[KLUG Members] I have a couple questions.
Rich Clark
rrclark at rrclark.net
Mon Aug 30 07:24:56 EDT 2004
On Sun, 29 Aug 2004, Jeremy Leonard wrote:
> I don't think I worded it wrong. The box I'm using IS the DNS for my public
> domain. elite4god.com I want people on my lan to resolve hosts in that
> domain to their 192.168.x.x addresses. You can't go out a nat and back in so
> if a user on my lan enters www.elite4god.com into their browser it doesn't
> come up. They get unknown host. If I ping that DNS name I get the public
> address. I want to run two DNS servers each one only listens on one nic. The
> LAN side returns LAN addresses for my zone and the public side returns the
> public addresses. I don't want my users to have to use a different dns name
> if they are on the lan as apposed to when they are connected to the Internet
> through some other way.
I do exactly this or used to, before WOW closed inbound port 53 on me.
However, doing DNS for a LAN is the same as you would any other domain.
ACL's help keep the riffraff outta the internal zonefile. I separate zone
files; the externally visible zone is rrclark.net; the internal zone is
private.rrclark.net. For the bastion server (similar to what you use) the
internal NIC is named rich.private.rrclark.net; external it's rrclark.net.
As to resources, there's no better investment than a personal copy of
O'Reilly's cricket book, DNS & Bind, and don't get anything earlier than
4th edition.
Lemme know if this is unclear.
Rich
--
"More & more, the IBM Nazgul appear to be relentless in their methodical
destruction of the SCO case, while SCO now give the impression of being a
headless, legless chicken, strapped to a barbeque, with the feathers
becoming singed." - bishopi on http://www.groklaw.net re: SCO & IBM
on 8/25/04
More information about the Members
mailing list