Dear All,
If the client machine using IP ( 192.168.1.0 / 24, IP range from the NAT service of a Server machine ) and the server machine using IP ( 192.168.0.1 / 24 ), then, it need to be configed by using view function ?
Edward.
Sorry for the goof earlier on...
On 21/02/2007, at 8:35 PM, edwardspl@ita.org.mo wrote:
If the client machine using IP ( 192.168.1.0 / 24, IP range from the NAT service of a Server machine ) and the server machine using IP ( 192.168.0.1 / 24 ), then, it need to be configed by using view function ?
You use views to present different versions of your zones to different sets of clients (such as internal vs external clients). You don't need them if you want to give all clients the same information. Views have nothing to do with NAT (other than certain sets of client machines could be recognised by their NATted addresses).
Cheers Steffen.
Steffen Kluge wrote:
Sorry for the goof earlier on...
On 21/02/2007, at 8:35 PM, edwardspl@ita.org.mo wrote:
If the client machine using IP ( 192.168.1.0 / 24, IP range from the NAT service of a Server machine ) and the server machine using IP ( 192.168.0.1 / 24 ), then, it need to be configed by using view function ?
You use views to present different versions of your zones to different sets of clients (such as internal vs external clients). You don't need them if you want to give all clients the same information. Views have nothing to do with NAT (other than certain sets of client machines could be recognised by their NATted addresses).
Cheers Steffen.
Hello Steffen,
Sorry, I don't quite understanding your means... Actually, I needn't to config the bind ( named.conf ) with view function ?
PS: Due to the security and no more public IP ( Only a IP / Gateway from ISP )....so I need to assign the Private IPs for Server machines, finally transate Private IP to Public IP by Firewall tools ( iptable ) !
Edward.
Steffen Kluge wrote:
Sorry for the goof earlier on...
On 21/02/2007, at 8:35 PM, edwardspl@ita.org.mo wrote:
If the client machine using IP ( 192.168.1.0 / 24, IP range from the NAT service of a Server machine ) and the server machine using IP ( 192.168.0.1 / 24 ), then, it need to be configed by using view function ?
You use views to present different versions of your zones to different sets of clients (such as internal vs external clients). You don't need them if you want to give all clients the same information. Views have nothing to do with NAT (other than certain sets of client machines could be recognised by their NATted addresses).
Cheers Steffen.
Hello,
So, I needn't to config with view function, right ?
Edward.
edwardspl@ita.org.mo wrote:
On 21/02/2007, at 8:35 PM, edwardspl@ita.org.mo wrote:
If the client machine using IP ( 192.168.1.0 / 24, IP range from the NAT service of a Server machine ) and the server machine using IP ( 192.168.0.1 / 24 ), then, it need to be configed by using view function ?
You use views to present different versions of your zones to different sets of clients (such as internal vs external clients). You don't need them if you want to give all clients the same information. Views have nothing to do with NAT (other than certain sets of client machines could be recognised by their NATted addresses).
Hello,
So, I needn't to config with view function, right ?
Edward.
Is your server the official public server for a registered domain name? If not, you just want to provide only the private addresses for the names even though you configure the server to be primary for the zone. Some other server (or service) may be providing public dns with the names of any machine you want to be available from the internet and the corresponding public addresses. Even though named can do both at once I find it easier to run it on different machines and point local clients at the one with the private addresses.
Les Mikesell wrote:
edwardspl@ita.org.mo wrote:
On 21/02/2007, at 8:35 PM, edwardspl@ita.org.mo wrote:
If the client machine using IP ( 192.168.1.0 / 24, IP range from the NAT service of a Server machine ) and the server machine using IP ( 192.168.0.1 / 24 ), then, it need to be configed by using view function ?
You use views to present different versions of your zones to different sets of clients (such as internal vs external clients). You don't need them if you want to give all clients the same information. Views have nothing to do with NAT (other than certain sets of client machines could be recognised by their NATted addresses).
Hello,
So, I needn't to config with view function, right ?
Edward.
Is your server the official public server for a registered domain name? If not, you just want to provide only the private addresses for the names even though you configure the server to be primary for the zone. Some other server (or service) may be providing public dns with the names of any machine you want to be available from the internet and the corresponding public addresses. Even though named can do both at once I find it easier to run it on different machines and point local clients at the one with the private addresses.
Hello,
Yes, the domain name is registered... So, how can I config the DNS ?
Edward.
edwardspl@ita.org.mo wrote:
Is your server the official public server for a registered domain name? If not, you just want to provide only the private addresses for the names even though you configure the server to be primary for the zone. Some other server (or service) may be providing public dns with the names of any machine you want to be available from the internet and the corresponding public addresses. Even though named can do both at once I find it easier to run it on different machines and point local clients at the one with the private addresses.
Yes, the domain name is registered... So, how can I config the DNS ?
I have always pointed the public registration at a different server than the one used by internal machines behind the NAT so I can't help with configuring views on a single server, although I believe it is supposed to be supported. These directions might work: http://www.openaddict.com/bind9_views_for_dns_zones.html
Some other responses have mentioned letting the NAT router do it for you by adjusting the address on responses to outside queries. Some routers do have that capability (I think the Cisco PIX is one), but not all can do it and the configuration would be specific to the type.
Les Mikesell wrote:
edwardspl@ita.org.mo wrote:
Is your server the official public server for a registered domain name? If not, you just want to provide only the private addresses for the names even though you configure the server to be primary for the zone. Some other server (or service) may be providing public dns with the names of any machine you want to be available from the internet and the corresponding public addresses. Even though named can do both at once I find it easier to run it on different machines and point local clients at the one with the private addresses.
Yes, the domain name is registered... So, how can I config the DNS ?
I have always pointed the public registration at a different server than the one used by internal machines behind the NAT so I can't help with configuring views on a single server, although I believe it is supposed to be supported. These directions might work: http://www.openaddict.com/bind9_views_for_dns_zones.html
Some other responses have mentioned letting the NAT router do it for you by adjusting the address on responses to outside queries. Some routers do have that capability (I think the Cisco PIX is one), but not all can do it and the configuration would be specific to the type.
Hello,
Sorry, I don't quite understanding your means...
Edward.
edwardspl@ita.org.mo wrote:
Les Mikesell wrote:
edwardspl@ita.org.mo wrote:
Is your server the official public server for a registered domain name? If not, you just want to provide only the private addresses for the names even though you configure the server to be primary for the zone. Some other server (or service) may be providing public dns with the names of any machine you want to be available from the internet and the corresponding public addresses. Even though named can do both at once I find it easier to run it on different machines and point local clients at the one with the private addresses.
Yes, the domain name is registered... So, how can I config the DNS ?
I have always pointed the public registration at a different server than the one used by internal machines behind the NAT so I can't help with configuring views on a single server, although I believe it is supposed to be supported. These directions might work: http://www.openaddict.com/bind9_views_for_dns_zones.html
Some other responses have mentioned letting the NAT router do it for you by adjusting the address on responses to outside queries. Some routers do have that capability (I think the Cisco PIX is one), but not all can do it and the configuration would be specific to the type.
Hello,
Sorry, I don't quite understanding your means...
For a small site, the easy way is to let some outside service handle public DNS for you. You will probably only have a few addesses that need to be included in the public view and you really should have two DNS servers registered in the public system anyway. Often the service that provides the domain regisration service will also offer to serve your zones. That takes care of the public side seeing the public addresses. Then you set up your own private DNS server inside the nat to run as a caching server but primary for your own domain and use it from your local machines. Even though it isn't the registered primary server it will respond with the configured private addresses for your own domain and get the rest from public DNS.
If you have a larger site you can still use this approach. Just use different DNS servers for the ones registered into the public system than the ones you use for your internal machines that want the private addresses.
-
Edward S.P. Leong -
Les Mikesell -
Steffen Kluge