Re: Setting up DNS; Internet and Intranet questions

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 2008-05-27 at 07:44 -0700, Daniel B. Thurman wrote:
> I have a setup as follows:
> 
> 1) ISP->pass-thru-DSL-router->firewall-appliance w/ NAT support
> 2) NAT->DNS(Internet)
> 
> Let's assume:
> a) ISP provided static IP is: 111.111.111.1
> b) Firewall allows access to DNS port 53
> c) Intranet addresses are: 10.0.0.x
> 
> Q1: In setting up a DNS server for Internet,
>     is it required that I setup mydomain.com
>     zone for 111.111.111.x addresses or can I
>     use 10.0.0.x addresses since NAT is involved?
> 
>     What I am trying to understand here, am I required
>     to setup seperate DNS servers, one for Internet
>     (for 111.111.111.x) and one for Intranet (for 10.0.0.x)?
> 
> The trouble that I am running into is that I am not able
> to get reverse DNS to work even through I have PTR fields
> defined but they are of 10.0.0.x addresses and I am not
> seeing rDNS resolvers.

Where is your DNS server?  Is it behind the firewall?

Here's what I have:

*) 1 Linux firewall connected to my ISP (public address) - uses iptables
with SNAT so the internal private network can get to the Internet.

*) 2 machines inside the firewall running forward and reverse DNS, DHCP
and so on.  My internal network is called something like "mynet.lan" so
that it can never get confused with any outside DNS namespace.

*) All machines inside the firewall look at the internal DNS server so
that they can resolve correctly.  Any lookups for which the DNS server
is not authoritative gets sent out through the firewall.

This works flawlessly for me.

-- 
Thomas

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux