BIND behind NAT
Marc.Thach at radianz.com
Marc.Thach at radianz.com
Fri Aug 3 10:18:01 UTC 2001
George,
1. How big is your public address range?
2. Does your DNS server provide authoritative nameservice for your domains?
2a. If so, where are the clients located? inside and/or outside the NAT?
2b. If so, where are the hosts located? inside and/or outside the NAT?
2c. How many hosts?
3. Does your DNS provide caching service for your own clients?
3a. If so, where are the clients located? inside and/or outside the NAT?
If the answers are as follows:
1. bigger than (2c)
2. Yes
2a. Both
2b. Inside
2c. fewer than (1)
3. Yes
3a. Inside
... then you static NAT all your hosts and your DNS each to their own NAT
address, you put the real (inside local in Cisco-speak) addresses in the
DNS and the DNS ALG translates these for clients on the outside. BTW, if
you are expecting much traffic or have a lot of hosts then a 1601 seems a
bit small.
If your answers are different, then let us know.
Marc TXK
"George
Zaroubi" To: comp-protocols-dns-bind at moderators.isc.org
<iwantunow4ever cc:
@usa.net> Subject: BIND behind NAT
Sent by:
bind-users-boun
ce at isc.org
03/08/2001
00:52
Does anybody have some technical documentation on how to configure the DNS
server (BIND 8) behind a Cisco 1601 router with NAT inplace?
The role of the DNS server is to server public as well as private
addresses?
Thanks
More information about the bind-users
mailing list