Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-user

From: Reuben Farrelly <reuben-gentoo-user@××××.net>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] A DNS question.
Date: Sun, 04 Mar 2007 00:06:41
Message-Id: 45EA0B4D.2090304@reub.net
In Reply to: Re: [gentoo-user] A DNS question. by Paul Colquhoun
1 On 4/03/2007 8:43 AM, Paul Colquhoun wrote:
2 > On Sun, 4 Mar 2007, Bob Young wrote:
3 >> This isn't strictly a Gentoo question, but I'm setting up Gentoo box
4 >> to be used as a secondary DNS server, plus some other duties, and I'm
5 >> hoping there is a DNS wizard reading who can authoritatively answer my
6 >> question.
7 >>
8 >> First off the machine has three network cards, one with a (DHCP)
9 >> private IP (10.10.32.1) for talking to the local (Windows Domain) LAN.
10 >> A second NIC with a (Manually configured) IP address (69.12.134.79)
11 >> that is publicly registered (ns.debug1.com) as a secondary DNS for
12 >> several domains. And the third NIC has a (Manually configured) private
13 >> IP address (192.168.0.1) that will be used to "sniff" all traffic that
14 >> crosses the DSL modem.
15 >>
16 >> Obviously on a given system each NIC is usually connected to a
17 >> different domain, my question is, whether or not it
18 >> is /legal/possible/okay to use different *hostnames* on different
19 >> NICs?
20 >>
21 >> For example, in the scenario described above, assume the windows
22 >> domain is named "mydomain.lan," can I have 69.12.134.79 (NIC #2)
23 >> resolve to ns.debug1.com as that is it's publicly registered name,
24 >> while IP address 10.10.32.1 (NIC #1) resolves to gentoo.mydomain.lan?
25 >
26 >
27 > Given that 2 of your IP addresses are in RFC 1918 private IP space, it
28 > is a good thing not to have your public DNS name resolve to those IP
29 > addresses, as they should not be routable, and may be in use at amny
30 > other sites (and thus could resolve to a local address at those sites).
31
32 That's exactly what named "views" are for. You can have clients on one IP range
33 resolve to entirely different IP addresses than those on the outside:
34
35 http://www.isc.org/sw/bind/arm94/Bv9ARM.ch06.html#view_statement_grammar
36
37 I have been using bind views in that way for the last 2 years or so so that my
38 internal DNS looks different to that seen on the Internet, the feature works
39 exactly as documented and it's fairly easy to set up.
40
41 That way there is no need to ever have hosts resolve to private RFC 1918 IP
42 addresses from the Internet.
43
44 Reuben
45 --
46 gentoo-user@g.o mailing list

Replies

Subject Author
Re: [gentoo-user] A DNS question. Dan Farrell <dan@×××××××××.cx>
Report Message
Find on MARC Find on Google Groups