On 09/16/2009 05:14 AM, Frank.Brodbeck@xxxxxxxxxx wrote: > "Roland Roland" <R_O_L_A_N_D@xxxxxxxxxxx> schrieb am 16.09.2009 12:01:34: > >> I'll explain again... excuse my english.. >> >> 1. I can browse local virtual hosts normaly >> 2. I can browse abcd.com (my company's website, and is set also as my > local >> network domain) >> 3. if go to public.abcd.com from outside my network (any public place) I > can >> access that page normally. >> 4. if try browsing public.abcd.com from inside my network, I cannot as > my >> local DNS search it's own records for "public" and obviously it wont > find >> it. >> the reason such a thing is happening is due to the fact that "abcd.com' > is >> also set as our network's domain. so instead of forwarding requests to > my >> ISP's dns to resolve public.abcd.com it simply search it's own records. > > First of all, I'm no DNS expert, keep that in mind when reading my answer > ;-) > > This sounds like a split horizon setup for your DNS. If I understand you > correctly, public.abcd.com is a webserver in your LAN/DMZ but publicly > available? If so, and if the bind you inherited only answers to requests > from your LAN you can just add public.abcd.com to your zone file. > > But as I mentioned before, be careful with this advice. If possible, test > this with something not in production or wait for someone with more DNS > experience than me. > First set of advise ... get rid of GUIs (like webmin) to manage DNS and learn where the files are, what goes in them and how to edit them correctly. It sounds like you have an internal DNS master and an External DNS master. Most people do this if they have internal IPs (10.x.x.x, 172.16.x.x-172.31.x.x, 192.x.x.x, etc.) and external (real) IPs to maintain. So, do you have some internal and some external IPs to maintain? The first thing you need to know is where is the master DNS server for each zone ... the internal one and the external one. I like to use nslookup for things like this ... other people use dig. Here is the nslookup way. Enter this command in a terminal: nslookup Now you should be in an nslookup shell. Use this command to look for SOA (Start of Authority records): set type=soa Now you can input your domain in the line and see the dns servers that are authoritative for that domain. So in your example, enter: abcd.com Once you know the authoritative DNS names, use this command to lookup IP addresses: set type=a Then lookup the addresses of DNS servers by typing each name. You can specify the DNS server to use in YOUR nslookups with this command in the nslookup shell: server aaa.bbb.ccc.ddd (enter the ip address of the server you want to lookup against) Using this, you can do lookups for names on your internal and external DNS machines ... then you can edit the applicable zone files as necessary to fix the issues. You zone files are usually somewhere in /var/named/ Look in /etc/named.conf to see how the DNS server is set up ... here is some DNS docs: http://www.centos.org/docs/5/html/5.2/Deployment_Guide/ch-bind.html
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
