But in windows system, We can set the DNS servers for each connection( here, I mean the net interface). For example, on my windows host, I have 1 eth card and I built a dial-up network. We can set DNS server for each of them. What I concerned is if linux system can also provide the same feature? thanks -----Original Message----- From: Glynn Clements [mailto:glynn.clements@virgin.net] Sent: Thursday, November 21, 2002 3:31 PM To: Yuan Huailin-w19410 Cc: linux-net@vger.kernel.org Subject: RE: DNS for multi-interfaces host Yuan Huailin-w19410 wrote: > If I have 2 or more net interfaces on my host, and each interface > connect to a large private network( A and B). each private network has > their own DNS server. > > Now, on my host, I launch the www browser. when I want browse the > website in A, I enter www.website.a into address bar, browser will > lookup the IP of this site based on the dns setting in > /etc/resolv.conf. When I enter www.website.b into address bar, it will > also do the same thing. > > If the DNS servers are below for A and B: > > A: > 200.61.2.100 > 200.61.2.101 > > B: > 202.10.210.1 > 202.10.210.2 > > if I just list them all in the /etc/resolv.conf is enough to let > browser can access websites in A and B? > > nameserver 200.61.2.100 > nameserver 200.61.2.101 > nameserver 202.10.210.1 > nameserver 202.10.210.2 If each pair of DNS servers can only answer queries for a specific domain, that won't work. With the above configuration, all queries will be sent to 200.61.2.100. The other DNS servers will only be tried if the first DNS server fails to answer within a given time period. If the first DNS server returns a negative response, the query will fail. In this situation, the obvious solution is to run a DNS server which forwards queries for those domains to other DNS servers, e.g. zone "a" { type forward; forward only; forwarders { 200.61.2.100 ; 200.61.2.101 ; }; }; zone "b" { type forward; forward only; forwarders { 202.10.210.1 ; 202.10.210.2 ; }; }; There is no way to achieve this without using a DNS server (unless you store *all* relevant hostnames in /etc/hosts, which may not be practical); the resolver library cannot be configured with this degree of granularity. A better solution is for the private zones to be added to the global DNS, and to use access controls to restrict who can actually query the DNS servers. Private DNS zones will only work for systems which are explicitly configured (whether manually or dynamically, e.g. via DHCP) to use the appropriate DNS servers. -- Glynn Clements <glynn.clements@virgin.net> - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
