small dns daemon / forwarder ?
Hello everyone:
I have a number of machines behind a NAT firewall. Because I don't like
to manage hosts files on all of the machines, I usually set up bind on
my Ultra-1 running debian. BIND has a zone file for my domain, and
reverse DNS info for each of my internal IP's, so it provides
'internal' DNS on my network as well as caching and forwarding DNS
requests outside my domain.
The problem is that BIND is a beast, and using it in this manner is
like trying to swat a fly with an ICBM. It's using a lot of CPU, and
it's a pain in the butt to configure. On top of that, and what's really
prompted my to investigate BIND alternatives, is that named just goes
absolutely nuts when it can't find a root server, and that happens from
time to time from my DSL line. When it can't talk to a root server,
named goes all cornolio and logs that fact like crazy, soaks the CPU on
the machine and fills up /var in like 20 minutes flat. (this in spite
of having category lame-servers { null; }; in named.conf)
So, there has to be something better out there to use for 'internal'
DNS. All this thing needs to do is resolve hostnames on my domain to
internal addresses (www.hicox.com = 192.168.blah.blah), and provide
reverse lookup for internal ip addresses (192.168.blah.blah =
laptop.hicox.com, etc.), and forward DNS requests to my ISP's DNS
server for things not on my domain (yahoo.com ... get ip from ISP's
DNS, relay it back to requester).
dnsmasq looked promising, but it was tied fairly tightly with dhcpd,
which is not something I'm looking to run, configuration looked far
from intuitive as well.
I can't imagine I'm the first guy in the history of the world to have
run across this problem. Does anyone know of a good lightweight dns
daemon that can do what I'm looking for?
thanks,
-Andrew
###################################################
## Andrew N. Hicox
## Hicox Information Systems Development
## [voice]: 703-367-9085
## [email]: andrew@hicox.com
## [web]: http://hicox.com
##
## Rome built daily.
###################################################
Reply to: