[KLUG Members] re: Secondary DNS and VPN
Mike Williams
members@kalamazoolinux.org
Sun, 20 Apr 2003 10:15:02 -0400
> Message: 2
> From: Adam Tauno Williams <awilliam@whitemice.org>
> To: members@kalamazoolinux.org
> Organization: BOTWM
> Date: 18 Apr 2003 12:38:38 -0400
> Subject: [KLUG Members] Secondary DNS via VPN
> Reply-To: members@kalamazoolinux.org
>
> Here is a niggle I've had for a long time, but just lived with; in fact
> I got around it by just adding important hosts to my /etc/hosts file.
> But now that other users are trying out Linux I'd like to have a real
> solution.
>
> My PC/laptop is on my net at home, which is whitemice.org and has a DNS
> server at 192.168.3.1. Everything updates from DHCP once the correct
> option is selected in System Settings/Network.
>
> Now I VPN to work which is 192.168.1.x and the domain
> morrison.iserv.net.
>
> So of course typing kohocton, or even kohocton.morrison.iserv.net, into
> my web browser doesn't work. Typing in http://192.168.1.5 does, and so
> does adding "192.168.1.5 kohocton kohocton.morrison.iserv.net" to
> /etc/hosts
>
> Now the PPP connection dishes out via the usepeerdns option a file int
> /etc/ppp called resolv.conf, it contains "nameserver 192.168.1.9" But
> the system is looking at /etc/resolv.conf and in order to continue to
> work with whitemice.org stuff it needs to.
>
> On a Windows client this secondary naming thing isn't a problem and just
> seems to be magically taken care off.
>
> Are there any scripts, etc..., approved way of shoe horning
> /etc/ppp/resolv.conf into /etc/resolv.conf, and of automatically
> removing the entries when the PPP (VPN) link goes down?
>
> I'd rather not hack it if something "official" and elegant already
> exists that I'm just not aware of.
You could try just adding 192.168.1.9 as a second entry in resolv.conf,
but I think it will only fail to the 2nd entry if the first doesn't
respond. How about adding 192.168.1.9 as a forwarder in the
named.conf of the whitemice server? For a more elegant solution, maybe
you could create a zone-specific entry that forwards only requests for
the morrison.iserv.net domain to its domain server.