Topic: Plans to build a NAT router for first time - Has a question about DNS

Hi all

I'm going to build my first NAT router with old 433 MHz P3 box, a wireless pci card (ral driver) and a couple Ethernet cards for interfaces. OpenBSD will be the choice of OS. I want to use this so my laptop can run OpenBSD and use wireless at my home. I got all information I need to build a NAT router such as using dhcpd, PF and authpf. big_smile

I wonder if I really do need a DNS server (bind) for this? If yes, why do I need it for a NAT router?

Thanks

| There's no place like /home | There's no place like /home | There's no place like /home |

Re: Plans to build a NAT router for first time - Has a question about DNS

No, you don't need a DNS server. However, they can be useful: If you want to assign your internal IPs hostnames, a proper DNS server is handy as soon as you have a couple of machines, because the alternative is putting the host names into every single machine's /etc/hosts file.

You don't have to set up bind to get internal hostnames btw, there are other DNS servers which are simpler to use, like Dnsmasq. Naturally, the simpler DNS servers are also less powerful, but as long as you're not using zone transfers etc. that probably doesn't matter smile

Re: Plans to build a NAT router for first time - Has a question about DNS

Thanks Maxlor!

That's what I thought. I only have a PC tower and a laptop, so DNS isn't that important. Although someday, I'll like to try it for fun and dnsmasq is probably what I would need for home network.

| There's no place like /home | There's no place like /home | There's no place like /home |

Re: Plans to build a NAT router for first time - Has a question about DNS

I really noticed a difference when I switched from my ISP's DNS to my own internal DNS. I was running it on a 24Mb, 25Mhz mac68k box running NetBSD 1.6 so it doesn't take much but it made lookups much quicker. These days I just run it on a NetBSD Xen VM and have a secondary running on the OpenBSD firewall. I have some host names in my pf rules and I don't want it to fail loading my rules because it can't resolve some addresses.

It may not be necessary but it's sure nice to have. wink

Re: Plans to build a NAT router for first time - Has a question about DNS

I was using a similar setup. Then FreeBSD changed the boot order so that the firewall is activated before bind is started. While it makes perfect sense to bring up the firewall before any network services are launched, it is a bit of an inconvenience. Oh well... my point is: don't rely on the DNS server in your firewall rules.