I'm a little confused
Kevin Darcy
kcd at daimlerchrysler.com
Thu Nov 7 17:33:24 UTC 2002
Jack wrote:
> > I'm guessing that you're running into trouble because at least some of
> > your HTTP/SMTP/etc. servers are located *inside* of your NAT, and your
> > NAT device doesn't support a "double-NAT", i.e. from an inside device to
> > an external address, translated or port-forwarded back to an internal
> > address again.
>
> Aha, I wondered why I couldn't resolve back into myself, and assumed
> it was something like this
>
> >
> > The most elegant solution to that problem is to configure your nameserver
> > (assuming it's running BIND 9) with "view"s so that it can resolve the
> > names of your HTTP/SMTP/etc. servers to public addresses for external
> > clients, and to private addresses for internal clients. Note, however,
> > that this will require you to maintain 2 different versions of the same
> > zone(s). If some of your servers are inside, and some outside, then you
> > could put the names of the outside servers in a file which could be
> > $INCLUDE'd into both zonefiles.
> >
>
> All my servers are 'inside'.
>
> Perhaps I have not made myself clear.
> I guess what I am asking is how to create a 'inside' domain which
> doesn't corrupt the 'outside' domain with the same ip ( my 'inside' IP
> is 10.0.0.X, netmask 255.255.255.0 )
"view"s is still the best answer to that question.
- Kevin
More information about the bind-users
mailing list