[Dnsmasq-discuss] DNSmasq on a VPS instead of bind
Aaron J Weber
aweber at comcast.net
Fri Jan 5 19:35:13 GMT 2007
dnsmasq will be a lot more lightweight to configure/install/maintain (by far, IMHO).
I can sort-of answer a few of these:
For the first two bullets, I've found that setting up a resolv.dnsmasq file (in /etc) with the name of the "upstream servers" -- the three external IP-Addresses you reference in your first bullet. It's basically your current resolv.conf with the name changed.
Then set your actual resolv.conf to:
And set the "resolv-file=/etc/resolv.dnsmasq" in the dnsmasq.conf file.
This should keep you from the round-trips -- your localhost should look to dnsmasq first for name resolution, and if dnsmasq doesn't find it in the cache, dhcp leases (if feature-used), (or in your configured hosts files, etc.) it'll then go to the upstream nameservers. If I understood the questions correctly! ;)
As for being on the internet, your iptables should keep name-resolution requests (port 53, right?) blocked from the internet interface, but you can also set an ignore for that NIC/interface in the config file to be sure.
Dunno if that helped. Hope so!
----- Original Message -----
To: dnsmasq-discuss at lists.thekelleys.org.uk
Sent: Friday, January 05, 2007 2:22 PM
Subject: [Dnsmasq-discuss] DNSmasq on a VPS instead of bind
Is dnsmasq faster than bind, does it use less memory than named/bind
in this config? :
The only static and long-lasting config I need is:
- I need a caching nameserver, forwarding DNS requests
to 3 external IP-addresses of nameservers I may use to resolve with.
I've read the config entries, but where do I set those 3 ?
- The server with dnsmasq on it is also web and mail-server for
Where do I set this so that they go to the internal box instead of outside
and then inside again or something?
- The server is directly connected to the internet. (I do use iptables
and some other firewall thingies, but that is no problem for me.) I
just mention this so you know my two NICs on the server have WAN
IP-addresses. No LAN, no NAT.
How does that work, regarding DNSmasq config ?
- All domain names and their A records and MX records I control with
DNS elsewhere, like at zoneedit, godaddy, transip etc. so DNSmasq does
not have to deal with any of that.
That's it. I need no more.
Is dnsmasq a smart choice in this case? Or should I stick with bind?
Thanks in advance!
Dnsmasq-discuss mailing list
Dnsmasq-discuss at lists.thekelleys.org.uk
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Dnsmasq-discuss