We are currently using the DNS of our ISP but I would like to setup our own in house DNS server so that we could manage local names, and in short use this in house DNS server instead of .hosts file on all of our computers.
I would like the DNS server to resolve DNS only to certain IP's (so this way I could filter internet access in a way, by providing DNS resolution only to domains that are of use to our business and accordingly to IP's -something like openDns) I know I could setup a transparent squid to do filtering, but I've been interested in setting up a local DNS server and could not find the necessary resources online.
I am interested in a Unix, Debian, friendly app (Windows is acceptable also).
I can tell you on the Linux side that BIND is probably the most common and most powerful solution you could find. However, DNSmasq is a great lightweight DNS app that you actually might have some experience with since it's installed on many linux-based SOHO routers.
I would recommend Linux + BIND or PowerDNS.
The setup is fairly easy with lots of HOWTOs on the web. I use this setup for 3 years now without any problem.
HOWTO for BIND an internal and external DNS server
I'd recommend PowerDNS highly, if you just want a no-frills recursing DNS server to enable Internet usage, pdns-recursor requires close to zero configuration to be used on a local network. I use it on our FreeBSD server on the office, and basically, I just installed it, added the server's IP address to
/usr/local/etc/pdns/recursor.confand started the service.If you want to provide your own DNS information, PowerDNS has some very powerful features, mainly in its ability to use a relational database as backend, which makes it a lot easier to make some sort of web interface or configuration system, and also makes it a lot easier to do replication, since you can just use the database server's replication system instead of AXFR or similar things.
DJBDNS - easy, works! :)
I thought about doing the same thing, and came across OpenDNS.
I'm a new user, so I can't add the link, but google will allow you to find them.
I don't work for/with them, I just use their service and I like it. Its free and allows for customizing access like you requested. As far as local DNS is concerned, I run a localized nameserver for all hostnames of of a Fedora install. As far as the local DNS goes, as long as you are running a DNS server on the network, and have your DHCP configured correctly to spit it out, it'll work. I simply don't allow DNS traffic originating from my exterior firewall, and it seems to do the trick.
Small sites often hand-edit zone files and BIND configurations which leads to inconsistencies and errors. Instead use HostDB to take a /etc/hosts file and uses it to generate your files. More info at everythingsysadmin.com/hostdb
It generates files for BIND which comes with all Linux distros.
Using a DNS Server for local/internet name resolution is the best and most managmenable solution. With that having been said I would suggest you do not use DNS for filtering. Use something that was designed for web content filtering like squid.
If using a windows server then use Windows DNS Server if using a Linux server use something like Bind or dnsmasq.
I use an internal DNS server for that purpose exactly.
Windows DNS Services is an added component to their systems. The application is easy to use, but as difficult as DNS is to understand. How to Install and Configure Microsoft DNS Server
I also use Simple DNS. This application runs in windows as it's own DNS service. There are much more features for configuration, and the web API is worth the price alone. Consider using a DNS web API for DNS management outside of the IT realms.
djbdns: easy configuration and syntax, top notch security.
Aptitude install bind9 will provide a caching nameserver out of the box. From there you're only a hop, skip and a jump away from adding your own zone files to control your networks DNS as you wish.