Should I make my server a DNS server

S

scharfshutze009

2[H]4U
Joined
May 22, 2010
Messages
2,079
I have a 4U server with Intel Xeon Dual 2603v2's, 32 GB of RAM, and four 2 TB SSHD's with 1 in RAID passthrough and the other three in RAID 5, but for some reason I can't see the other 3 drives. Should I make it a DNS server though because I don't know if I want to manage my own DNS server and I really only intended the server to be a TFTP server for my Cisco Lab. Also, at the moment my server is not resolving DNS from the ISP, but it can dig or nslookup the ISP's IP or IPs.
 
Unless you need to, absolutely no. I'm curious why you are spending money on such hardware when a raspberry pi would have done everything you need to do to train for the server job... Your machine has production specs.
 
He should have both, a recursive dns running unbound, and a separate backend authoritative dns running nsd.
 
if at all i would set it up as a ScrypDNS forwarding serve. so all you network uses crypted DNS
 
B00nie said:
Unless you need to, absolutely no. I'm curious why you are spending money on such hardware when a raspberry pi would have done everything you need to do to train for the server job... Your machine has production specs.
Click to expand...

I spent all this money on such hardware for rackmounting, RAID 60, OS Guard, support for more than 1 GB RAM, operating system security, and real server hardware experience if not more.
 
tbg said:
He should have both, a recursive dns running unbound, and a separate backend authoritative dns running nsd.
Click to expand...

I've probably done both with CentOS 5.x in the past, but not CentOS 6.x or 7.x or any other Linux distro especially Ubuntu Server or SLES.
 
scharfshutze009 said:
I spent all this money on such hardware for rackmounting, RAID 60, OS Guard, support for more than 1 GB RAM, operating system security, and real server hardware experience if not more.
Click to expand...

Then a 100 dollar Ebay server would have done the job. You paid like 10 times too much for just a practice.
 
B00nie said:
Then a 100 dollar Ebay server would have done the job. You paid like 10 times too much for just a practice.
Click to expand...

No it wouldn't I got this when I searched for a $100 ebay sever and the first ones on the list don't even have these features and I didn't just buy this for practice either, but it turns out that's probably all I'm allowed to use it for until I register for a business. I see how I could have done better though by going with 2U instead of 4U and possibly getting two 6 core processors in the first place, but there's very little I can do about that now or at least not for awhile. I needed at least an Intel Xeon 2600v2 to get the processor security features I was looking for and I bought the most inexpensive processors in the series. There's not much I can say about how much I spent overall or on the rest of the hardware, but I wanted the least amount of hardware trouble and most of the problems I've had have been with the software considering it was installing the RAID card driver that gave me the most trouble, since the procedure wasn't obvious. Thanks for everyones help though. If I wanted socket 1366 systems though I would have kept my Asus Z8PE-12x motherboard as well as both the Xeon E5603 and X5580 processors to build a system off that in regards to your proposal of I could have just bought a 100 dollar ebay server except for my the E7 system I saw in the following link, which doesn't have hot swap bays though from the looks of it.

http://www.ebay.com/bhp/used-servers
 
Last edited:
As an eBay Associate, HardForum may earn from qualifying purchases.
I only have one more thing to ask about this hopefully and that is will making my server a DNS server keep me from having to resolve DNS with my ISP, so I can have internet connection if not just internal DNS resolution.
 
I am not sure what you are asking exactly. You do not need to use your ISPs DNS servers, there are plenty of free DNS servers out there. Yes you can setup your own DNS server if you want to be able to resolve hostnames on your private local lan, but you could also just stuff those host names and IPs in your /etc/hosts file.
 
Raid = should be in raid 10, not 1 drive and then 3 in raid 5
2nd - you better be virtualization that server with ESXi or Hyper-V
3rd, no, you will see no benefit, but learning, running your own DNS server.

Running your own DNS server will not keep your internet up, your ISP DNS servers and googles are far more reliant then you running 1 DNS server @ home. if your internet goes down, your DNS server does nothing.
 
OP's setup isn't work form one of two reasons:

1 He broke the connection screwing around with overly complicated networking setup
2 They are down

Running a DNS server make sure #1 more likely to happen and doesn't resolve #2.
 
Thanks everyone. It looks like I should just continue practicing DNS on my test systems and save my 4U servers DNS for when I actually get a business registered and need a DNS server for local administration if at all.
 
scharfshutze009 said:
Thanks everyone. It looks like I should just continue practicing DNS on my test systems and save my 4U servers DNS for when I actually get a business registered and need a DNS server for local administration if at all.
Click to expand...

You don't ever need local DNS server, for a business or anything, it is not worth it.
 
MrGuvernment said:
You don't ever need local DNS server, for a business or anything, it is not worth it.
Click to expand...

Not quite true, but for the most part, yeah.

If you want to take advantage of geotargetting and you don't like the way GPDNS or OpenDNS cache things incorrectly, then you should roll your own. Otherwise .. Meh. It's a learning experience.
 
There are cases when it is nice to have your own DNS, but this is not one of them, and is probably well beyond scharfshutze009's abilitys to set up.
 
tbg said:
There are cases when it is nice to have your own DNS, but this is not one of them, and is probably well beyond scharfshutze009's abilitys to set up.
Click to expand...

I did it in CentOS like 5.2 on a physical system using a mobile rack with my student hard drive that I took home and put in an equivalent system I bought on ebay, but it was a pain compared to windows editing the text file just right. However, I still rather do it on CentOS than WIndows considering how much more valuable of a learning experience it seemed and due to the cost of Windows Server. I have done it, since then because I couldn't find time to or the system capabilities to do so. Technically I wasn't allowed to run a server VM on my laptop either while connected to my apartments courtesy internet service either and now that I have a separate business class cable internet connection I have to make a new VM because I either can't remember my password or keep making typos trying to enter it which is real easy from Command Line. However, the problem with entering my password for CentOS shouldn't exist because I should have installed the GUI in the first place then CLI wouldn't be a problem or as much of a problem.
 
thebufenator said:
People concerned with securing intellectual property might want their own DNS for security. No one ever thinks of exfilling........
Click to expand...

As in a home lab or something else? Either way your internal DNS has to query root DNS servers on the internet? Unless you have an isolated home lab for testing and dev work sure...
 
scharfshutze009 said:
I did it in CentOS like 5.2 on a physical system using a mobile rack with my student hard drive that I took home and put in an equivalent system I bought on ebay, but it was a pain compared to windows editing the text file just right. However, I still rather do it on CentOS than WIndows considering how much more valuable of a learning experience it seemed and due to the cost of Windows Server. I have done it, since then because I couldn't find time to or the system capabilities to do so. Technically I wasn't allowed to run a server VM on my laptop either while connected to my apartments courtesy internet service either and now that I have a separate business class cable internet connection I have to make a new VM because I either can't remember my password or keep making typos trying to enter it which is real easy from Command Line. However, the problem with entering my password for CentOS shouldn't exist because I should have installed the GUI in the first place then CLI wouldn't be a problem or as much of a problem.
Click to expand...


Learn with CLI far more valuable and it is what you will run into in the real IT world in production.
 
thebufenator said:
People concerned with securing intellectual property might want their own DNS for security. No one ever thinks of exfilling........
Click to expand...

I assuming you mean extra data being appended to the packets themselves. Certainly another reason to run an internal recursive, but you also have to take other steps to block outbound on 53.
 
scharfshutze009 said:
I did it in CentOS like 5.2 on a physical system using a mobile rack with my student hard drive that I took home and put in an equivalent system I bought on ebay, but it was a pain compared to windows editing the text file just right. However, I still rather do it on CentOS than WIndows considering how much more valuable of a learning experience it seemed and due to the cost of Windows Server. I have done it, since then because I couldn't find time to or the system capabilities to do so. Technically I wasn't allowed to run a server VM on my laptop either while connected to my apartments courtesy internet service either and now that I have a separate business class cable internet connection I have to make a new VM because I either can't remember my password or keep making typos trying to enter it which is real easy from Command Line. However, the problem with entering my password for CentOS shouldn't exist because I should have installed the GUI in the first place then CLI wouldn't be a problem or as much of a problem.
Click to expand...

DNS servers on Linux (almost universally) run as another user, and you need to authenticate via sudo or as the user to make any changes to any configuration files.
 
I never had a problem editing the unbound/nsd configs as root, you do need to make sure that that the service user account can access them, so you just need to check the ownership/permissions. You should get working on this right away scharfshutze009.
 
scharfshutze009 said:
I did it in CentOS like 5.2 on a physical system using a mobile rack with my student hard drive that I took home and put in an equivalent system I bought on ebay, but it was a pain compared to windows editing the text file just right. However, I still rather do it on CentOS than WIndows considering how much more valuable of a learning experience it seemed and due to the cost of Windows Server. I have done it, since then because I couldn't find time to or the system capabilities to do so. Technically I wasn't allowed to run a server VM on my laptop either while connected to my apartments courtesy internet service either and now that I have a separate business class cable internet connection I have to make a new VM because I either can't remember my password or keep making typos trying to enter it which is real easy from Command Line. However, the problem with entering my password for CentOS shouldn't exist because I should have installed the GUI in the first place then CLI wouldn't be a problem or as much of a problem.
Click to expand...
Why are you creating unnecessary problems for yourself? If your password is so complicated that you can't even type it correctly, you're doing it wrong. You're running a non-production home server for school - choose a simple but secure password for convenience.
 
B00nie said:
Why are you creating unnecessary problems for yourself? If your password is so complicated that you can't even type it correctly, you're doing it wrong. You're running a non-production home server for school - choose a simple but secure password for convenience.
Click to expand...

I tried doing this and it helped for a little while, but I was still experiencing problems logging into my CentOS or Ubuntu Server VM that also had the same problem and that is why I resorted to using bare metal. However, my problem was kinda related to not remembering my password, so I still use VMs to test some installations, but not all of them and I don't know what any of you can say or do to help anymore than you already have. Some one did suggest a KVM though, but what does a KVM do for a VM and what's the difference between it and a physical KVM (Keyboard Video Mouse) switch?
 
Apparently my evaluation license for VMWare Player has expired too, which I didn't know I was evaluating it because I thought I made it clear I was a student and that I also thought they gave students rights to use the software for free. I guess I was wrong though and now I need money to upgrade to the latest from my current version.
 
KVM + QEMU == Linux Kernel Virtualization Machine :) Not Keyboard/Video/Mouse

Guys (and gals) - remember, we all started somewhere :)
 
scharfshutze009 said:
I tried doing this and it helped for a little while, but I was still experiencing problems logging into my CentOS or Ubuntu Server VM that also had the same problem and that is why I resorted to using bare metal. However, my problem was kinda related to not remembering my password, so I still use VMs to test some installations, but not all of them and I don't know what any of you can say or do to help anymore than you already have. Some one did suggest a KVM though, but what does a KVM do for a VM and what's the difference between it and a physical KVM (Keyboard Video Mouse) switch?
Click to expand...

Hint:

1) Open up your favourite text editor
2) Write your password down

Problem solved.

And KVM stands for Kernel Mode Virtualization not keyboard video mouse lol.
 
B00nie said:
Hint:

1) Open up your favourite text editor
2) Write your password down

Problem solved.

And KVM stands for Kernel Mode Virtualization not keyboard video mouse lol.
Click to expand...

Thanks, but I'll never store my passwords in a text file on my computer and that has got to be the worst suggestion anyone has offered because that is one of the biggest problems with security.
 
scharfshutze009 said:
Thanks, but I'll never store my passwords in a text file on my computer and that has got to be the worst suggestion anyone has offered because that is one of the biggest problems with security.
Click to expand...

You are not up to the job then, quite simply. Change your studies to something simpler.

You have no aspect of reality, you're building a home server for practise. How do you expect to be able to log in to any server at work if you can't log in to your own test server? Give it up.
 
B00nie said:
You are not up to the job then, quite simply. Change your studies to something simpler.

You have no aspect of reality, you're building a home server for practise. How do you expect to be able to log in to any server at work if you can't log in to your own test server? Give it up.
Click to expand...

I didn't say I couldn't log into my own test server I said I can't log into my old VM and storing passwords in a text file is and has always been a horrible idea. I know my password, but it takes me like 45 attempts to finally get logged in if I can get it typed in correctly and it never took that many in CentOS 5. Therefore, don't tell me I'm not up to the task because I disagree and think there's a flaw in the software considering no matter how carefully I type it in it takes me that many attempts to successfully log in.
 
scharfshutze009 said:
I didn't say I couldn't log into my own test server I said I can't log into my old VM and storing passwords in a text file is and has always been a horrible idea. I know my password, but it takes me like 45 attempts to finally get logged in if I can get it typed in correctly and it never took that many in CentOS 5. Therefore, don't tell me I'm not up to the task because I disagree and think there's a flaw in the software considering no matter how carefully I type it in it takes me that many attempts to successfully log in.
Click to expand...

Turn your keyboard upside down and give it a good shake. If nothing comes out, then write your password down on a sticky note and stick it to your credit card in your wallet. If a bunch of cheeto dust falls out, perhaps give your keyboard a good clean and ensure what your tying is what the computer is seeing.
 
The only reason your password would not let you in is because you are putting it in wrong, simple as that.

keepass and be done with it.
 
scharfshutze009 said:
I didn't say I couldn't log into my own test server I said I can't log into my old VM and storing passwords in a text file is and has always been a horrible idea. I know my password, but it takes me like 45 attempts to finally get logged in if I can get it typed in correctly and it never took that many in CentOS 5. Therefore, don't tell me I'm not up to the task because I disagree and think there's a flaw in the software considering no matter how carefully I type it in it takes me that many attempts to successfully log in.
Click to expand...

With a TEST server you could leave your password blank for all intents and purposes as long as you are firewalled. Your goal is to use it and learn, not enforce a tight policy while doing the learning.
 
You must log in or register to reply here.
Back
Top