Howdy,
DHCP:
do you currently use subnetting or any other method to prevent broadcasts from
spreading over the entire network (e.g. VLAN). That would probably not be a bad
idea anyway since especialy Windows machines tend to send a lot of broadcast
packets. If so then you should have no problem using multiple DHCP servers as long
as every broadcast only reaches one server. I'm not sure what will happen when
2 DHCP servers are reachable. I believe there is an option to run a dhcp server as
a "proxy" but I'm not sure whether that applies here (we have a relativly small
network).
DNS:
I would suggest setting up 2 DNS servers anyway: 1 in your main network and 1 in the
DMZ (de-militarized zone) of your firewall. That would have some advantages anyway:
- better security, if somebody hacks into your external DNS, the internal network
won't
go down; also in our DNS we register the type of machine+OS for every host since we use
this in scripts, however you might not want to reveal this info to people outside your
organization. With a separate external DNS you only publish the info that is needed
outside (e.g. no printers, development boards...)
- stability, you can play as much as you want with your internal DNS without
affecting the external DNS, remember that if your DNS goes down completely your mail
is gone too!
It will also be a lot easier to implement since you probably want to publish another
IP-range to the Internet as to the internal network. I'm not sure whether you can do
this at all with only 1 DNS.
Note: you don't need a heavy machine machine to run a DNS server. We run our DNS on an
old pentium 66MHz (ofcourse it doesn't do anything but DNS, and we are only a small
department of Sony :-). That way we also do not
run the risk of having to reboot the machine because of some other secondary service.
Since the day we installed it 2 years ago we only had to reboot a few times because
of power failures :-).
Hope this helps,
Nico
On Mon, 29 Nov 1999, Larry Pesce wrote:
> Linux Gurus!
>
> I'm in need of some advice, and this is the best place I could think of to
> turn.
>
> Ok, here's the skinny:
>
> At my organization we are looking to implement both DHCP, and DNS (separate
> questions), and I have some concerns.
>
> DHCP:
>
> We have a large campus environment across several blocks, and most of the
> more remote locations are connected together by 10M ethernet via microwave.
> These links are pretty heavily utilized, so in our quest to implement DHCP,
> the thought has come up to locate multiple DHCP servers throughout the
> network. For example, putting a DHCP server in the most remote building, to
> service "just that building" and not having to propogate the DHCP traffic
> across the smaller network pipes. Additionally, we would have another DHCP
> server in the main data center to answer requests for the directly connected
> floors/buildings. All of our network hubs are 10M switched to the desktop,
> and for the most part a 100M collapsed backbone, with a few 10M backbone
> links.
>
> Will there be any problem with running multiple DHCP servers across the
> network? I'm not wanting to have to add specific MAC addresses to the
> server each time a new machine goes on to the network at any location. I'm
> thinking that a request would go out, and get 2 responses (albeit at
> slightly different times), and our traffic is still going to propogate over
> the slow links, regardless. Am I right?
>
> DNS:
>
> Currently we are usind NAT with a firewall, and our internal network is
> 159.139.0.0 (which we don't own - the previous net admin just picked them
> out of a hat, and yes I am planning on replacing them with RFC1918
> addresses..) and we would like to set up our own DNS servers to resolve to
> some internal hosts, as well as provide name resolution for FQDN's out on
> the internet - sort of a mix of a internal DNS and an external DNS all in
> one "box". Would I have to have 2 seperate boxes? I also don't want our
> "internal" hosts FQDN's propogated outside of our network. Any suggestions,
> tips, etc?
>
> Thanks for any suggestions, in advance!
>
> - Larry
>
>
> --
> To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
> as the Subject.
>
>
--------------------------------------------------------
"It has been said that there are only two businesses
refer to customers as users: illegal drug trade and
the computer industry."
--------------------------------------------------------
Nico De Ranter
Sony Service Center (SUPC-E/NSSE)
Sint Stevens Woluwestraat 55 (Rue de Woluwe-Saint-Etienne)
1130 Brussel (Bruxelles), Belgium, Europe, Earth
Telephone: +32 2 724 86 41 Telefax: +32 2 726 26 86
e-mail: [EMAIL PROTECTED]
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
