On Tue, 2008-05-27 at 07:44 -0700, Daniel B. Thurman wrote: > I have a setup as follows: > > 1) ISP->pass-thru-DSL-router->firewall-appliance w/ NAT support > 2) NAT->DNS(Internet) > > Let's assume: > a) ISP provided static IP is: 111.111.111.1 > b) Firewall allows access to DNS port 53 > c) Intranet addresses are: 10.0.0.x > > Q1: In setting up a DNS server for Internet, > is it required that I setup mydomain.com > zone for 111.111.111.x addresses or can I > use 10.0.0.x addresses since NAT is involved? > > What I am trying to understand here, am I required > to setup seperate DNS servers, one for Internet > (for 111.111.111.x) and one for Intranet (for 10.0.0.x)? > > The trouble that I am running into is that I am not able > to get reverse DNS to work even through I have PTR fields > defined but they are of 10.0.0.x addresses and I am not > seeing rDNS resolvers. Where is your DNS server? Is it behind the firewall? Here's what I have: *) 1 Linux firewall connected to my ISP (public address) - uses iptables with SNAT so the internal private network can get to the Internet. *) 2 machines inside the firewall running forward and reverse DNS, DHCP and so on. My internal network is called something like "mynet.lan" so that it can never get confused with any outside DNS namespace. *) All machines inside the firewall look at the internal DNS server so that they can resolve correctly. Any lookups for which the DNS server is not authoritative gets sent out through the firewall. This works flawlessly for me. -- Thomas -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list