Running DNS locally for home network

Solution 1:

If you want internal fake domains to work you can't configure your workstations with any DNS servers except your own. Once you set up BIND it can work by itself and you don't need your ISP's or any other non-authoritative DNS servers at all.

Solution 2:

Basically you need to run your own DHCP and DNS server. You're already running your own DHCP server if you have a typical router that gives out private IP addresses.

Your DHCP server must be configured to hand out your router IP as the gateway address, and your DNS server IP as the DNS server address, obviously.

Your DNS server must be configured to resolve a non-official top-level domain locally, such as .local, and then forward any other requests to another DNS. In BIND you need to add a forwarders { } section to your `/etc/bind/named.conf.options' which contains the public DNS servers you want to use to resolve non-local addresses. As other comments suggest, if you don't want to forward to your ISP's DNS servers, you can use OpenDNS, Google's public DNS servers, or 4.2.2.1/4.2.2.2 (I forget who does those).

If you are running your own DNS server, you need a box that will be on all the time, as all DNS queries on your home network will go through it. This box needs a fixed IP on your home subnet. Make sure it can't get bulldozed by DHCP, and the box itself should not be getting an IP via DHCP. If your DHCP is configured to hand out addresses from 192.168.1.1 to 192.168.1.100 for example, then give your DNS server the IP 192.168.1.101. In the usual situation of home routers you just need to simply tell the router that the DNS server is 192.168.1.101 and reboot.

If you can get a local DNS running on your broadband router, great, but a DNS server might benefit from lots of RAM for caching queries, depending on which DNS software you use. On my network I just use straight BIND. Sounds like you might have a little experience with that and for me it works great.

Solution 3:

Are there any open DNS servers that are reliable

You said it: OpenDNS.

208.67.222.222
208.67.220.220

Solution 4:

Unbound is pretty easy, supports bind style config files and fairly reliable. If the server will be a stand-alone 'gateway' type box, and you'd like a few extra niceties, you might want to take a look at the firewall/gateway distro called untangle as well.

Solution 5:

If you are running Windows - you should take a look at Simple DNS Plus - it is a full DNS server that also comes with a DHCP server plug-in - and has an easy-to-use GUI.

[Note: the product is developed by the author of this post]