From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from <gentoo-user+bounces-127066-garchives=archives.gentoo.org@lists.gentoo.org>) id 1Qu7Bk-0006Y9-M4 for garchives@archives.gentoo.org; Thu, 18 Aug 2011 18:19:32 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 9AE2421C113; Thu, 18 Aug 2011 18:19:14 +0000 (UTC) Received: from out2.smtp.messagingengine.com (out2.smtp.messagingengine.com [66.111.4.26]) by pigeon.gentoo.org (Postfix) with ESMTP id A9E4A21C0AA for <gentoo-user@lists.gentoo.org>; Thu, 18 Aug 2011 18:18:11 +0000 (UTC) Received: from compute3.internal (compute3.nyi.mail.srv.osa [10.202.2.43]) by gateway1.messagingengine.com (Postfix) with ESMTP id 65ABD2380A for <gentoo-user@lists.gentoo.org>; Thu, 18 Aug 2011 14:18:11 -0400 (EDT) Received: from frontend1.messagingengine.com ([10.202.2.160]) by compute3.internal (MEProxy); Thu, 18 Aug 2011 14:18:11 -0400 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=message-id:date:from:mime-version:to :subject:references:in-reply-to:content-type; s=smtpout; bh=uu6o LCT8Nul9Hd78qSurnQXtvOg=; b=XX2ieob05NJW41RJ8M9PAF49gjLKPHvCjhWM 8ATHDH/EAuCVb31M4OoERjDdDLX8ETEsPcOB+5tK3uqrDioTaYFAkval91YacKc7 nyqPVXDIgbw76tEwwmXJQ/SBEwP737/TaaScZp/GulM9np1EKDfGWv0jYsGdHnmj GpW/HIk= X-Sasl-enc: AqpBv8TZJfITsk5myb4254Ulyb1hxZ5sBgmJEAptATWb 1313691490 Received: from [192.168.5.18] (serv.binarywings.net [83.169.5.6]) by mail.messagingengine.com (Postfix) with ESMTPSA id 43FBF41FB1F for <gentoo-user@lists.gentoo.org>; Thu, 18 Aug 2011 14:18:10 -0400 (EDT) Message-ID: <4E4D5757.9050006@binarywings.net> Date: Thu, 18 Aug 2011 20:17:59 +0200 From: Florian Philipp <lists@binarywings.net> User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.17) Gecko/20110730 Lightning/1.0b3pre Thunderbird/3.1.10 Precedence: bulk List-Post: <mailto:gentoo-user@lists.gentoo.org> List-Help: <mailto:gentoo-user+help@lists.gentoo.org> List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org> List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org> List-Id: Gentoo Linux mail <gentoo-user.gentoo.org> X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Running HTTP and DNS on same machine References: <CAN0CFw0FU_zdDNAe4VazPMM=AJ04h7ZkfmHQK=Qxt2GGV_swVg@mail.gmail.com> <CA+czFiAshP0rjvje3ht7LKmbbm9nnpG5RPoEkmDu9U-bzOXt3w@mail.gmail.com> <2014422.cuJOgXTDR9@nazgul> <CA+czFiBszrMHDXuyo94pRXTDtCfvAOjW44emHMs8UWoceakb8w@mail.gmail.com> In-Reply-To: <CA+czFiBszrMHDXuyo94pRXTDtCfvAOjW44emHMs8UWoceakb8w@mail.gmail.com> X-Enigmail-Version: 1.1.2 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig0899B92C03699531B86DF4AF" X-Archives-Salt: X-Archives-Hash: 826c99094a72e2ed0d20a521a8f619f0 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig0899B92C03699531B86DF4AF Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Am 18.08.2011 03:35, schrieb Michael Mol: > On Wed, Aug 17, 2011 at 5:53 PM, Alan McKinnon <alan.mckinnon@gmail.com= > wrote: >> On Wed 17 August 2011 17:23:41 Michael Mol did opine thusly: >>> On Wed, Aug 17, 2011 at 4:56 PM, Grant <emailgrant@gmail.com> wrote: >>>> I currently use a free service to host the DNS records for my >>>> website, but I'm thinking of running a DNS server on the same >>>> machine that runs my website instead. Would that be fairly >>>> trivial to set up and maintain? If so, which package should I >>>> use? >>> >>> ISC bind is the de facto standard for DNS servers. I haven't >>> administered bind on Gentoo, but on Debian, most of the problems I >>> run into come from how Debian packages and updates configuration >>> files. >>> >>> I'm not running DNS servers in any major production capacity; I've >>> got a bind server at home linking my home domain and my employer's >>> work domain across a VPN, and updated dynamically via a dhcpd on >>> the same server. It's also serving as a caching recursive resolver >>> for my home network, which was *really* necessary when I was still >>> on AT&T. (The DSL link was dropping packets every now and again, >>> and it's a PITA when that happens to DNS queries) >> >> You're running an auth server and a cache on the same machine? >=20 > Split across a couple views, but yeah. And no recursion allowed on the = wan side. >=20 >> >> At a minimum they should be on different interfaces and preferably in >> chroots. Otherwise all manner of $BAD_STUFF happens. >=20 > Hm. Interested. >=20 > echo $BAD_STUFF >=20 > (or URI) >=20 URI: http://cr.yp.to/djbdns/separation.html Regards, Florian Philipp --------------enig0899B92C03699531B86DF4AF Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk5NV1sACgkQqs4uOUlOuU8wZACeKvSl004s7buza4ltGgOVZsF7 NrIAn3zDEYfLuvreWxynmR9YmlKW0vf4 =BEYO -----END PGP SIGNATURE----- --------------enig0899B92C03699531B86DF4AF--