DNS4Windows
Contents
DNS Service for Windows
BIND is the most common dns server used on the internet. ISC BIND is a dns (domain name system) service for Microsoft Windows. Dns is the system used to turn readable url names into ip addresses (eg: server.pmurgs.ctwug.za to 172.18.91.5). When you type in a readable name, your computer asks a dns provider to look up the ip address and then your computer makes contact with the remote computer by using it's ip address.
Why would I want my own dns service
On ctwug, we have one primary dns provider at 172.18.1.1 provided by jaja. See the DNS Wiki page for more information. This services provides both name to ip translation for ctwug addresses and internet addresses (eg: google.com into 209.85.148.99). If you are far from this provider in wug terms (i.e. many hops) you may find the dns to be extremely slow outside of gametime when the ctwug network is flooded with traffic compared to using your own internet isp dns provider. You connection to your internet service provider should be extremely quick in ping times compared to using the ctwug dns outside of gametime. Installing and setting up ISC BIND as a dns forwarder on your pc / network will allow you to have the best of both worlds in terms of speed. Basically you route internet dns queries out to your isp to be resolved very quickly and ctwug dns queries on to the ctwug dns service.
Why can't I just use my internet isp provided dns since its so fast all the time
Since ctwug allocates ip addresses in the 172.18.X.X range which is a reserved range not to be used on the internet, but to be used for private networks, there are no dns services on the internet that know how to translate your .ctwug.za.net address to a ctwug ip address. There are certain .ctwug.za.net addresses (such as wind.ctwug.za.net) on the internet which can be accessed over the internet, but these are specially setup and resolve to an internet ip address (not ctwug) and traffic to that ip address will go over the internet. On the ctwug network, these sites have a different ctwug ip address for accessing them over the ctwug network.
So whats involved with setting up ISC BIND for Windows
Obtaining and installing ISC BIND
You need to download and install ISC BIND for Windows. You can find the latest version here www.isc.org (internet link as there is no point installing ISC BIND if you do not have your own internet connection).
Run the BINDInstall.exe file to install ISC BIND. This will install ISC BIND on your machine as a Windows service. The service can be stopped and started and set to automatically start with your pc from the Windows Management Console application (under Windows 7: right click "My computer", click on "Manage", go to "Services and Applications" and then "Services").
Configuring ISC BIND
BIND requires a configuration file called named.conf in the \etc directory which is created by the installer program.
Below is a sample config file which needs to be edited. X.X.X.X needs to be replaced with ip address of the ethernet port on your machine that will run this service. Y.Y.Y.Y is the ip address of your internet isp dns (could be the address of your adsl modem which will pass dns requests on to your isp for you).
For interests sake, 8.8.8.8 and 8.8.4.4 in the config file are googles public dns servers which are useful to have as backup dns servers in case your isp's dns servers experiances trouble at some point.
IS# /etc/named.conf
acl corpnets { 172.18.0.0/16; 127.0.0.0/24; };
options {
# directory "/var/named";
# Hide version string for security
version "not currently available";
# Listen to the loopback device only
listen-on { 127.0.0.1; };
listen-on { X.X.X.X; };
listen-on-v6 { ::1; };
# Do not query from the specified source port range
# (Adjust depending your firewall configuration)
avoid-v4-udp-ports { range 1 32767; };
avoid-v6-udp-ports { range 1 32767; };
# Forward all DNS queries to your internet isp / your modem, then google dns, then ctwug dns
forwarders { Y.Y.Y.Y; 8.8.8.8; 8.8.4.4; 172.18.1.1; };
forward only;
# Expire negative answer ASAP.
# i.e. Do not cache DNS query failure.
max-ncache-ttl 3; # 3 seconds
# Disable non-relevant operations
allow-transfer { none; };
allow-update-forwarding { none; };
allow-notify { none; };
allow-query { corpnets; };
allow-query-cache { corpnets; };
allow-recursion { corpnets; };
};
zone "ctwug.za.net" in {
# matches:
# ctwug.za.net
type forward;
forwarders { 172.18.1.1; Y.Y.Y.Y; 8.8.8.8; 8.8.4.4; };
};
If you use nat, you will want to change the second line "acl corpnets { 172.18.0.0/16; 127.0.0.0/24; };" to "acl corpnets { 172.18.0.0/16; 10.0.0.0/16; 127.0.0.0/24; };" assuming 10.0.0.0/16 is the subnet for your home network behind your natting to ctwug.
For a more detailed look at what the above config file does, please see the ISC BIND help documentation. Remember to stop and restarted the ISC BIND service in windows after creating the above configuration file and after any changes you make to it.
You can then set your machine to use 127.0.0.1 (for the pc running this service) as it's dns ip address. 127.0.0.1 is a loopback address and always points back to the machine it is accessed from
For any other machine or devices on your network, you can just set their dns ip address to point to your lan ip address / ctwug ip address of the pc you just installed your dns service on.
So what does the above config file do
It basically sets up ISC BIND to forward any dns requests for *.ctwug.za.net on to the ctwug dns server (172.18.1.1). Any dns request which do not include .ctwug.za.net will be sent to your internet service providers dns first. If that fails, on to googles dns provider. If that fails then on to ctwug dns provider. Anyone on the wug is able to access your dns service (on port 53 of your pc). You may wish to list your dns service on wind under your node details for other wuggers to be able to use.
