Re: Modified Split DNS Question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Jake McHenry wrote:

One other question. I only have one dns server as of right now, behind a
firewall. If any machines that are behind the firewall with the server, they
are going to that server for dns, which is pointing to a public IP.

This is why I wanted to set the search and domain to search for the private
stuff first.

The only way I have been able to get around the public IP showing up in the
logs for what should be the private machines is putting the ip and domain
names in the hosts files on the client machines.

Does anyone know of a way to get around using the hosts files on each
individual machine?



I'm not entirely sure what you are trying to achieve. However, I have a similar set up. My ISP gives me a domain and a fixed IP address. For my internal nameserver, I just put the various machines at home in that domain, that all have 192.168.0.x IP addresses.

So, if the name that my ISP gives me is home.example.com, then the IP address associated with this connects to my firewall. I simply treat home.example.com as an SOA (start of authority) and assign names and IP addresses within that domain. My children's PC, for example, is called sprog.home.example.com and has a 192.168.0.x IP address. The firewall is home.example.com on the outside (with its public IP address) and fluffy.home.example.com on the inside with it's 192.168.0.x IP address. My resolv.conf simply contains "search home.example.com". These internal names aren't visible from the outside for two reasons: my ISP doesn't have NS records pointing to my nameserver and my nameserver isn't accessible through the firewall. Really, it's the NS record associated with home.example.com that would glue my domain into the DNS as a whole, and that is the *only* difference between what I have and what the nameserver at work has.

If you're interested, I can send you a copy of my nameserver configuration files, but it's a staightforward set up. You can get everything you need from the Cricket book (DNS and Bind, Cricket Liu and Paul Albitz (I think), published by O'Reilly).

jch


--
Shrike-list mailing list
Shrike-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/shrike-list
[Index of Archives]     [Fedora Users]     [Centos Users]     [Kernel Development]     [Red Hat Install]     [Red Hat Watch]     [Red Hat Development]     [Red Hat Phoebe Beta]     [Yosemite Forum]     [Fedora Discussion]     [Gimp]     [Stuff]     [Yosemite News]

  Powered by Linux