Split DNS on Linux machines
Berislav Todorovic
BERI at etf.bg.ac.yu
Tue Jul 13 09:27:47 UTC 1999
In article <37892287.0 at news>,
"Doug Herbert" <DougH at tsb.co.nz> wrote:
> I am trying to set up another machine which will serve as a private
> DNS for our local LAN ( accdev.tsbbank.co.nz - same config as above )
> The reason we need this , is to keep our local ip address of some
> machines private, ie. split DNS
Few comments on your configuration:
> options {
> directory "/var/named";
> forward first;
> forwarders {
> ns1.tsbbank.co.nz;
> };
> };
If your private DNS is behind a firewall, use "forward only" instead of
"forward first". Also, DO NOT use names in the "forwarders" section -
use the IP address of the forwarder instead. Beside that, if you have
a firewall, consider forcing queries from specific port (e.g. 53),
using the query-source directive.
> zone "tsbbank.co.nz" {
> type slave;
> file "pz/tsbbank.co.nz";
> masters { 210.55.142.24; };
> };
If you set your private server to be a slave for tsbbank.co.nz, the
zone data on ns1 and accdev will be the very same. You probably
don't want to do that - you rather want to have different data on
the private and public server. Therefore, you need:
zone "tsbbank.co.nz" {
type master;
file "pz/tsbbank.co.nz";
};
The same goes for your reverse domain (142.55.210.in-addr.arpa).
Regards,
Beri
.-------.
| --+-- | Berislav Todorovic, B.Sc.E.E. | E-mail: BERI at etf.bg.ac.yu
| /|\ Hostmaster of the YU TLD |
|-(-+-)-| School of Electrical Engineering | Phone: (+381-11)3221-419
| \|/ Bulevar Revolucije 73 | 3370-106
| --+-- | 11000 Belgrade SERBIA, YUGOSLAVIA | Fax: (+381-11)3248-681
`-------' --------------------------------------------------------------
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
More information about the bind-users
mailing list