Help!:2nd Please let me know How to use forward and fowarders.
ynishimura at home.nimc.go.jp
ynishimura at home.nimc.go.jp
Wed Nov 15 08:40:57 UTC 2000
Dear sirs
The following is our network.
There is a private nework in our big network.
The private network has PCUNX-Natrouter as gateway to big network.
The big network has FireWallOne as gateway to Internet.
Those two gateways have Bind8.2.2pl5 with themselves.
1)If the users are in aist.go.jp, there is no problem.
2)If the users are in internal
The PC client's nameserver is NATrouter. It can know IP address of hosts in
private network(internal) and those in Internet.
But, It often cannnot know IP address of hosts in aist.go.jp.
I put Lananalyzer on the upper side of NatRouter, that is nameserver, also.
I found some DNS query commands packet for aist.go.jp go to DNS(2) but some
DNS query command packets don't go to DNS(2) to DNS Root.
And those situations change in time.
I like all of DNS query packet to go to DNS(2).
Does anyone know the reason of my troubles?
LAN
Analyzer
|
|
> Domainname aist.go.jp |
internal
> 1) 150.29.xx.xx | 3)
192.168.0.xx
> Internet------Firewall-------------------------NATRouter----------PC client
> Bind8.2.2pl5 forInternet | Bind8.2.2pl5 for
inside of natrouter
> FireWallOne | Non-authority
> has authority |
> 2) DNS
> Bind8.2.2pl5 for
150.29.xx.xx
> Non-authority
> The following is the named.conf on NatROUTER(3)
>
> // $FreeBSD: src/etc/namedb/named.conf,v 1.5.2.1 1999/08/29 14:19:30 pete
> r Exp $
>
> options {
> directory "/etc/namedb";
>
> allow-query{
> 192.168.0/24;
> };
> forward first;
> forwarders {
> 150.29.144.64;<----the IP address of DNS(2)
> };
> };
>
>
> zone "." {
> type hint;
> file "named.root";
> };
>
>
> zone "0.0.127.IN-ADDR.ARPA" in {
> type master;
> file "localhost.rev";
> };
>
> zone "internal" in {
> type master;
> file "internal.zone";
> allow-update {localhost;};
> };
>
> zone "0.168.192.in-addr.arpa" in {
> type master;
> file "internal.rev";
> allow-update {localhost;};
> };
>
>
More information about the bind-users
mailing list