[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Split-horizon DNS. I think.

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Split-horizon DNS. I think.
From: James Herbert <lists_(_at_)_artyzan_(_dot_)_net>
Date: Sun, 19 Dec 2004 12:20:53 +0000

Hi,

This is mainly a sanity check.

I'm not experienced with BIND or DNS servers at all, however I'm wanting to do the following, and would appreciate being told if it's a foolish plan.

My situation is the following: Internal net 10.0.0.0/24. I have 8 static IPs from my ISP (who takes care of rDNS, my domain host takes care of forward lookups. The static IPs are 217.x.x.168/29.

I have pf doing binat from static IP to internal IP for several boxes on my network.

What I'd like to do is set up BIND (or any nameserver) such that clients on the internal network resolve the hostnames of the binat'ed (and all internal) boxen to their internal IPs rather than the 217.x.x.x, and to cache(?) dns lookups for the wider internet. I do not want to serve any DNS for anything outside 10.0.0.0/24.

Is this 'split-horizon' dns? Is http://www.cymru.com/Documents/secure-bind-template.html a good place to be looking? If not, what sort of path should I take?

Regards,

James


--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.296 / Virus Database: 265.6.0 - Release Date: 17/12/2004

Prev by Date: reread inetd.conf ?
Next by Date: Re: reread inetd.conf ?
Previous by thread: Re: reread inetd.conf ?
Next by thread: maxtor hdd with OpenBSD crashes...
Index(es):
- Date
- Thread

Visit your host, monkey.org