BIND9 on multiple subnets
Jonathan Hutchins
hutchins at tarcanfel.org
Mon Aug 2 15:40:41 CDT 2004
On Sun, August 1, 2004 17:31, jeremy at linuxwebguy.com said:
> I want requests made from the outside world to resolve to the real
> Internet IP, but requests made from the local LAN to resolve to the
> internal IP, since the external IPs won't quite work right.
Just how are you planning to get your gateway's legitimate IP listed as
the authoritative DNS server for your domain? You're aware that
reverse-DNS is still going to show they dynamic block of your ISP, right?
What most of us do is use some sort of dynamic DNS resolver, or the
services of our Registrar, to point the whole domain (*.domain.grp) at our
firewall and let the firewall sort out which ports to forward where. This
makes it appear to the outside world that your firwall is your
webserver/mailserver/desktop/torrentserver, and your internal network
sorts things out on it's own.
Unless you really want the "real world" to have direct access to each of
your internal machines, doing external DNS is not the way to go.
More information about the Kclug
mailing list