[Dnsmasq-discuss] DNSmasq on a VPS instead of bind

Aaron J Weber aweber at comcast.net
Fri Jan 5 19:35:13 GMT 2007 

dnsmasq will be a lot more lightweight to configure/install/maintain (by far, IMHO).

I can sort-of answer a few of these:

For the first two bullets, I've found that setting up a resolv.dnsmasq file (in /etc) with the name of the "upstream servers" -- the three external IP-Addresses you reference in your first bullet.  It's basically your current resolv.conf with the name changed.

Then set your actual resolv.conf to:
nameserver 127.0.0.1

And set the "resolv-file=/etc/resolv.dnsmasq" in the dnsmasq.conf file.

This should keep you from the round-trips -- your localhost should look to dnsmasq first for name resolution, and if dnsmasq doesn't find it in the cache, dhcp leases (if feature-used), (or in your configured hosts files, etc.) it'll then go to the upstream nameservers.  If I understood the questions correctly! ;)

As for being on the internet, your iptables should keep name-resolution requests (port 53, right?) blocked from the internet interface, but you can also set an ignore for that NIC/interface in the config file to be sure.

Dunno if that helped.  Hope so!

-AJ

  ----- Original Message ----- 
  From: Carl 
  To: dnsmasq-discuss at lists.thekelleys.org.uk 
  Sent: Friday, January 05, 2007 2:22 PM
  Subject: [Dnsmasq-discuss] DNSmasq on a VPS instead of bind


  Is dnsmasq faster than bind, does it use less memory than named/bind
  in this config? :

  The only static and long-lasting config I need is:

  - I need a caching nameserver, forwarding DNS requests
  to 3 external IP-addresses of nameservers I may use to resolve with.
  I've read the config entries, but where do I set those 3 ?

  - The server with dnsmasq on it is also web and mail-server for
  several domainnames.
  Where do I set this so that they go to the internal box instead of outside
  and then inside again or something?

  - The server is directly connected to the internet. (I do use iptables
  and some other firewall thingies, but that is no problem for me.) I
  just mention this so you know my two NICs on the server have WAN
  IP-addresses. No LAN, no NAT.
  How does that work, regarding DNSmasq config ?

  - All domain names and their A records and MX records I control with
  DNS elsewhere, like at zoneedit, godaddy, transip etc. so DNSmasq does
  not have to deal with any of that.

  That's it. I need no more.
  Is dnsmasq a smart choice in this case? Or should I stick with bind?


  Thanks in advance!

  Carl

  _______________________________________________
  Dnsmasq-discuss mailing list
  Dnsmasq-discuss at lists.thekelleys.org.uk
  http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20070105/3f56a613/attachment-0001.html

More information about the Dnsmasq-discuss mailing list