Help!:2nd Please let me know How to use forward and fowarders.
Kevin Darcy
kcd at daimlerchrysler.com
Thu Nov 16 01:01:38 UTC 2000
If you want NATrouter to forward only to DNS(2), then you should be using "forward
only" instead of "forward first".
- Kevin
ynishimura at home.nimc.go.jp wrote:
> Dear sirs
>
> The following is our network.
> There is a private nework in our big network.
> The private network has PCUNX-Natrouter as gateway to big network.
> The big network has FireWallOne as gateway to Internet.
>
> Those two gateways have Bind8.2.2pl5 with themselves.
>
> 1)If the users are in aist.go.jp, there is no problem.
>
> 2)If the users are in internal
> The PC client's nameserver is NATrouter. It can know IP address of hosts in
> private network(internal) and those in Internet.
> But, It often cannnot know IP address of hosts in aist.go.jp.
>
> I put Lananalyzer on the upper side of NatRouter, that is nameserver, also.
> I found some DNS query commands packet for aist.go.jp go to DNS(2) but some
> DNS query command packets don't go to DNS(2) to DNS Root.
>
> And those situations change in time.
>
> I like all of DNS query packet to go to DNS(2).
>
> Does anyone know the reason of my troubles?
>
> LAN
> Analyzer
> |
> |
> > Domainname aist.go.jp |internal
> > 1) 150.29.xx.xx | 3)
> 192.168.0.xx
> > Internet------Firewall-------------------------NATRouter----------PC client
> > Bind8.2.2pl5 for Internet | Bind8.2.2pl5 for
> inside of natrouter
> > FireWallOne | Non-authority
> > has authority |
> > 2) DNS
> > Bind8.2.2pl5 for
> 150.29.xx.xx
> > Non-authority
> > The following is the named.conf on NatROUTER(3)
> >
> > // $FreeBSD: src/etc/namedb/named.conf,v 1.5.2.1 1999/08/29 14:19:30 pete
> > r Exp $
> >
> > options {
> > directory "/etc/namedb";
> >
> > allow-query{
> > 192.168.0/24;
> > };
> > forward first;
> > forwarders {
> > 150.29.144.64;<----the IP address of DNS(2)
> > };
> > };
> >
> >
> > zone "." {
> > type hint;
> > file "named.root";
> > };
> >
> >
> > zone "0.0.127.IN-ADDR.ARPA" in {
> > type master;
> > file "localhost.rev";
> > };
> >
> > zone "internal" in {
> > type master;
> > file "internal.zone";
> > allow-update {localhost;};
> > };
> >
> > zone "0.168.192.in-addr.arpa" in {
> > type master;
> > file "internal.rev";
> > allow-update {localhost;};
> > };
> >
> >
More information about the bind-users
mailing list