private network internals
Kevin Darcy
kcd at daimlerchrysler.com
Sat Sep 10 02:24:44 UTC 2005
Bernd Prager wrote:
>I might embarrass myself by asking some trivial questions but I've been
>trying to search online for weeks now
>without finding a decent answer. Here I go:
>
>I'm using Linux Debian/kernel 2.6.8 and bind9 9.3.1 connected via DSL to
>the outside world.
>I have one static IP address and bind is currently used as "cache only"
>my provider's name servers.
>
I don't understand what you mean by that. If it is "cache only", then it
should resolve Internet names from whatever nameservers host those
names, rather than preferring or relying exclusively on your provider's
nameservers. I suspect you have some forwarding defined in named.conf,
in which case it's a forwarding configuration, not "cache only".
You're probably better off without forwarding, by the way, unless your
provider blocks your ability to query Internet nameservers directly.
>All my internal boxes are running Windows provided with IP address and
>host-name via DHCP 2.0 .
>All internal boxes can properly resolve all external names. Now I have
>one problem and one question:
>
>The problem:
>- My internal computer can't resolve any internal addresses e.g. stored
>in /etc/hosts.
>
That's perfectly normal. DNS and /etc/hosts are separate sources of name
information. If you want to continue to use /etc/hosts, then you'll have
to develop/implement a way to distribute it to all of the machines that
need it. Far better, in my opinion, to define a DNS domain and use that
*instead* of /etc/hosts.
> Is this how a pure DNS cache is supposed to work? How do I fix that?
>My question:
>- How do I get DHCP provided host names for my internal computers in
>DNS? I have no authority for my provider DNS
>
Define your own domain for internal use and then use the DDNS
capabilities of your DHCP server (I assume DHCP 2.0 has DDNS
capabilities). Or, if you have a relatively-small number of hosts and/or
they don't move around too much, just define them statically, which is
easier.
> (and I don't want my internal boxes to be exposed). This is entirely
>for internal use only.
>I read about dynamic DDNS and assume that's the way to go.
>But I don't know how to mix read-only external zones with read-write
>internal zones.
>
Hmmm... You've said nothing up until this point about actually *hosting*
DNS data to the Internet. Either use a completely separate domain on
your internal network (e.g. foo.internal), or, if you insist on using
the same domain internally and externally, you're going to have to do
double maintenance for some of the entries, e.g. foo.example.com might
need to be defined in both the internal and external versions of the
example.com zone.
- Kevin
More information about the bind-users
mailing list