Caching-only nameserver for internal network
Matt Larson
matt at acmebw.com
Thu Aug 19 16:50:45 UTC 1999
At 09:30 AM 8/19/99 +0000, Michiel Kreutzer wrote:
>and have made the neccesary changes to both /etc/named.conf (uncomment the
>"any port" line, forward first; forwarders {my_ISP_nameservers;})
The name server on the firewall doesn't need to forward to your ISP's name
server. If it's got a root hint zone configured with the current list of
root name servers (ftp://ftp.rs.internic.net/domain/named.cache), your
firewall name server can resolve anything.
>I have not set up a
>domainname for my intranet, and I wonder if I need to.
Even if you don't need one now, you'll probably need one later. Better to
get and use a legitimately registered domain name than a made-up one.
>The problem I face now is that if I use firewall's ip-number as the only
>nameserver for the other boxes, I cannot resolve any names. At least
>nslookup does not work, both in ip#-to-hostname and hostname-to-ip#
>mode.
The name server on the firewall is not using /etc/hosts on the
firewall. You can use a tool like h2n to convert /etc/hosts to files
readable by the name server.
>I have read
>the DNS-HOWTO, but that did not help me succeed.
I'd recommend O'Reilly's "DND and BIND" book, which specifically covers
migrating from a hosts file using h2n.
Matt
--
Matt Larson <matt at acmebw.com>
Acme Byte & Wire / http://www.acmebw.com
More information about the bind-users
mailing list