cancel
Showing results for 
Search instead for 
Did you mean: 

Running Bind.... Some questions

7up
Community Veteran
Posts: 15,824
Thanks: 1,579
Fixes: 17
Registered: ‎01-08-2007

Running Bind.... Some questions

Hi
Firstly a question aimed at PN: Is it possible to have more than 1 IP address for our connection? - If so is there a cost and how do I configure my equipment to make use of it at this end? Currently we have a dynamic IP but for dns services I'd need 2 statics..
To everyone else:
I'd like to setup my own dns service. Now I found a guide online to setup debian 'Sarge' which would do the job. Unfortunately debian being idiots allow you to download the netinstaller but not the actual packages the installer needs (it tries to download them and all the mirrors are useless). So.. after realizing that debian is out of the window I decided to go with an older idea... but I don't know if its workable.
Bind running on linux can be setup to use mysql instead of zone files (which requires restarts for every change). Now.. I know Bind can run on XP (which is far simpler for most folk to use) but I can't find a way of getting it to work with mysql or any other database. Obviously using a database is a much preferred method as changes to zones has immediate effect and is instantly available on the next query.
So.. can this be done? Why? Well... Freedns is great... but it limits you a bit. Plus I'd like to allow users to create subdomains on my website - not something that can be done with most DNS providers as they don't provide any automation interface.
I need a new signature... i'm bored of the old one!
14 REPLIES 14
samuria
Grafter
Posts: 1,581
Thanks: 3
Registered: ‎13-04-2007

Re: Running Bind.... Some questions

I think to help you we need to know what you are trying to achieve. If you dont understand full what you are trying to do and run a dns server you can run into all sorts of trouble. Unless you have a very good reason to run it I would leave it alone by asking questions it show you dont have a lot of knowledge on the subject and probably dont know the risk you would be taking.
If you just want it to learn about dns  then just run it locally  and not updated via the internet until you fully understand what your doing.
You can have a fixed IP depending on your package and that  would normally be enough for most task as you just use port forwarding to any servers etc
MrC
Grafter
Posts: 525
Thanks: 4
Registered: ‎17-07-2008

Re: Running Bind.... Some questions

TBH running a BIND/DLZ server instead of BIND + zone files would only really be necessary if you were hosting lots (ie 1000s+) of domains that also needed lots of parallel updates and/or short TTLs which obviated you just reloading specific zone files. If you've only got a few zone files then converting to BIND/DLZ is simply pointless. BIND/DLZ also has a few overheads that can make it non-trivial (eg where are you going to locate your backup DNS server and how is it going to access your db?).
Plus, if that many active domains were dependent on my server being up then the absolutely last thing I'd want to do is to run my server behind an ADSL connection Cool However, if this is something you need to do then you might want to look at running a non-DLZ hidden primary server and making use of a commercial service (Dyndns springs to mind here) to run your secondaries.
See http://www.dyndns.com/support/kb/running_a_hidden_primary.html
As samuria said: what are your requirements?
Mike
Peter_Vaughan
Grafter
Posts: 14,469
Registered: ‎30-07-2007

Re: Running Bind.... Some questions

Depending on your package you can ask PN for 1, a block of 4 or a block of 8 static IPs at no extra cost - I have a block of 8. With 4 you only have 2 usable (1 for router, one free) as the first and last are used for network identifier & broadcasting. With 8 you have 6 usable, with 1 allocated to your router leaving 5 for you to use.
As stated above you can do a lot with just one IP and port forwarding.
DNS can be a minefield if you don't know how to protect it as there are many DNS attacks that are possible. Best to stick with the experts (PN or OpenDNS) or just play locally of you want to learn about it.
7up
Community Veteran
Posts: 15,824
Thanks: 1,579
Fixes: 17
Registered: ‎01-08-2007

Re: Running Bind.... Some questions

Hi guys
Let me address a few points here first....
a) I intend to run my own DNS servers. I don't know why you guys are trying to put me off but I will do it
b) I need an automated interface to create subdomains and DNS records. Most DNS providers will give you dynamic updates but they won't let you create and delete subdomains automatically from say a windows app. All they will give you is a program to update your IP. Frankly... thats a pain.
c) I intend to 'play' locally first before unleashing my service to selected folk.
d) Just because I'm asking how to run Bind on windows with a database instead of zone files doesn't mean I'm not aware of the risks or overheads.
The thing is guys that using zone files requires you to set the up perfectly so they can be read and understood by bind. You also need to restart bind for every change to those files in order for bind to recognise those changes. Now.. What is the point having an automated interface that lets you create and delete subdomains if you then have to manually keep restarting bind all the time?
You may think I'm crazy but please beleive me I HAVE already thought all of this through. What I'm having trouble with is figuring how to get bind to run on windows with mysql. Mysql isn't the problem - I can run that on windows with ease but unlike the linux version of bind there doesn't seem to be a windows version which supports mysql.
Any ideas?
Oh... and port forwarding isn't the same thing as a DNS server guys. It doesn't have anything like the same usefulness.
I need a new signature... i'm bored of the old one!
MrC
Grafter
Posts: 525
Thanks: 4
Registered: ‎17-07-2008

Re: Running Bind.... Some questions

Quote from: okrzynska
You also need to restart bind for every change to those files in order for bind to recognise those changes. Now.. What is the point having an automated interface that lets you create and delete subdomains if you then have to manually keep restarting bind all the time

Minor point: reloading a zone on Bind under Unix certainly doesn't require reloading all zones (is it different under Windows?).
Mike
zubel
Community Veteran
Posts: 3,793
Thanks: 4
Registered: ‎08-06-2007

Re: Running Bind.... Some questions

Some recommendations:
1.  Look at PowerDNS
2.  Increase your bandwidth allowance.  A lot.. No seriously, a lot...
3.  Decide whether you want to use a caching nameserver or an Authoratative nameserver.
4.  See 2, double it.
5.  Consider whether you want your DNS server to operate reliably.
6.  After 5, reconsider Windows and look back to Linux.
7.  See 1 again
8.  Repeat 2, double it again.
B.
7up
Community Veteran
Posts: 15,824
Thanks: 1,579
Fixes: 17
Registered: ‎01-08-2007

Re: Running Bind.... Some questions

Anyone got anything USEFUL to add other than sarcasm?
@BZ, I'm aware of the bandwidth issues. I'm also aware of the linux v winblows thing however at_the_moment I just want to get a basic working setup.... working. I'll deal with the bandwidth issue as and when I come close to my limit. Seeing as my website is lucky to receive 2 or 3 hits a week at the moment I don't consider it to be a big issue do you?
Of course barry.... you're always welcome to setup a vmware machine for me ready to roll...
So... here we go again: Can I get bind running with mysql on windows?
I need a new signature... i'm bored of the old one!
zubel
Community Veteran
Posts: 3,793
Thanks: 4
Registered: ‎08-06-2007

Re: Running Bind.... Some questions

Quote from: Barry
1.  Look at PowerDNS

Seriously, that is probably the best advice I have to give.  You can run PowerDNS on Windows, with a mysql backend.
The reason that people are trying to dissuade you from doing it is because it is "A Very Bad Idea (tm)".  I appreciate you're going to do it anyway, but I would rather you were forewarned about the potential issues.
I run a DNS server on a hosted server in the Netherlands, serving DNS data for a fairly quiet guild-only website.  The DNS server reports traffic of around 27GB/month, mainly zone transfer requests from other misconfigured DNS servers that don't honour the TTL in the zone.  YMMV, however.
B.
samuria
Grafter
Posts: 1,581
Thanks: 3
Registered: ‎13-04-2007

Re: Running Bind.... Some questions

The reason we are trying to put you off is most of us have over 18 years experience working on million pound networks with loads of resources and we know the dangers. Even big firms with loads of professional highly qualified    staff get it wrong and get attacked.
You may not like what we say but it is our professional opinion with all our experience it is not sarcastic but very good advice. Setting up dns for Barclays bank took 30 people over 6 months testing and planning so we got it right which gives you an idea of how hard it can be to ensure its safe
MrC
Grafter
Posts: 525
Thanks: 4
Registered: ‎17-07-2008

Re: Running Bind.... Some questions

Quote from: samuria
Setting up dns for Barclays bank took 30 people over 6 months testing and planning

That's a bit more than it took the first time round Wink
Mike
7up
Community Veteran
Posts: 15,824
Thanks: 1,579
Fixes: 17
Registered: ‎01-08-2007

Re: Running Bind.... Some questions

Quote from: samuria
Setting up dns for Barclays bank took 30 people over 6 months testing and planning so we got it right which gives you an idea of how hard it can be to ensure its safe

Thats fair comment... and I respect that but I'm not running a bank where millions or billions of pounds could be hacked into a foreign account!
My primary reason for wanting to set this up is for my own personal experimentation and learning. Eventually I do intend to allow a small selected group of users to also have the use of it but only via a web interface or win32 app.
I need a new signature... i'm bored of the old one!
MrC
Grafter
Posts: 525
Thanks: 4
Registered: ‎17-07-2008

Re: Running Bind.... Some questions

Quote from: okrzynska
My primary reason for wanting to set this up is for my own personal experimentation and learning.

TBH, that's an excellent reason for doing it (and I've been using that reason since ooh 1989)  Smiley
Good luck!
Mike
pierre_pierre
Grafter
Posts: 19,757
Thanks: 3
Registered: ‎30-07-2007

Re: Running Bind.... Some questions

that one heck of a horrible learning curve Undecided Undecided Undecided
7up
Community Veteran
Posts: 15,824
Thanks: 1,579
Fixes: 17
Registered: ‎01-08-2007

Re: Running Bind.... Some questions

Quote from: MrC
Quote from: okrzynska
My primary reason for wanting to set this up is for my own personal experimentation and learning.

TBH, that's an excellent reason for doing it (and I've been using that reason since ooh 1989)  Smiley
Good luck!
Mike

Wink
True though... You can't always learn about technology unless you give it a try and see it in action. I know people here are throwing their arms up about the security and stability aspects etc but we all have to start somewhere.
Quote from: pierre_pierre
that one heck of a horrible learning curve Undecided Undecided Undecided

But we can't all know everything about computers over night. Learning is a continual process.
I need a new signature... i'm bored of the old one!