Date: Thu, 03 Nov 2011 07:51:03 +0000 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: AN <andy@neu.net> Cc: freebsd-questions@freebsd.org Subject: Re: DNS config help Message-ID: <4EB247E7.1010708@infracaninophile.co.uk> In-Reply-To: <alpine.BSF.2.00.1111022050300.6875@mail.neu.net> References: <alpine.BSF.2.00.1111022050300.6875@mail.neu.net>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig211D2095B954D7E0E0C150D1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On 02/11/2011 20:52, AN wrote: > I have a question about how to configure DNS. My local network is 10.x= , > and I sometimes need to connect to a remote VPN. My question is how do= > I configure BIND to forward queries to a different server only for a > specific domain. This sounds like a job for a static-stub domain. That's a fairly new feature in BIND, so you may well need to install bind98 from ports. See the documentation here: http://ftp.isc.org/isc/bind9/cur/9.8/doc/arm/Bv9ARM.ch06.html#zone_statem= ent_grammar > When I am connected to the VPN, vpn.example.com, I want queries for > anything going to example.com to go a specific DNS, and everything els= e > on 10.x to go to my regular DNS. Please let me know if I need to > provide more info. Thanks in advance for any help. Hmmm.... I don't think you're going to have much fun at all if you try and modify your named configuration depending on whether your VPN is up or not. DNS TTLs are generally of the order of days -- that should be taken as a measure of the minimum time that should go between restarts of a recursive DNS (ideally, and as a long term average). Better to just fail the lookup when the VPN is down. Cheers, Matthew --=20 Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matthew@infracaninophile.co.uk Kent, CT11 9PW --------------enig211D2095B954D7E0E0C150D1 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk6yR/EACgkQ8Mjk52CukIxeFwCfdY24tmHqcd0XMRm4ntZ6olaE dNMAn02wH6zD3XLzqkZFM5A9n8u7GH9o =6nsB -----END PGP SIGNATURE----- --------------enig211D2095B954D7E0E0C150D1--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4EB247E7.1010708>