how do I get a single DNS to return addresses based on query
Kevin Darcy
kcd at daimlerchrysler.com
Mon Jun 17 23:15:04 UTC 2002
Andris Kalnozols wrote:
> > Yossie Silverman <yossie at blacksteel.com> wrote:
> >
> > The problem:
> >
> > I would like to have a single DNS server (bind) running on my
> > network. This server should return an internal (non global) address
> > when the source address of the query is internal as well. Otherwise,
> > it should return the external (global) address. From what I can tell
> > from the docs, sortlist (in options) SHOULD be able to do this, but
> > it isn't clear exactly how to get it to do so.
> >
> > E.g.
> >
> > Internal network: 192.168.1.0/24
> >
> > If a query comes from this network, for 'mail', the resolved address
> > should be 192.168.1.5. If it comes from outside this network, the
> > resolved address should be 216.135.198.111 (all addresses are
> > "fictitious").
> >
> > Thanks! - Yossie
>
> Try this:
>
> acl "internal-net" { 192.168.1/24; };
> options {
> sortlist {
> { { localhost; # IF from the local host [127.0.0.1]
> internal-net; }; # OR from the internal network
> internal-net; }; # THEN prefer internally-connected addr
> { any; # IF from an external net
> !internal-net; }; # THEN prefer any non-internal address
> };
> };
No, RFC 1918 addresses should *not* be published on the Internet, even as failover
addresses!
Use "view"s (BIND 9) instead, or (BIND 8) run multiple nameserver instances on the
same box, binding to different interfaces.
-
Kevin
More information about the bind-users
mailing list