There's a lot to change around a lot and a lot to take in, but your answer does exactly what I'm trying to do.
Many thanks mark
On 24 May 2004, at 00:03, Cowles, Steve wrote:
Mark Lowe wrote:Hello...[snip]
How to I get things so to the outside world hosteddomain.com is the real ip and to the server its the aliased one?
...[snip]
Are you sure you're not wanting (asking how) to implement bind views? i.e.
----------------------------------------------- # cat /var/named/internal/db.maindomain
$ttl 38400 @ IN SOA mainhost.maindomain.com. root.mainhost.maindomain.com. ( 1084742277 10800 3600 604800 38400 ) hosteddomain.com. IN NS ns.maindomain.com. www.hosteddomain.com. IN A 10.0.0.10 ftp.hosteddomain.com. IN A 10.0.0.10 mail.hosteddomain.com IN A 10.0.0.10 hosteddomain.com. IN A 10.0.0.10
----------------------------------------------- # cat /var/named/external/db.maindomain
$ttl 38400 @ IN SOA mainhost.maindomain.com. root.mainhost.maindomain.com. ( 1084742277 10800 3600 604800 38400 ) hosteddomain.com. IN NS ns.maindomain.com. www.hosteddomain.com. IN A 4.5.6.10 ftp.hosteddomain.com. IN A 4.5.6.10 mail.hosteddomain.com IN A 4.5.6.10 hosteddomain.com. IN A 4.5.6.10
----------------------------------------------- #cat /etc/named.conf
options { directory "/var/named";
pid-file "/var/run/named/named.pid"; statistics-file "/var/log/named/named.stats"; dump-file "/var/log/named/named.dump"; zone-statistics yes;
// Listen ONLY on the following interfaces listen-on { 127.0.0.1 ; 10.0.0.10; }; ...[snip] };
acl "trusted-nets" { 10.0.0.0/24; 127.0.0.1; };
...[snip]
view "internal" in { //Only allow trusted nets to query this view match-clients { trusted-nets; };
// Enable recursion for this view recursion yes;
// Cache data retrieved in this view additional-from-auth yes; additional-from-cache yes;
// Load the "root" (hints) zone
zone "." in {
type hint; // Zone is of type hint
file "root.cache"; // Specify the root filename
};
// Load the internal 127.0.0 reverse zone
zone "0.0.127.in-addr.arpa" in {
type master; // Zone is a master
allow-transfer { none; }; // Do not accept zone
tranfers
allow-query { any; }; // Allow anyone to query
zone
file "internal/db.127.0.0"; // Load internal zone file
};
// Load the internal maindomain.com zone
zone "maindomain.com" in {
type master; // Zone is a master
notify yes; // Send notifies?
file "internal/db.maindomain"; // Load zone file
};
...[snip]
};
view "external" in { //Allow anyone to query this view match-clients { any; };
// Disable recursion for this view recursion no;
// Do NOT cache data retrieved in this view additional-from-auth no; additional-from-cache no;
// Load the "root" (hints) zone
zone "." in {
type hint; // Zone is of type hint
file "root.cache"; // Specify the root filename
};
// Load the external maindomain.com zone
zone "maindomain.com" in {
type master; // Zone is a master
notify yes; // Send notifies?
allow-query { any; }; // Allow anyone to query
zone
file "external/db.maindomain"; // Load zone file
};
...[snip]
};
# cat /etc/resolv.conf search maindomain.com nameserver 127.0.0.1 ...[snip]
At least that's what I do at this end. Using the above example, any host on
your lan configured to use this DNS server along with the server itself
(127.0.0.1) would return the 10.0.0.10 address. A query to your DNS server
originating from the internet would return the 4.5.6.10 address. FWIW: I
configure my apache virtual's to refernece the internal ip address like what
you posted.
Steve Cowles
-- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
-- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
