Does a home network router need to run a DNS server for robust name resolution ?

Hello

I am setting up a home network with a gateway machine that acts as a
firewall and NAT forwarding host. I have set up a DHCP server and a DHCP
client on this machine. The client talks to eth0, which is the connection
to the cable modem. The server listens on wlan0, which is a wireless
network device (Netgear MA311) running hostap drivers as an access point.
The DHCP server works - wireless clients are able to connect and get IP
addresses. On the router, I am running guarddog and guidedog to make
firewalling and IP masquerade easier.

My /etc/dhcp3/dhcpd.conf :

ddns-update-style interim;
ignore client-updates;
option domain-name "domain.edu";
option domain-name-servers 192.168.1.1;
option routers 192.168.1.1;
default-lease-time 28800;
max-lease-time 86400;
authoritative;
log-facility local7;
subnet 192.168.1.0 netmask 255.255.255.0
{
option broadcast-address 192.168.1.255;
option routers 192.168.1.1;
range 192.168.1.3 192.168.1.5;
}
host host2
{
hardware ethernet xx:xx:xx:xx:xx:xx;
fixed-address 192.168.1.2;
}

From client host2 above, I can ssh into any server on the Internet as long
as I use its IP address. However, when I use the FQDN, I get a temporary
failure of name resolution. This means that while my wireless clients can
get through to the Internet, the router does not resolve names for them.

As an experiment, I then placed an internet (non class C address) nameserver
from the router's /etc/resolv.conf (generated by its dhcp client from the
ISP's response) into the option domain-name-servers line, restarted the
DHCP server, got another lease on the client, and name resolution on the
clients worked perfectly. However, this is a fragile solution - the day my
ISP changes its name servers, my clients will stop getting name resolution
again.

Do I need to set up a DNS server like bind on the router for name resolution
to occur or can the DHCP server be tweaked to forward all name resolution
requests to its own nameserver on the Internet in a robust fashion
(something that makes the option domain-name-servers line dynamic,
dependent on the current contents of its /etc/resolv.conf, for instance) ?
If so, can you point me to a resource that explains this ?

GC

On Sun, 23 Apr 2006 14:19:43 -0400, Geico Caveman <(E-Mail Removed)>
wrote:

>Hello
--==snip==--
>As an experiment, I then placed an internet (non class C address) nameserver
>from the router's /etc/resolv.conf (generated by its dhcp client from the
>ISP's response) into the option domain-name-servers line, restarted the
>DHCP server, got another lease on the client, and name resolution on the
>clients worked perfectly. However, this is a fragile solution - the day my
>ISP changes its name servers, my clients will stop getting name resolution
>again.
>
>Do I need to set up a DNS server like bind on the router for name resolution
>to occur or can the DHCP server be tweaked to forward all name resolution
>requests to its own nameserver on the Internet in a robust fashion
>(something that makes the option domain-name-servers line dynamic,
>dependent on the current contents of its /etc/resolv.conf, for instance) ?
>If so, can you point me to a resource that explains this ?
>
>GC

Perhaps you should look at dnsmasq. It does both DHCP and DNS
caching. We don't use its DHCP here but the DNS cache is a marked
improvement, especially when the connection is busy. Build your own
executable from the latest source if you do this. Employ as many
upstream DNS servers as you can because the first one to answer will
be used. Before we did this, for a remote host not in the cache,
often a RELOAD was required because name resolution took too long.
--
buck