[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Split-horizon DNS. I think.



Hi,

This is mainly a sanity check.

I'm not experienced with BIND or DNS servers at all, however I'm wanting to do the following, and would appreciate being told if it's a foolish plan.

My situation is the following: Internal net 10.0.0.0/24. I have 8 static IPs from my ISP (who takes care of rDNS, my domain host takes care of forward lookups. The static IPs are 217.x.x.168/29.

I have pf doing binat from static IP to internal IP for several boxes on my network.

What I'd like to do is set up BIND (or any nameserver) such that clients on the internal network resolve the hostnames of the binat'ed (and all internal) boxen to their internal IPs rather than the 217.x.x.x, and to cache(?) dns lookups for the wider internet. I do not want to serve any DNS for anything outside 10.0.0.0/24.

Is this 'split-horizon' dns? Is http://www.cymru.com/Documents/secure-bind-template.html
a good place to be looking? If not, what sort of path should I take?


Regards,

James


-- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.296 / Virus Database: 265.6.0 - Release Date: 17/12/2004