Hi,
On our setup when we want to address our server (used both for email and http) from the internal network we need to address it as "machine.ourdomain.com". When connecting from outside the network (through the internet) we address the server as "ourdomain.com". How can I configure our BIND server (FC2) so that we can use the same address regardless of where we are sending from? Can I make settings so that "machine.ourdomain.com" is recognised on the internet, or do I need to contact our ISP for that?
Thanks, Antonio
On Tue, 2004-10-05 at 19:08, antonio.nunes@lifefoundation.plus.com wrote:
On our setup when we want to address our server (used both for email and http) from the internal network we need to address it as "machine.ourdomain.com". When connecting from outside the network (through the internet) we address the server as "ourdomain.com". How can I configure our BIND server (FC2) so that we can use the same address regardless of where we are sending from? Can I make settings so that "machine.ourdomain.com" is recognised on the internet, or do I need to contact our ISP for that?
Does your domain have lots of names in it (is it a complex zone file)?
Is your machine a registered nameserver for your domain on the Internet, or is it only providing DNS for your network, with another ISP providing the "official" DNS servers for the domain?
Paul.
On Tue, 2004-10-05 at 13:40, Paul Howarth wrote:
[ Sorry- I overlooked the beginning of this thread! ]
On Tue, 2004-10-05 at 19:08, antonio.nunes@lifefoundation.plus.com wrote:
On our setup when we want to address our server (used both for email and http) from the internal network we need to address it as "machine.ourdomain.com". When connecting from outside the network (through the internet) we address the server as "ourdomain.com". How can I configure our BIND server (FC2) so that we can use the same address regardless of where we are sending from? Can I make settings so that "machine.ourdomain.com" is recognised on the internet, or do I need to contact our ISP for that?
Try this: your company probably has a 'main' dns machine it uses to cache the requests. Create a "ourdomain.local" zone and use it to put the hosts in it with the behind-the-firewall addresses.
Here, I have kamakiriad.local. It's clear to both me AND the dns that this is a phoney-baloney, plastic-banana zone which isn't reachable from the outside. (Which is why it's not a .com/.net/etc)
I've used this system for about a decade; it's accurate, easy to remember, and keeps the seperation of inside and out very clear. Just be sure to put ourdomain.local in the /etc/resolv.conf file so you can just use the hostnames (as usual).
Also inform your mailer to masquerade the usual way when NAT is involved.
Enjoy!
Once upon a time Tuesday 05 October 2004 1:08 pm, antonio.nunes@lifefoundation.plus.com wrote:
Hi,
On our setup when we want to address our server (used both for email and http) from the internal network we need to address it as "machine.ourdomain.com". When connecting from outside the network (through the internet) we address the server as "ourdomain.com". How can I configure our BIND server (FC2) so that we can use the same address regardless of where we are sending from? Can I make settings so that "machine.ourdomain.com" is recognised on the internet, or do I need to contact our ISP for that?
I take it that you run your own world acesable dns server? if so you would be best of setting up two views one for external consumtion. one for internal that way you can set machine.domain.com to answer the world with its public ip and the lan its internal ip. if however you dont control teh dns to the world you need to contact whoever looks after your dns to have it added
to configure views in bind is fairly straight forward http://sysadmin.oreilly.com/news/views_0501.html has more details on it
Dennis
On Tue, 2004-10-05 at 14:08, antonio.nunes@lifefoundation.plus.com wrote:
Hi,
On our setup when we want to address our server (used both for email and http) from the internal network we need to address it as "machine.ourdomain.com". When connecting from outside the network (through the internet) we address the server as "ourdomain.com". How can I configure our BIND server (FC2) so that we can use the same address regardless of where we are sending from? Can I make settings so that "machine.ourdomain.com" is recognised on the internet, or do I need to contact our ISP for that?
Thanks, Antonio
Sounds like you want to setup a split DNS. You will have an external name server which has the public addressing and faces the Internet. Internally you have other DNS severs which you list the internal RFC1918 addressing for all systems internal to your network. With things configured correctly any requests while on your intranet will get your internal addresses. Any requests from outside will get the public addresses.
One company I worked at had several external DNS servers. Their zones were relatively small just a few entries for the web servers and portals we needed facing the Internet. We also had several internal name servers which had hundreds if not thousands of entries in their zones since we listed all the equipment internal to the company in them. These zones were not accessible from the Internet directly but allowed us to use the same names but serve out different IP addresses.
Check out the BIND book from O'Reilly. It has all the information you need for setting this up.
-
antonio.nunes@lifefoundation.plus.com -
Brian Fahrlander -
Dennis Gilmore -
Paul Howarth -
Scot L. Harris