RE: [PLUG] home dns notes

Mike Pflugfelder on Mon, 6 Aug 2001 10:30:07 -0400

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

RE: [PLUG] home dns notes

From: Mike Pflugfelder <mikep@keyinfosys.com>

To: "'plug@lists.phillylinux.org'" <plug@lists.phillylinux.org>

Subject: RE: [PLUG] home dns notes

Date: Mon, 6 Aug 2001 10:17:44 -0400

Reply-to: plug@lists.phillylinux.org

Sender: plug-admin@lists.phillylinux.org

I've got a similar situation for the office here, but I'm not sure I'm doing it the best way that I possibly can. Might also have something to do with my firewall and such. Maybe someone could help, here's my deal: I've got 2 DNS servers, both RH7.1, running BIND 9.1.0. One handles the DNS for our internal NAT'd network, and one handles the DNS for our domain name (keyinfosys.com). Everything seems to work fine as I point our workstations at the internal DNS, but is there a way that I could have one machine resolve for both networks? I'm thinking this because I'd like to have 2 machines doing DNS, but each machine doing internal and internet DNS, one backing up the other. One other thing, not sure if it makes a difference or not, but my internet DNS server is on the NAT network and I've got my firewall set to forward DNS traffic on a public IP to the machine on the NAT network. If anyone can be of any help, I would greatly appreciate it... Thanks, -Mike -----Original Message----- From: Jason Costomiris [mailto:jcostom@jasons.org] Sent: Sunday, August 05, 2001 8:22 PM To: PLUG Subject: Re: [PLUG] home dns notes On Sun, Aug 05, 2001 at 05:31:48PM -0400, Jeff Abrahamson wrote: : The problem is that if I claim authority over purple.com, I can't see : the outside purple things (www, list). If I claim authority over a : subdomain, I don't get there, since the lookups are com --> : purple.com, which doesn't know about home.purple.com subdomain. Why not just do a split dns config? You setup an internal DNS that claims authority for purple.com, with zone files that contain info on your internal and external resources. In addition, you setup an external DNS which also claims authority for purple.com, with zone files that contain info ONLY on your external resources. Set your internal DNS to forward to the external DNS. For internal machines, you'll query your internal DNS, which claims authority for purple.com, and gets all other info from the external server. Your external DNS will NEVER query the internal DNS. Make certain of this. Yes, you've got 2 zone files to maintain, but it's a minimal amount of work, considering the security benefits. Beats monkeying around with hosts files, doesn't it? Works perfectly in my network.. -- Jason Costomiris <>< | Technologist, geek, human. jcostom {at} jasons {dot} org | http://www.jasons.org/ Quidquid latine dictum sit, altum viditur. My account, My opinions. ______________________________________________________________________ Philadelphia Linux Users Group - http://www.phillylinux.org Announcements-http://lists.phillylinux.org/mail/listinfo/plug-announce General Discussion - http://lists.phillylinux.org/mail/listinfo/plug ______________________________________________________________________ Philadelphia Linux Users Group - http://www.phillylinux.org Announcements-http://lists.phillylinux.org/mail/listinfo/plug-announce General Discussion - http://lists.phillylinux.org/mail/listinfo/plug

Follow-Ups:

Re: [PLUG] home dns notes
From: gabriel rosenkoetter <gr@eclipsed.net>

Prev by Date: Re: [PLUG] IP masquerading problem

Next by Date: Re: [PLUG] home dns notes

Previous by thread: Re: [PLUG] home dns notes

Next by thread: Re: [PLUG] home dns notes

Index(es):

Date

Thread