Hostname and NAT questions

WebReactor Networks bind at webreactor.net
Thu Mar 7 05:04:48 UTC 2002 

David:

The "real" hostname of your server is irrelevant to BIND.  In fact, if
you're not doing dynamic updates, neither is the host's IP address(es).

So long as all slaves to this server are in the public address space
(outside your NAT'd network) you shouldn't have any problems.  For slaves
within your network, they will have to name the master's internal IP address
in named.conf (obviously), and you will need an also-notify statement in
named.conf on the master.

You asked for examples, so here's what I have...

For my domain webreactor.net the primary is ns1.webreactor.net with a
secondary at dns1.voteforfrank.org.  This is how it appears to the outside
world (run 'dig webreactor.net NS' for to see for yourself).

In reality, the primary is served by a host named "red".  There are two
secondaries: persia (internal) and dns1.voteforfrank.org (external).  persia
is a slave to red, dns1.voteforfrank.org is a slave to ns1.webreactor.net,
which is actually persia.

Nowhere in DNS will you see my internal network address space
(192.168.0.0/24), nor will you see the host names "red" or "persia".

Hope this helps.

  - John R. S. 


> From: "David Simpson" <David.Simpson at goodmanfielder.com.au>
> Date: Thu, 7 Mar 2002 13:59:45 +1000
> To: bind-users at isc.org
> Subject: Hostname and NAT questions
> 
> 
> Greetings
> 
> I'd like to pass a scenario by you all to check if you see any problems
> arising.
> 
> External companies currently manage our DNS. I wish to set up BIND 8.3.1 on
> Win2k in-house
> to act as the primary name server for our zones.
> 
> The Win2k machine's name has to conform to our corporate standard and as
> such will have
> a "not so pretty" name such as "qdornau07.domain.com".  I'd like to refer
> to the server in all
> DNS references as "ns.domain.com".
> 
> Additionally, this server has an assigned IP of 202.x.x.x which is a
> routable address through
> our Telco B secondary ISP link. However traffic normally routes down our
> Telco B primary ISP
> link and is NAT'd IP address to IP address at the router to a 62.x.x.x
> address.
> 
> So as the primary for our domains, the zone record says:
> ;
> $TTL 86400
> @    IN   SOA  ns.domain.com.      admin.domain.com. (
> 2002030207            ; serial number
> 10800        ; refresh
> 3600         ; retry
> 3600000      ; expire
> 86400      ) ; minimum TTL
> 
> @    IN   A         62.x.x.x
> @    IN   NS        ns.domain.com.
> 
> ns   IN   A         62.x.x.x
> ;
> 
> I'm mostly concerned that the "real" Win2K name may clash with the zone
> information and
> also the server is advertising itself as a different IP address from which
> it is configured.
> 
> I've never set up this configuration before so can anyone see any issues
> with doing this
> or can you provide any suggestions or examples?
> 
> Cheers
> 
> David Simpson
> 
> 
> 
> **********************************************************************
> This email and any files transmitted with it are confidential and
> intended solely for the use of the individual or entity to whom they
> are addressed. 
> 
> If you have received this email in error, you are prohibited from reading,
> copying, distributing and using the information.
> Please contact the sender immediately by return email and destroy
> the original message.
> **********************************************************************
> 
>

More information about the bind-users mailing list