I agree with everything that has been said BUT I must also interject. A lot small business and many home users who get one or two IP's usually don't have a second DNS floating around. For larger organizations I would definitely use the split DNS. We do that at a couple locations when we can. As for this case, I think it's completely acceptable. Since this does indeed work I think it should be documented as a viable solution (which I think it's in the fine print on one of the docs that I read before). > -----Original Message----- > From: netfilter-bounces@xxxxxxxxxxxxxxxxxxx [mailto:netfilter- > bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of Steven M Campbell > Sent: Tuesday, July 12, 2005 2:03 PM > To: Netfilter ML > Subject: Re: dnatting > > > So, having put a few of these negative forth allow me to suggest an > alternative. Split DNS, with split dns you will create a name, for > example theserver.myplace.com and have a split view of it, that is, > folks on the inside will get the inside address and folks on the outside > will get the outside address. No special routing is then required and > you can use the server internally without any of the above issues. I > totally agree with Jason in suggesting that you investigate your name > server rather than doing this bi-directional NAT. > >
