Set up Nameservers

v7-rc2

(liviu) #1

Hi guys,

I’m new to nethserver. I am trying it right now in a virtual machine to see if it’s what i need.
So… i’m using the lastest version (that is 7 which is in RC). Most of it looks pretty good (thoough i have to mention there is a bug with Account provider: Samba Active Directory which i can’t install because of Jabber chat server i think)…

Anyway my real problem is setting up nameservers. So the question is: can nethserver act as a nameserver? Can i host my own nameservers? i know that maybe this is not a big problem for most of the people but for me it’s a big one because my registrar is just a plain and simple registrar and i can’t change it (basically my registrar registered my domain but it doesn’t host any nameservers so i can’t point my domain from their panel to my IP… form their panel i can only mention the nameservers)


#2

Hi,

What do you mean with “nameserver”?
Do you mean DNS, Domain Name Server?


(Gabriel GHEORGHIU) #3

Hi Lucian,

Welcome aboard!

Unfortunately NS can’t act as an Authoritative DNS server.

Please read this topic: External DNS Management

Kind regards,
Gabriel

EDIT:

Other useful topics regarding this subject:

Replace dnsmasq with BIND9
bind9+facileManager webui


(liviu) #4

Thanks a lot, Gabriel! (Multumesc mult!)

I guess i have to try other solutions!


(Gabriel GHEORGHIU) #5

You are welcome!

I still use Windows 2k3 Server as Authoritative DNS Server (till now, the best solution for me).
And I still looking for a (Linux with GUI) solution to replace it!


(liviu) #6

You should try Debian+Ispconfig3 (i know it does more but you should give it a try)


#7

In the dnsmasq man page…
http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html

Dnsmasq can act as authoritavive DNS.


(Gabriel GHEORGHIU) #8

Hi Jim,

You’re right. Dnsmasq can act as Authoritative DNS Server, but partial ( https://en.wikipedia.org/wiki/Comparison_of_DNS_server_software).
But here, we are talking about NethServer and as Giacomo said, “Sadly we never designed current DNS implementation for such scenario.”, …


#9

And the same behavior occure:
It’s just an option to set or not.
Is it the developper to choose how to use NethServer or is it the user to choose how to use Netserver?

Why not let Nethserver versatile with the option to set or not, and offer the choice for the final user?


(Giacomo Sanchietti) #10

If you let dnsmasq behave as authoritative dns, the adminsitrator must deeply understand how the dns protocol works and be able to configure many options which are actually hidden to the users :frowning:


(Filippo Carletti) #11

I use zoneedit.com for my domain, it’s free.
NethServer comes with Unbound DNS (https://www.unbound.net/), which can be configured to be an authoritative dns (you can find some docs on the net).


#12

Since Nethserver 6.5… I don’t remember read something about the change from Dnsmasq to Unbound…
But it can be a fail of mind :smile:


(Gabriel GHEORGHIU) #13

You’re right!

http://docs.nethserver.org/projects/nethserver-devel/en/v7rc/dns.html#dns-server


(Giacomo Sanchietti) #14

Unbound is running along with dnsmasq for spam checks when using the mail server.


#15

:joy::joy::joy:
Don’t try to have the last word

Or I will climb back my old white horse, and come back with my “cruzade”

  • Sysadmin are not dumber
    And
  • Improve the communication

:smile:


(Michael Kicks) #16

A little hint for the developers: could unbound be a useful replacement-with-upgrade of dnsmasq?

First feature could be DNSSec


(Filippo Carletti) #17

It could, but NethServer depends heavily on dnsmasq and its features.
That’s why we use both. We could change how we link them together.
Dismissing dnsmasq completely will be a huge work.
We can start with a plan today, I’ll happily contribute to the discussion.


(liviu) #18

It looks like unbound can’t act as an authoritative dns… anyway it would be great if you could add such capabilities to nethserver in a future version(zentyal can do it but your distro is much better)


#19

I think it could be a good idea… a small enterprise and bigger ones need autoritative DNS


(Filippo Carletti) #20

I think we can try to follow this document:
https://www.22decembre.eu/2014/04/14/local-dns-setup-with-dnsmasq-nsd-and-unbound-en/