From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1Qto6H-0005Zt-MY for garchives@archives.gentoo.org; Wed, 17 Aug 2011 21:56:38 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id B983221C26C; Wed, 17 Aug 2011 21:56:28 +0000 (UTC) Received: from mail-ww0-f53.google.com (mail-ww0-f53.google.com [74.125.82.53]) by pigeon.gentoo.org (Postfix) with ESMTP id 0CF2F21C353 for ; Wed, 17 Aug 2011 21:54:14 +0000 (UTC) Received: by wwf25 with SMTP id 25so1368513wwf.10 for ; Wed, 17 Aug 2011 14:54:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=from:to:subject:date:message-id:user-agent:in-reply-to:references :mime-version:content-transfer-encoding:content-type; bh=nCm38htwkgAn2Mp77UTrrPmaAv9go45JXiXZxrG4sUU=; b=VxtvVLy+KBpUl3hBVPUGVFcJnIQWowoDt37WeG+1J3U2SwLgYmxBO7dqznFgbO10Hw aVOods1NQhaWDhvkrm2bOfTjnM2FtwpLZrMumWdFmqNxlg8Ma4ruacWt8zoUlSZAy3UT XUJaueg/oQCCNnJJV+sTpPaSSrNqdsY6qUbSk= Received: by 10.227.179.14 with SMTP id bo14mr441676wbb.90.1313618054294; Wed, 17 Aug 2011 14:54:14 -0700 (PDT) Received: from nazgul.localnet (196-210-153-55.dynamic.isadsl.co.za [196.210.153.55]) by mx.google.com with ESMTPS id fd4sm1253677wbb.13.2011.08.17.14.54.12 (version=TLSv1/SSLv3 cipher=OTHER); Wed, 17 Aug 2011 14:54:13 -0700 (PDT) From: Alan McKinnon To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Running HTTP and DNS on same machine Date: Wed, 17 Aug 2011 23:53:52 +0200 Message-ID: <2014422.cuJOgXTDR9@nazgul> User-Agent: KMail/4.7.0 (Linux/2.6.39-ck-r2; KDE/4.7.0; x86_64; ; ) In-Reply-To: References: Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="utf-8" X-Archives-Salt: X-Archives-Hash: 95e45b586c355f8e7630435dc074c5a4 On Wed 17 August 2011 17:23:41 Michael Mol did opine thusly: > On Wed, Aug 17, 2011 at 4:56 PM, Grant wrote: > > I currently use a free service to host the DNS records for my > > website, but I'm thinking of running a DNS server on the same > > machine that runs my website instead. Would that be fairly > > trivial to set up and maintain? If so, which package should I > > use? > > ISC bind is the de facto standard for DNS servers. I haven't > administered bind on Gentoo, but on Debian, most of the problems I > run into come from how Debian packages and updates configuration > files. > > I'm not running DNS servers in any major production capacity; I've > got a bind server at home linking my home domain and my employer's > work domain across a VPN, and updated dynamically via a dhcpd on > the same server. It's also serving as a caching recursive resolver > for my home network, which was *really* necessary when I was still > on AT&T. (The DSL link was dropping packets every now and again, > and it's a PITA when that happens to DNS queries) You're running an auth server and a cache on the same machine? At a minimum they should be on different interfaces and preferably in chroots. Otherwise all manner of $BAD_STUFF happens. I assume your home domain is small, in which case you'd probably get away with it. But still. > If you want to get into managing your own DNS, and if there was > anything in that previous sentence you're unfamiliar with, I highly > recommend O'Reilly's DNS & Bind: 5th Edition before you commit any > of your services to your own server. Excellent book, up there with Mastering Regular Expressions. The fellow who sits on the other side of the partition from me has that very edition - signed by Cricket. Lucky bastard. He won't even let me touch it, never mind read it. -- alan dot mckinnon at gmail dot com