Solved

I would like to create a DNS server

Posted on 2014-11-13
12
193 Views
Last Modified: 2014-11-19
I would like to create my own DNS server for either a workgroup or Domain.  Is this possible to do on my own.  What is the simplest way to begin doing so?  Any direction would be appreciated.  Is there a third party tool that could help my make my own?
0
Comment
Question by:al4629740
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 3
12 Comments
 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 40440760
What do you mean?  In a domain, Active Directory installation automatically installs the DNS server and configures it.

Can you elaborate on why you want to do this - DNS is used in a variety of places and for a variety of reasons - understanding your goals will make advising you easier.
0
 

Author Comment

by:al4629740
ID: 40440793
I would like to create a DNS server that blocks certain sites based on a blacklist. I don't want to use any public ones such as open DNS
0
 
LVL 95

Assisted Solution

by:Lee W, MVP
Lee W, MVP earned 166 total points
ID: 40440905
A hosts file will do the same thing on a local PC.

Alternately, you can setup any DNS server and just add a site - to block www.xxx.com simply add xxx.com as a domain the DNS server knows about.  Lookups will find no reference to www and return page not found.  

The problem with this plan is to be effective (depending on what you block) it could be a full time job for dozens of people - which is why employing an existing service is usually a better option).
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 6

Expert Comment

by:Asif Bacchus
ID: 40440982
What is your current setup?  Are you in a domain environment, just a workgroup, using a router, behind a linux/BSD firewall?  Or is this question more of a general knowledge type question?  If so, are you wondering about individual computers or a domain environment?

Regarding Lee's point, he is correct about the time involved if you are blocking many domains.  If you are looking to block a handful (like facebook or hotmail, etc.) then manual entries are feasible.  Otherwise, third party blacklists are a much faster approach.
0
 

Author Comment

by:al4629740
ID: 40441917
It's more of interest in implementing it for knowledge and to create my own for my clients to use.

Couldn't I just use published blacklists also?

I still would like some ideas on making my own dns server for web filtering
0
 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 40442420
What ideas - already given instructions - to repeat:
Alternately, you can setup any DNS server and just add a site - to block www.xxx.com simply add xxx.com as a domain the DNS server knows about.  Lookups will find no reference to www and return page not found.  

You could script the addition of published blacklists into a DNS server.
0
 

Author Comment

by:al4629740
ID: 40443356
Creating a DNS server in Windows server is easy, but what about if I wanted to create a DNS server on the workstation?
0
 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 40443693
Few if any professionals would do so, so now your asking a fringe question that, in m opinion, is unlikely to get you very many good and experienced responses.  Windows Server comes with a DNS server, so that is what I use - I wouldn't think of putting on one a workstation.  You could use something with linux, but that potentially gets more complicated.
0
 

Author Comment

by:al4629740
ID: 40443710
In the end my goal is to create a web content filter system of my own. I would imagine creating my own DNS server would be the first place to start.
0
 
LVL 6

Assisted Solution

by:Asif Bacchus
Asif Bacchus earned 334 total points
ID: 40444008
I will preface this by saying that  setting up your own DNS server for what you trying to do is more trouble than it's worth, but the basics are not really that difficult.  Others have covered the Windows Server angle, so I'll address your workstation question.

I would go with a linux distro, as barebones as possible, to do this.  Take a look at Turnkey Linux (http://www.turnkeylinux.org/) as they have prebuilt barebones DNS VMs you can test out.  From there a good tutorial via google will get you going.  As a note, if you are setting up a DNS server, please do not expect a standard workstation NIC to do the job.  Invest in an Intel Server NIC for a few extra dollars.

HTH
0
 

Author Comment

by:al4629740
ID: 40444078
That is exactly what I was looking for.  Thank you.   Is Linux the best way to go?  What do most public DNS servers consist of.
0
 
LVL 6

Accepted Solution

by:
Asif Bacchus earned 334 total points
ID: 40444089
Linux is a very secure way to go, as long as you keep the system updated.  I like TurnKey's VMs because they have an auto-update feature built in and are based on a STABLE distributions that are commercial grade.  Plus, they have a nice GUI management interface that is nice when you are learning.  

Most DNS servers are based on some flavour of *NIX or BSD.  BSD is a better choice since it's even more secure out of the box than linux (IMHO) but it is harder to work with and I don't know of many tutorials or pre-made VMs that you can experiment with.

For now, I'd suggest getting your feet wet with a simple linux distro and DNS system like the one at TurnKey.  It will be very reliable for you and do what you're looking for.

Cheers.
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
This video demonstrates how to use each tool, their shortcuts, where and when to use them, and how to use the keyboard to improve workflow.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question