From owner-freebsd-questions  Wed Oct 28 21:47:52 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id VAA06318
          for freebsd-questions-outgoing; Wed, 28 Oct 1998 21:47:52 -0800 (PST)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from mercury.webnology.com (mercury.webnology.com [209.155.51.2])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id VAA06313
          for <freebsd-questions@FreeBSD.ORG>; Wed, 28 Oct 1998 21:47:51 -0800 (PST)
          (envelope-from jooji@webnology.com)
Received: from localhost (jooji@localhost)
	by mercury.webnology.com (8.9.1/8.8.8) with SMTP id XAA14436
	for <freebsd-questions@FreeBSD.ORG>; Wed, 28 Oct 1998 23:53:55 -0600
	(envelope-from jooji@webnology.com)
Date: Wed, 28 Oct 1998 23:53:55 -0600 (CST)
From: "Jasper O'Malley" <jooji@webnology.com>
To: freebsd-questions@FreeBSD.ORG
Subject: Re: DNS with internal and external networks..
In-Reply-To: <36379012.7B31E08D@gorean.org>
Message-ID: <Pine.LNX.4.02.9810282346410.14174-100000@mercury.webnology.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


Loren Daniel Koss wrote:
> 
> How do you set up a name server (named) to handle both internal addresses
> properly (192.168.1 network) and external network when the names are the
> same?  Iam using ipfw and natd on the same machine.

A favorite technique of mine is to have the firewall (or firewalls) use
an internal name server as its resolver (i.e. list only internal
nameservers in /etc/resolv.conf), while running the externally visible
named on the same firewall. Then have all internal mail servers act as
forwarding nameservers, which forward external requests to these named's
running on the firewall(s). Make all internal clients use the
internal nameservers, and make them all at least secondaries for the
internal domain information, so they get the internal names and addresses.
Then, the firewall properly resolves the names of internal hosts, while
passing the proper externally visible DNS information out to the world at
large. The internal hosts also refer to each other by internal name and
address, as well.

Cheers,
Mick

The Reverend Jasper P. O'Malley          dotdot:jooji@webnology.com
    Systems Administrator                  ringring:asktheadmiral
	Webnology, LLC               woowoo:http://www.webnology.com/~jooji


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message