[mdlug] Setting up a home network

Jeff Hanson jhansonxi at gmail.com
Sat Jan 24 17:34:55 EST 2009 

On Sat, Jan 24, 2009 at 5:12 PM, Michael <newmaniese at gmail.com> wrote:
>
> It would be cool and ease my paranoid mind to have a computer with Squid and
> a Firewall setup between the network and the internets. But, the desktop
> computer is the only one in any shape to handle our traffic reliably and I
> like playing with it too much to reliably have it between the network and
> the internet. (My wife will yell at me when I mess things up :) ). So the
> router will have to do for now. Thanks for your help. I was able to get into
> my computer from outside and I am giddy about that.
>

Allowing an external connection into your LAN is risky but as long as
you are using SSH with keys you are relatively safe.  Passwords are
too easy to brute-force unless they are ridiculously long random
characters.

>
> Ok I have bind installed on my desktop machine and have things set up. When
> I run `host -l newman.lan` locally though it throws an error:
> ;Transfer failed
> Host newman.lan.hsdl.mi.comcast.net not found: 9(NOTAUTH)
> :Transfer failed
>
> I know I am making a stupid mistake and I can't figure it out. Here are my
> configuration files if anyone has the time: http://dpaste.com/112594/

Since I was using IPCop I didn't have to configure anything so I'm not
sure.  I think you may need to specify a forwarder to your ISP DNS
server.  Your router may have DNS and DHCP built-in so that may be an
easier solution than bind.  Regardless your DHCP server needs to tell
clients the address to your internal DNS server (which can be itself
if the same device also provides DNS).

> The other thing that I know is going to cause a problem is the DHCP on the
> wireless network. I don't think I can have people come and go and add the
> settings if it wasn't dhcp, but that would obviously make it difficult to
> name computers on the network.
>

The DHCP clients should take their existing hostname and add it to
your internal domain name as returned by the DHCP server to
automatically determine the FQDN.  Of course you should have your
wireless encrypted to keep everyone from browsing your LAN.

More information about the mdlug mailing list