Re: [LUG] PPP link prob

[Simon Waters <Simon at wretched.demon.co.uk>]

Alex Charrett wrote:
> 
> You only really want it running if you are using the same box as a DNS
> server for a local network.  You definatley don't want it running by
> default as its just another expliotable service.

Of course it doesn't have to listen on any public interfaces. Just tell
it where to listen with "listen-on". Similar things apply to most other
services, and ipchains can effect it even if the application can't.

Now whether the performance gain is worth it for the huge chunk of
memory I guess depends on how you use the Internet and whether your
resolver does any caching itself.

Excerpt from a convenient named.conf

options {
        directory "/etc/namedb";        // Working directory
        pid-file "named.pid";           // Put pid file in working dir
        listen-on { 127.0.0.1; }; // private server for performance
        listen-on-v6 { none; } ;        // No version 6 IP
        version "";     // Don't release version number
};

I'm so paranoid I don't even tell myself (127.0.0.1 is the IP loopback
address, or the address on which the machine talks to itself - and I
thought that was a sign of madness) what version of BIND I'm running -
call the men in white coats.

Of course I have to tell resolv.conf to use 127.0.0.1 - some Unix'es use
to object to this sort of thing - but time has improved the IP stacks.

-- 
Want to learn about Linux? Get it installed?
Devon and Cornwall LUG Event for UK Linux Day 
Exeter University - Sunday April 29th 2001 10:00 to 17:00
www.linuxday.org.uk or join D&C LUG www.lug.termisoc.org
--
lug-list - The Mailing List for the Devon & Cornwall LUG
Mail majordomo at lists.termisoc.org with "unsubscribe lug-list" in the
message body to unsubscribe.