Re: DHCP + DNS server on same box?

[Chuck Yerkes <chuck+obsd@snew.com>]

It's not a firewall if it's running IMAP, mail, and everything
else.  It's a box with two interfaces that does NAT.  That may
be just fine.

You just serve your zones and have a forwarder line in.

There is no OpenBSD issue here, it's just a Unix question.

What issue did you run into?

Quoting Gary Hennigan (gary@ieee.org):
> If my ignorance as a new OpenBSD user shows ignore it...
> 
> I'm in the process of setting up my home LAN. Here's what it'll look
> like:
> 
>         To Cable Provider
>         |
>         | DHCP
>         |
>      ---X-----
>     |  xl0    |
>     |         |
>     | OpenBSD |
>     |         |
>     |  dc0    |
>      ---X-----
>         |
>         | 192.168.x.1
>         |
>       --X---
>      | HUB  |
>      |      X----- 192.168.x.10
>      |      |
>      |      X----- 192.168.x.11
>      |      |
>      |      X----- 192.168.x.x
>      |      |
>       ------
> 
> In addition to serving as my firewall I'd like my OpenBSD box to
> server as a DNS server and a smarthost for internal to external email,
> as well as an IMAP server for my internal network. I'm sure there are
> security implications for running all these services on the firewall,
> but I'm handy enough with nmap that I think I can minimize these. The
> reason for configuring things this way is that the OpenBSD box will be
> the only box up 24/7.
> 
> I want to configure BIND such that it serves as the DNS server for my
> internal network and forwards all other requests on to my cable
> providers DNS servers. If everything were static it'd be a snap, but
> I've never used a box that's connected via DHCP for this purpose.  Has
> anyone done anything like this that's willing to share some tips? Am I
> going to be stuck hacking the dhclient-script so that instead of going
> into resolv.conf the nameservers are placed into the bind
> configuration file as forwarders and then restart bind?
> 
> Thanks!
> Gary Hennigan