Login or Register to Ask a Question and Join Our Community


Red Hat

Configure OpenDNS

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Linux Red Hat Configure OpenDNS
# 8  
Old 01-12-2011
Doesn't forwarding everything mean it does no caching to reduce load on the opendns, and no filtering?

Often, it is good security to have some systems only on the internal DNS, not exposed.
# 9  
Old 01-13-2011
Quote:
Originally Posted by DGPickett
Doesn't forwarding everything mean it does no caching to reduce load on the opendns, and no filtering?
Yes, my mistake. It should look like this so local domains can still be looked up:

Code:
options {
        forwarders {
            <first ip of opendns>;
            <second ip of opendns>;
        };
    };

Filtering is done on the opendns server as that is what the OP wants. Even with forwarding everything the filtering is still done on the opendns server but the problem there is no local domains would be looked up.
# 10  
Old 01-14-2011
As I recall, forwarders makes that DNS do recursion-desired calls, which ensures it does not start talking to Internet DNS independently, but the answers are cached to keep the load on the target down.
# 11  
Old 01-18-2011
MySQL
Use forwarders , it's good idea.
# 12  
Old 01-18-2011
Either that, or opendns inside as well, so you have the filtering features you feel you need. Having extra DNS servers should either:
  • serve a security need (names and addresses for internal consumption only), or
  • deal with network and server load reduction and client performance. For instance, at each physical location, it is nice to provide satellite services, like caching DNS to enhance client speed and reduce intranet WAN traffic. To direct local clients to the local DNS, one may need a local DHCP. A local caching web proxy is another common good candidates for a local satellite. Of course, if your WAN is the Internet, you need a local firewall/VPN/router. A linux box can do all these things very cheaply, even in a MAC or WinDOS milieu. Ditto for SAMBA local server disk.
Last edited by DGPickett; 01-18-2011 at 12:31 PM..
# 13  
Old 01-18-2011
Quote:
Originally Posted by DGPickett
As I recall, forwarders makes that DNS do recursion-desired calls, which ensures it does not start talking to Internet DNS independently, but the answers are cached to keep the load on the target down.
No, when the information you are looking for cannot be found locally the requests are then forwarded to the forwarders to resolve.
# 14  
Old 01-18-2011
Yes, forwarding, for the "forwarding DNS" when resolving simple client recursion-desired calls, is making its own, supporting, recusion-desired calls of the "forwarded-to DNS", so the "forwarding DNS" is not burdened with, or motivated toward, contacting outside DNS servers. This is very common behind firewalls.

When the call to the "forwarding DNS" is NOT recursion-desired, meaning it is from another DNS server or other high level functioning client, I am not sure, offhand, if it may direct the caller to the "forwarded-to DNS", but I doubt it, as the routing and firewalls might not allow that, and that is not the spirit of "Forwarding".

Usually, you want DNS traffic with the Internet to happen either on the firewall host DNS (nothing through), or through the firewall between specific internal DNS servers (last internal tier) to specific external DNS servers only (local in DMZ or at the ISP). The firewall is a router to the Internet, so you may have two for redundancy, both for traffic and DNS.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

./configure

hello, I'm trying install apache http server version 2.2.22. I downloaded the file httpd-2.2.22.tar.bz2. I unzipped this file.. When I type "./configure", the following error occurs: # ./configure --prefix=/opt/work/apache2.2.22 checking for chosen layout... Apache checking for... (1 Reply)
Discussion started by: Adriano Schmidt
1 Replies

2. Red Hat

Configure RPM

Hi..i need to install package (*.rpm) on RHEL 6.2 . I have those patches available in RPM disc. When i try using below command rpm -ivh <package name> it give me following error no key warning:user mockbuild does not exist - using root warning:group mockbuild does not exist - using root... (3 Replies)
Discussion started by: deljatt
3 Replies

3. Solaris

Configure virtual ip - second ip

Hello Group, Could you please help me with the procedure to configure a virtual ip (second ip) under the same interface in Solaris 11. Thanks in advance ! (2 Replies)
Discussion started by: csierra
2 Replies

4. Linux

how to configure wireless now ?

Hi, I've installed wireless card and I didn't receive any error in the installation process. Now I want to use it but I can't make internet to work. if I check my card with iwconfig I get the following message wlan0 IEEE 802.11g ESSID:"Alice-34376718" Mode:Managed ... (2 Replies)
Discussion started by: aneuryzma
2 Replies

5. Programming

How to configure emacs? Thank!

I am using emacs to write c++ code. How to configure it to let the system highlight C++ keywords, variables, etc; and let it automatically indent, just like a common C++ IDE does? Any suggestions? Thanks! (1 Reply)
Discussion started by: meili100
1 Replies

6. HP-UX

HP-UX 10.20 Network Configure

Hi I'm new about UNIX, but I've to use a HP9000 with HP-UX 10.20 workstation. I'm trying to configure the network, I've configured the file /etc/rc.conf.d/netconf with my IP address and the right gateway, so the HP9000 is on the net, I've tried a ping. But now I've a problem I can't start hte CDE,... (4 Replies)
Discussion started by: gofmass
4 Replies

7. UNIX for Advanced & Expert Users

How to configure dktab

Hi: I need some information about how to configure a dktab archive to make mirroring with ide disk. I have to know the necesary steps to make that. Thanks. (2 Replies)
Discussion started by: dvl
2 Replies

8. UNIX for Dummies Questions & Answers

./configure error

my compiler won' t let me configure. This is what occurs when I type ./configure Alex@BADPERSON /postgresql-7.2.1 $ ./configure loading cache ./config.cache checking host system type... i686-pc-cygwin checking which template to use... win checking whether to build with locale support... no... (3 Replies)
Discussion started by: achink125
3 Replies

9. UNIX for Advanced & Expert Users

How to configure DNS

My OS is sun solaris7,(sun sparc),i want connect inernet and my computer in my company intranet.After i configure proxy server,i still can't conncet internet.I guess whether the DNS is configured correctly. who can help me???Thank you very much!!! (6 Replies)
Discussion started by: q30
6 Replies

10. UNIX for Dummies Questions & Answers

IP configure

Hi people I am having problems getting a few Sun Station to work again. We just moved to a new building with new IPs and new gateways. I need to change all these settings. Could some one please tel me what files I have to change. It is a Solaris 5.7 machine. Thanx O:confused: (2 Replies)
Discussion started by: Orange
2 Replies
Login or Register to Ask a Question