Running DNS locally for home network

I have a small home network that just got larger (new roommate, my existing roommate got a laptop (on top of her computer), my friends coming over with laptops, etc.).

I'd like to run a local DNS server for lookups of my local network stuff (fileserver.local, windowsTV.local, machineA.local, machineB.local, appletv.local). I used to have a business line with a static IP, and run bind/named internally. However, now I have a normal account.

My ISP's DNS servers are constantly changing (for whatever reasons my ISP doesn't like to keep the same IP range for long). I need my local DNS to be automatically updated to use my ISP's DNS for external traffic, but be able to maintain an internal DNS server (getting to update the hosts file is being a hassle with every new machine on top of rebuilding existing machines with win7 or Ubuntu 9.04).

Additionally, My ISP's DNS servers often crash or become unresponsive. Are there any open DNS servers that are reliable (I don't want to reconfig every day) that I could use as my primary, then if those fail, then use my ISP's?

UPDATE: Also looking for each workstation to be able to use dhcp to connect, but instead of getting ISP DNS servers, getting my internal one....

5

15 Answers

If you want internal fake domains to work you can't configure your workstations with any DNS servers except your own. Once you set up BIND it can work by itself and you don't need your ISP's or any other non-authoritative DNS servers at all.

4

Basically you need to run your own DHCP and DNS server. You're already running your own DHCP server if you have a typical router that gives out private IP addresses.

Your DHCP server must be configured to hand out your router IP as the gateway address, and your DNS server IP as the DNS server address, obviously.

Your DNS server must be configured to resolve a non-official top-level domain locally, such as .local, and then forward any other requests to another DNS. In BIND you need to add a forwarders { } section to your `/etc/bind/named.conf.options' which contains the public DNS servers you want to use to resolve non-local addresses. As other comments suggest, if you don't want to forward to your ISP's DNS servers, you can use OpenDNS, Google's public DNS servers, or 4.2.2.1/4.2.2.2 (I forget who does those).

If you are running your own DNS server, you need a box that will be on all the time, as all DNS queries on your home network will go through it. This box needs a fixed IP on your home subnet. Make sure it can't get bulldozed by DHCP, and the box itself should not be getting an IP via DHCP. If your DHCP is configured to hand out addresses from 192.168.1.1 to 192.168.1.100 for example, then give your DNS server the IP 192.168.1.101. In the usual situation of home routers you just need to simply tell the router that the DNS server is 192.168.1.101 and reboot.

If you can get a local DNS running on your broadband router, great, but a DNS server might benefit from lots of RAM for caching queries, depending on which DNS software you use. On my network I just use straight BIND. Sounds like you might have a little experience with that and for me it works great.

5

Are there any open DNS servers that are reliable

You said it: OpenDNS.

208.67.222.222
208.67.220.220
8

Unbound is pretty easy, supports bind style config files and fairly reliable. If the server will be a stand-alone 'gateway' type box, and you'd like a few extra niceties, you might want to take a look at the firewall/gateway distro called untangle as well.

1

If you are running Windows - you should take a look at Simple DNS Plus - it is a full DNS server that also comes with a DHCP server plug-in - and has an easy-to-use GUI.

[Note: the product is developed by the author of this post]

2

If you have a linux box then you'd want to setup DNSMASq got your local addresses and use it as a forwarding/caching DNS server for external addresses. This is also often what is used on linux distributions for home routers such as openwrt/ddwrt/tomato.

Alternately, on mostly Apple/Mac networks you'd be using Bonjour/Zeroconf which both Linux and Apple computers can communicate on for broadcast level DNS/service resolution.

That being said, on a purely hybrid network with all three OS running, you'll definately want a local DNS server with forwarding to either OpenDNS, GoogleDNS, or your local ISP DNS depending on your location/needs.

Some free DNS servers you can use for forwarding:

1.1.1.1 - Cloudflare
1.0.0.1 - Cloudflare
4.2.2.1 - Layer 3
4.2.2.2 - Layer 3
4.2.2.3 - Layer 3
8.8.8.8 - Google
8.8.4.4 - Google
208.67.222.222 - OpenDNS
208.67.220.220 - OpenDNS
1

4.2.2.1 & 4.2.2.2 are what I use

edit: that is, in regard to public servers. Easy to remember and I don't think I've seen them fail since I've been using them.

4

Any Broadband router delivers both DNS & DHCP services for the local network. If you want INcomming connections from internet to local machines you need a router that also supports DynDNS and Incomming PortForwarding.

If you pick one from the DD-wrt supported hardware list you can flash it with that Firmware and it will support any feature you could ever need in your small network.

1

For hostname resolution maybe mDNS/DNS-SD using avahi could solve the problem more easily:

Check if you already have the service running:

systemctl status avahi-daemon.service

If not, install avahi-daemon (service) and avahi-utils (avahi-browse command) packages. Once the hosts has the service and hostname set correctly:

avahi-browse --all --ignore-local --resolve --terminate

Related links

In terms of getting started quickly I ended up using a pihole deployment with extra lists, as described in

In this solution you get ad-block as "unnecessary" extra, but maybe it is more people than me who don't mind.

Start by installing pihole on some machine as described here and get it up and running.

When you're finished with getting pihole to work, extend the pihole configuration as below (example on a debian system, with a .lan domain):

Create a file /etc/dnsmasq.d/02-lan.conf with content

addn-hosts=/etc/pihole/lan.list

Then create another file /etc/pihole/lan.list containing your local mappings, such as

192.168.1.100 nas.lan
192.168.1.101 somethingelse.lan

if you e.g. have a nas sitting at 192.168.1.100.

Conclude by restarting the piholes dns service using sudo pihole restartdns

Update June 2020

Version 5 of pihole seems to have a GUI feature for this in the admin panel, adding to /etc/pihole/custom.listSee e.g.

For running a DNS server on your LAN, take a look at 'pdnsd' which is a nameserver for *nix.

If you download the DNS benchmark program from link text, it will benchmark a list of public DNS servers as well as your local DNS server. After running this program, try putting a copy of the fastest servers into the DNS setting on your router and then renew your DHCP session and running the test again.

If your router allows it, add both the router and one of the fast external DNS servers to the list of DNS servers that it hands to DHCP client (but pick a different one from the one that you entered for the router DNS server addresses).

Maybe I'm saying something stupid. In this case I would simply add IP and names to the hosts files on the individual machines..

192.168.0.120 tv.local

192.168.0.80 studiopc.local

1

I had a similar problem. I bought an OpenWRT compatible router and installed OpenWRT. It offers static IP binding along with name resolution in the router, which enabled me to give names to my computers and devices in the network as I wish.

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy

You Might Also Like