a recursive name server or a forwarder.

For example, my zones look like this:

/etc/namedb/master/mylocaldomain.dom:


```
$TTL 86400       ; 24 hour default TTL
mylocaldomain.dom. IN      SOA     mylocaldomain.dom. admin.mylocaldomain.dom. (
                                     2011042801 ; Serial
                                     10800      ; Refresh
                                     3600       ; Retry
                                     604800     ; Expire
                                     300        ; Negative Reponse TTL
                                  )

; DNS Servers
                  IN      NS      mylocaldomain.dom.

; MX Records
                  IN      MX 10   mailin.exchanger.dom.

                  IN      A       192.168.0.35

; Machine Names
router            IN      A       192.168.0.1
bridge            IN      A       192.168.0.2
mini              IN      A       192.168.0.3
andreia           IN      A       192.168.0.6
nikolas           IN      A       192.168.0.7
rphone            IN      A       192.168.0.11
rolf              IN      A       192.168.0.15
server            IN      A       192.168.0.35
vpnnode           IN      A       192.168.0.49

; Aliases
www               IN      CNAME   mylocaldomain.dom.
```

/etc/namedb/master/0.168.192.in-addr.arpa

```
$TTL 86400

0.168.192.in-addr.arpa. IN SOA mylocaldomain.dom. admin.mylocaldomain.dom. (
                                    2011042801 ; Serial
                                    10800      ; Refresh
                                    3600       ; Retry
                                    604800     ; Expire
                                    300        ; Negative Reponse TTL
                                 )

        IN      NS      mylocaldomain.dom.

35      IN      PTR             mylocaldomain.dom.
1       IN      PTR      router.mylocaldomain.dom.
2       IN      PTR      bridge.mylocaldomain.dom.
3       IN      PTR        mini.mylocaldomain.dom.
6       IN      PTR     andreia.mylocaldomain.dom.
7       IN      PTR     nikolas.mylocaldomain.dom.
11      IN      PTR      rphone.mylocaldomain.dom.
15      IN      PTR        rolf.mylocaldomain.dom.
49      IN      PTR     vpnnode.mylocaldomain.dom.
```


----------



## da1 (Sep 11, 2011)

A bit offtopic but some time ago I was also using BIND for some home setups and I came to the conclusion it's overkill (unless of course, you particularly want to learn/study/play with BIND - was my case back then).

Now, I'm looking at dns/djbdns as an alternative.


----------



## DutchDaemon (Sep 11, 2011)

dns/unbound is also trivial to set up.


----------



## da1 (Sep 11, 2011)

Regarding dns/unbound one can have a look @ the BSDMagazine as it has an article on how to set it up.


----------



## bsus (Sep 11, 2011)

> (unless of course, you particularly want to learn/study/play with BIND - was my case back then)


Isn't this the Issue in everything "we" do? 

@rolfheinrich
Thankyou, I copied youre files and changed the host- and domainnames and the ips to my network.So thanks for the "vorlage".


So BIND/named works good. I would like to ask something off-topic:
Are TLD which are free (so you'll get a dns error when pinging or visiting over the browser).
Could I than configure my dns server to "listen" on this address? Does this work? and ist this legal?

Regards


----------



## kpa (Sep 11, 2011)

bsus said:
			
		

> So BIND/named works good. I would like to ask something off-topic:
> Are TLD which are free (so you'll get a dns error when pinging or visiting over the browser).
> Could I than configure my dns server to "listen" on this address? Does this work? and ist this legal?
> Regards



You can pretend to be microsoft.com in your own network but no one outside of your network will know about it  

The reason for this is the delegation of TLDs by the root name servers that will stay the same for everybody else but you if you happen to use a TLD or domain that is already in use. In other words your DNS server won't be able to register itself somewhere and somehow tell the world that it's now an authoritative name server for microsoft.com, DNS does not work that way. Same if you use a TLD that is not yet in use, that TLD will be only visible to the clients that use your own local DNS server.


----------



## Anonymous (Sep 11, 2011)

bsus said:
			
		

> I would like to ask something off-topic:
> Are TLD which are free (so you'll get a dns error when pinging or visiting over the browser).
> Could I than configure my dns server to "listen" on this address? Does this work? and ist this legal?



You can use ".local" as the local TLD. This is somewhat semi-official. The Multicast DNS (aka Zeroconf, Bonjour, etc.) uses this top level domain. I did not try it, but I am almost sure, that you may use .local concurrently as a TLD for a BIND zone even with Avahi or mDNSResponder being installed.


----------



## da1 (Sep 12, 2011)

bsus said:
			
		

> Isn't this the Issue in everything "we" do?



Hehe, got me there .


----------



## bsus (Sep 12, 2011)

> You can pretend to be microsoft.com in your own network but no one outside of your network will know about it
> 
> The reason for this is the delegation of TLDs by the root name servers that will stay the same for everybody else but you if you happen to use a TLD or domain that is already in use. In other words your DNS server won't be able to register itself somewhere and somehow tell the world that it's now an authoritative name server for microsoft.com, DNS does not work that way. Same if you use a TLD that is not yet in use, that TLD will be only visible to the clients that use your own local DNS server.


Good Answer. And a register in a root dns-server only against money.... poor world  - so I will have to progress using dyndns.



> You can use ".local" as the local TLD. This is somewhat semi-official. The Multicast DNS (aka Zeroconf, Bonjour, etc.) uses this top level domain. I did not try it, but I am almost sure, that you may use .local concurrently as a TLD for a BIND zone even with Avahi or mDNSResponder being installed.


But this solution would make my network reachable from "outside" with a "permanent" dns-name?



> Hehe, got me there .


----------



## da1 (Sep 12, 2011)

bsus said:
			
		

> But this solution would make my network reachable from "outside" with a "permanent" dns-name?



No, you need (to buy) a FQDN (fully qualified domain name) for that (ex: da1.org).


----------



## MasterOne (Sep 12, 2011)

I am using dns/dnsmasq for quite while, since it's simple, lightweight and has a built-in DHCP server, that registers DHCP leases in its DNS part automatically.


----------

