Don't worry, it took my about six months and a lot of reading for me to figure it
out. To answer your question about two IPs. I had to assign the machine two
local IPs, beyond the dialup link. Here's the reason. Lets assume you have a
machine with two IPs: 192.168.0.1 and 192.168.0.2. This machine also has a dialup
PPP connection. This machine is acting as a firewall when connected to your ISP.
There are two ways for trafic to get through it. One is masquerading the other is
a proxy server. Assume that your proxy or masquerade is running on 192.168.0.1
In this case an DNS requests sent to that IP will be forwarded on to your ISPs DNS
servers. To run a local DNS, you can run a DNS server on 192.168.0.2 with a
single root server of 192.168.0.1.
If the two IPs on a single network card is a little hard to grasp, you can use the
exact same setup using two seperate machines, on doing PPP/Proxy/Masquerade and
the other running as a DNS server. This is the setup I am now using.
Patrick McNamara
> Hmmm. I'm trying to do this, also. You say you need two IP's; if the
> serving machine is using ppp to make the outside connection, then it
> does have two (the internal network 198..., for example, and whatever
> the ISP assigns to it on connection). Is that the same thing (2 IP's)?
> Seems that the only way to get it to work is to use the ISP's DNS on the
> server, and the server's 198 (internal) address as DNS on the rest of
> the internal network; like you said.
> Sorry if I seem to be parrotting here; I'm trying to chew on this. My
> initial attempts to get this working seemed to work fine except that it
> killed dial-on-demand except from the server itself. Never figured that
> out....
> > I have done exactly what you are trying to do. Originally the dialup
> > machine was NT4.0 and has MS DNS running on it, I have since moved the dns
> > over to linux. This is one case where the ideas work the same way on NT or
> > Linux, though the setup is a bit different. There is one catch to this
> > setup: The machine connected to the net can't use the internal DNS server;
> > I'll explain why in a minute. Now for what I had to do.
> > The machine that will be serving as your DNS and dialup machine (I'll call
> > it Hal for lack of a better name) needs to have two IPs. I did this by
> > binding to IPs to the same NIC. The only thing run on the second IP is your
> > local DNS. Set up your local DNS and get it working, don't worry about
> > outside resolution yet. Once this works, edit the root namserver list (I
> > just went braindead and can't remember the filename). The only entry you
> > want in this file is either your ISPs namserver or the other IP of Hal,
> > depending on how your routes/masquerading is set up. Point all other
> > machines DNS at the second IP for Hal.
> > In this setup, the local server answers all domain lookup requests. If it
> > can't find it in the local domain (or its cache) it forwards it on to what
> > it thinks is root DNS server, it doesn't care that its not. I made the
> > comment that the machine connecting to the net can't use the local DNS
> > server. The reason being that if it does use the internal server and can't
> > resolve a name the request gets sent back to the local server and you end up
> > in an infinite loop of lookups.
> > re-post.
> > Patrick McNamara
> > > On Thursday, Mr. Smith responded to the following (not my question):
> > > > I connect to internet thru my dialup to my ISP, and I don't have a
> > > > registered domain name. I am just wondering if it's possible at all
> > > to
> > > > set up a DNS server (on the machine that connects to internet, of
> > > > course). I have already set it up as my DHCP server, and am
> > > struggling
> > > > with IP masquerading right now.
> > > > Thanks very much for any pointers. BTW, I am using COL 2.3.
> > > with:
> > > Sure. There are at least two configurations you might want to consider:
> > > 1) A caching-only nameserver. In this configuration, your nameserver
> > > doesn't have its own entries, it just caches entries for use on your
> > > local network, to reduce network use in DNS lookups.
> > > 2) A private domain nameserver. In this setup, you make up a domain
> > > name,
> > > such as foo.bar. (Note that your fictitious domain should use a
> > > nonexistent top-level domain, like bar in my example, not a real
> > > top-level domain like com, edu, or whatnot.) You can then serve the
> > > names of machines on your private network, in addition to caching
> > > external names, as a caching-only nameserver does.
> > > I have set up the caching-only nameserver as discussed in (1). My issue
> > > is with (2). I've tried several ways to set up fake domain but have not
> > > had success. The how-to advises against fake domains and so does not
> > > outline how to do it. How is the caching-only nameserver set up so that
> > > it still performs its intended function yet also resolve a fake domain
> > > for an intranet web page that is only accessible only the local LAN?
> > > What is the syntax for essentially hardcoding a fake domain into a setup
> > > that caches external names?
> > > Any assistance that you can provide is appreciated. Thank you.
by