Solved

I would like to create a DNS server

Posted on 2014-11-13
12
180 Views
Last Modified: 2014-11-19
I would like to create my own DNS server for either a workgroup or Domain.  Is this possible to do on my own.  What is the simplest way to begin doing so?  Any direction would be appreciated.  Is there a third party tool that could help my make my own?
0
Comment
Question by:al4629740
  • 5
  • 4
  • 3
12 Comments
 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 40440760
What do you mean?  In a domain, Active Directory installation automatically installs the DNS server and configures it.

Can you elaborate on why you want to do this - DNS is used in a variety of places and for a variety of reasons - understanding your goals will make advising you easier.
0
 

Author Comment

by:al4629740
ID: 40440793
I would like to create a DNS server that blocks certain sites based on a blacklist. I don't want to use any public ones such as open DNS
0
 
LVL 95

Assisted Solution

by:Lee W, MVP
Lee W, MVP earned 166 total points
ID: 40440905
A hosts file will do the same thing on a local PC.

Alternately, you can setup any DNS server and just add a site - to block www.xxx.com simply add xxx.com as a domain the DNS server knows about.  Lookups will find no reference to www and return page not found.  

The problem with this plan is to be effective (depending on what you block) it could be a full time job for dozens of people - which is why employing an existing service is usually a better option).
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 6

Expert Comment

by:Asif Bacchus
ID: 40440982
What is your current setup?  Are you in a domain environment, just a workgroup, using a router, behind a linux/BSD firewall?  Or is this question more of a general knowledge type question?  If so, are you wondering about individual computers or a domain environment?

Regarding Lee's point, he is correct about the time involved if you are blocking many domains.  If you are looking to block a handful (like facebook or hotmail, etc.) then manual entries are feasible.  Otherwise, third party blacklists are a much faster approach.
0
 

Author Comment

by:al4629740
ID: 40441917
It's more of interest in implementing it for knowledge and to create my own for my clients to use.

Couldn't I just use published blacklists also?

I still would like some ideas on making my own dns server for web filtering
0
 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 40442420
What ideas - already given instructions - to repeat:
Alternately, you can setup any DNS server and just add a site - to block www.xxx.com simply add xxx.com as a domain the DNS server knows about.  Lookups will find no reference to www and return page not found.  

You could script the addition of published blacklists into a DNS server.
0
 

Author Comment

by:al4629740
ID: 40443356
Creating a DNS server in Windows server is easy, but what about if I wanted to create a DNS server on the workstation?
0
 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 40443693
Few if any professionals would do so, so now your asking a fringe question that, in m opinion, is unlikely to get you very many good and experienced responses.  Windows Server comes with a DNS server, so that is what I use - I wouldn't think of putting on one a workstation.  You could use something with linux, but that potentially gets more complicated.
0
 

Author Comment

by:al4629740
ID: 40443710
In the end my goal is to create a web content filter system of my own. I would imagine creating my own DNS server would be the first place to start.
0
 
LVL 6

Assisted Solution

by:Asif Bacchus
Asif Bacchus earned 334 total points
ID: 40444008
I will preface this by saying that  setting up your own DNS server for what you trying to do is more trouble than it's worth, but the basics are not really that difficult.  Others have covered the Windows Server angle, so I'll address your workstation question.

I would go with a linux distro, as barebones as possible, to do this.  Take a look at Turnkey Linux (http://www.turnkeylinux.org/) as they have prebuilt barebones DNS VMs you can test out.  From there a good tutorial via google will get you going.  As a note, if you are setting up a DNS server, please do not expect a standard workstation NIC to do the job.  Invest in an Intel Server NIC for a few extra dollars.

HTH
0
 

Author Comment

by:al4629740
ID: 40444078
That is exactly what I was looking for.  Thank you.   Is Linux the best way to go?  What do most public DNS servers consist of.
0
 
LVL 6

Accepted Solution

by:
Asif Bacchus earned 334 total points
ID: 40444089
Linux is a very secure way to go, as long as you keep the system updated.  I like TurnKey's VMs because they have an auto-update feature built in and are based on a STABLE distributions that are commercial grade.  Plus, they have a nice GUI management interface that is nice when you are learning.  

Most DNS servers are based on some flavour of *NIX or BSD.  BSD is a better choice since it's even more secure out of the box than linux (IMHO) but it is harder to work with and I don't know of many tutorials or pre-made VMs that you can experiment with.

For now, I'd suggest getting your feet wet with a simple linux distro and DNS system like the one at TurnKey.  It will be very reliable for you and do what you're looking for.

Cheers.
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This guide will walk you through the essential considerations and tech stack for building scalable websites. Know how to grow your business the smart way!
Developer portfolios can be a bit of an enigma—how do you present yourself to employers without burying them in lines of code?  A modern portfolio is more than just work samples, it’s also a statement of how you work.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question