[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Mixing and Matching DHCP and static IPs

Henning Follmann wrote:

> 1) You talk too much.
> Solution: be precise but not chatty. Get to the point.
> 
> 2) Your network setup is overly complicated.
> Solution: simplify! Also very important: complexity is the enemy of
> security. Your set up should be straight forward that any issue becomes
> apparent without any effort.
> 
> Forget about your caching dns server ( at least for now) It is just
> another layer of complexity in your preexisting mess.

very good summary :)

Mark can start by drawing a diagram of the setup, configuring the DHCP an
DNS and firewall properly.
Ad DHCP Mark, you can setup a range with static and a range with dynamic IP
addresses. All that has static address must still be in the DNS to be
resolved.

I did not get it at which level you split the network in two
(internal/external or private/public) - I assume this is the firewall. It
also means the firewall has 2 interfaces - one for internal and one for
external network. You need a good IP-tables setup to make interconnect
possible.

What I describe is the most simple scenario and as Henning mentioned forget
the dns caching for now, until all this stands. I advise start with
DNS/DHCP in the internal (private) network.

regards
Reply to: