<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2900.3020" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT face=Arial size=2>dnsmasq will be a lot more lightweight to
configure/install/maintain (by far, IMHO).</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>I can sort-of answer a few of these:</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>For the first two bullets, I've found that setting
up a resolv.dnsmasq file (in /etc) with the name of the "upstream servers" --
the three external IP-Addresses you reference in your first bullet. It's
basically your current resolv.conf with the name changed.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Then set your actual resolv.conf to:</FONT></DIV>
<DIV><FONT face=Arial size=2>nameserver 127.0.0.1</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>And set the "resolv-file=/etc/resolv.dnsmasq" in
the dnsmasq.conf file.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>This should keep you from the round-trips -- your
localhost should look to dnsmasq first for name resolution, and if dnsmasq
doesn't find it in the cache, dhcp leases (if feature-used), (or in your
configured hosts files, etc.) it'll then go to the upstream nameservers.
If I understood the questions correctly! ;)</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>As for being on the internet, your iptables should
keep name-resolution requests (port 53, right?) blocked from the internet
interface, but you can also set an ignore for that NIC/interface in the config
file to be sure.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Dunno if that helped. Hope so!</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>-AJ</FONT></DIV>
<DIV> </DIV>
<BLOCKQUOTE
style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV style="FONT: 10pt arial">----- Original Message ----- </DIV>
<DIV
style="BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: black"><B>From:</B>
<A title=marsepein@gmail.com href="mailto:marsepein@gmail.com">Carl</A> </DIV>
<DIV style="FONT: 10pt arial"><B>To:</B> <A
title=dnsmasq-discuss@lists.thekelleys.org.uk
href="mailto:dnsmasq-discuss@lists.thekelleys.org.uk">dnsmasq-discuss@lists.thekelleys.org.uk</A>
</DIV>
<DIV style="FONT: 10pt arial"><B>Sent:</B> Friday, January 05, 2007 2:22
PM</DIV>
<DIV style="FONT: 10pt arial"><B>Subject:</B> [Dnsmasq-discuss] DNSmasq on a
VPS instead of bind</DIV>
<DIV><BR></DIV>Is dnsmasq faster than bind, does it use less memory than
named/bind<BR>in this config? :<BR><BR>The only static and long-lasting config
I need is:<BR><BR>- I need a caching nameserver, forwarding DNS requests<BR>to
3 external IP-addresses of nameservers I may use to resolve with.<BR>I've read
the config entries, but where do I set those 3 ?<BR><BR>- The server with
dnsmasq on it is also web and mail-server for<BR>several domainnames.<BR>Where
do I set this so that they go to the internal box instead of outside<BR>and
then inside again or something?<BR><BR>- The server is directly connected to
the internet. (I do use iptables<BR>and some other firewall thingies, but that
is no problem for me.) I<BR>just mention this so you know my two NICs on the
server have WAN<BR>IP-addresses. No LAN, no NAT.<BR>How does that work,
regarding DNSmasq config ?<BR><BR>- All domain names and their A records and
MX records I control with<BR>DNS elsewhere, like at zoneedit, godaddy, transip
etc. so DNSmasq does<BR>not have to deal with any of that.<BR><BR>That's it. I
need no more.<BR>Is dnsmasq a smart choice in this case? Or should I stick
with bind?<BR><BR><BR>Thanks in
advance!<BR><BR>Carl<BR><BR>_______________________________________________<BR>Dnsmasq-discuss
mailing list<BR><A
href="mailto:Dnsmasq-discuss@lists.thekelleys.org.uk">Dnsmasq-discuss@lists.thekelleys.org.uk</A><BR><A
href="http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss">http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss</A></BLOCKQUOTE></BODY></HTML>