[KLUG Members] Secondary DNS via VPN

J. Edward Durrett members@kalamazoolinux.org
Fri, 18 Apr 2003 22:11:21 -0400

Previous message: [KLUG Members] Secondary DNS via VPN
Next message: [KLUG Members] Secondary DNS via VPN
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Adam,

I had a similar problem.  I found a work around but I am not sure it is 
the best way.  This solution does not address multiple domains but I 
think it might work.  Also,  I have read some stuff that claims this is 
very taxing on resources but I have not had a problem.

I created a rather simple script which utilizes ssh to for port 
forwarding of important services.  Here is an example I use to connect 
to squid at work when I am on the road:

		ssh -L 12000:127.0.0.1:3128 jed@ssh.shackman.com

For my proxy settings, I have localhost:12000.

This would work for DNS as well:
	ssh -L 12001:10.3.1.1:53 jed@ssh.shackman.com

And the DNS entry would be:
			localhost:12001

Setting a second DNS in your case for your local net wouldn't be a 
problem.

I use this method for two remote offices and the other frequent 
travelers in my company.  I must admit, I have not been able to get it 
to work right with windows machines (much to chagrin of the 1 traveling 
windows user).

I hope this helps -- and if anyone sees a major drawback please let me 
know.

Jason Edward Durrett
Vice President of Operations
B. Shackman Company, Inc.
269.484.1000

On Friday, April 18, 2003, at 12:38 PM, Adam Tauno Williams wrote:

> Here is a niggle I've had for a long time, but just lived with; in fact
> I got around it by just adding important hosts to my /etc/hosts file.
> But now that other users are trying out Linux I'd like to have a real
> solution.
>
> My PC/laptop is on my net at home, which is whitemice.org and has a DNS
> server at 192.168.3.1.  Everything updates from DHCP once the correct
> option is selected in System Settings/Network.
>
> Now I VPN to work which is 192.168.1.x and the domain
> morrison.iserv.net.
>
> So of course typing kohocton, or even kohocton.morrison.iserv.net, into
> my web browser doesn't work.  Typing in http://192.168.1.5 does, and so
> does adding "192.168.1.5 kohocton kohocton.morrison.iserv.net" to
> /etc/hosts
>
> Now the PPP connection dishes out via the usepeerdns option a file int
> /etc/ppp called resolv.conf, it contains "nameserver 192.168.1.9"  But
> the system is looking at /etc/resolv.conf and in order to continue to
> work with whitemice.org stuff it needs to.
>
> On a Windows client this secondary naming thing isn't a problem and 
> just
> seems to be magically taken care off.
>
> Are there any scripts, etc..., approved way of shoe horning
> /etc/ppp/resolv.conf into /etc/resolv.conf, and of automatically
> removing the entries when the PPP (VPN) link goes down?
>
> I'd rather not hack it if something "official" and elegant already
> exists that I'm just not aware of.
>
> _______________________________________________
> Members mailing list
> Members@kalamazoolinux.org
> 
>
>
Jason Edward Durrett
Vice President of Operations
B. Shackman Company, Inc.
269.484.1000

Previous message: [KLUG Members] Secondary DNS via VPN
Next message: [KLUG Members] Secondary DNS via VPN
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]