We are running a research project with hundreds (becoming thousands) of remote hosts. Each host is running OpenVPN so we can find them regardless of what their 'assigned' IP is. We have been using DynDNS to manage this but we're running into some issues with them ( API is weak/nonexistent, size constraints, etc).
Im looking into setting up a internal-only domain (EG "our.stuff" so a host would be "site1.our.stuff" or "site3.net4.our.stuff") that I can configure with the info from the OpenVPN server.
Since we'd have to point our internal DNS to this machine it would have to be able to route/cache requests for 'external' machines as well. I've been trying to read about 'internal DNS', 'private', 'non-routeable' but I'm not having much success.
Summary: need info on internal, caching DNS server. Something with open-source would be ideal. If not, I can script out changes to .conf, etc.
Best Answer
I would use bind, open source that powers the DNS root servers and security tried and proved (every week, I would say).
Configure a simple server with recursion and a simple internal domain (you can call it whatever you want) that will be served by this domain. Recursion can be allowed only for some IP adresses and it's a good practice to do so, even if your DNS server will not be exposed to the internet:
Bind also supports
dynamic dnsupdates and you can use thensupdatetool to make the openvpn clients update the nameserver with their names. It uses cryptographic keys to do everything securely and works wonders. Here is a short tutorial about nsupdate and one about Dynamic DNS.