DNS for internal end external

linux-admin.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* DNS for internal end external
@ 2003-07-02  6:32 Murali Potla
  2003-07-02  8:17 ` Daniel Eugenin M.
                   ` (3 more replies)
  0 siblings, 4 replies; 7+ messages in thread
From: Murali Potla @ 2003-07-02  6:32 UTC (permalink / raw)
  To: Murali Potla, linux-admin

Hi, 

How do i configure bind so that when a request comes from our LAN,
address should be resolved to local address and when the request is from
outside it should resolve it to a public address.

I am using Red Hat Linux 7.2

Thanks and Regards
Murali

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: DNS for internal end external
  2003-07-02  6:32 DNS for internal end external Murali Potla
@ 2003-07-02  8:17 ` Daniel Eugenin M.
  2003-07-02  8:26 ` Jessie Bryan
                   ` (2 subsequent siblings)
  3 siblings, 0 replies; 7+ messages in thread
From: Daniel Eugenin M. @ 2003-07-02  8:17 UTC (permalink / raw)
  To: linux-admin

Hi,

This problem is to your clients, they've configurate the search
domain...
bind can have a internal domain to resolve your LAN IPs address.


El mi? 02-07-2003 a las 02:32, Murali Potla escribiÃ³:
> Hi, 
> 
> How do i configure bind so that when a request comes from our LAN,
> address should be resolved to local address and when the request is from
> outside it should resolve it to a public address.
> 
> 
> I am using Red Hat Linux 7.2
> 
> Thanks and Regards
> Murali

--
Daniel Eugenin M.

-
To unsubscribe from this list: send the line "unsubscribe linux-admin" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: DNS for internal end external
  2003-07-02  6:32 DNS for internal end external Murali Potla
  2003-07-02  8:17 ` Daniel Eugenin M.
@ 2003-07-02  8:26 ` Jessie Bryan
  2003-07-02 11:30   ` Murali Potla
  2003-07-02 15:40 ` Scott Taylor
  2003-07-02 17:17 ` terry white
  3 siblings, 1 reply; 7+ messages in thread
From: Jessie Bryan @ 2003-07-02  8:26 UTC (permalink / raw)
  To: linux-admin@vger.kernel.org

On Tue, 2 Jul 2003, Murali Potla wrote:

>
> Hi,
>
> How do i configure bind so that when a request comes from our LAN,
> address should be resolved to local address and when the request is from
> outside it should resolve it to a public address.

We do this in Bind 9 using "views"
In the below example the "LAN" are clients that belong to 192.168.0/24
and the "outside" is everything else.

example:

view "internal" {
    match-clients { 192.168.0/24; };
    recursion yes;
    zone "domain.com" {
        type master;
        file "domain.com-internal";
    };

};

view "external" {
    match-clients { 0.0.0.0/0; };
    recursion yes;
    zone "domain.com" {
        type master;
        file "domain.com-external";
    };
};

HTH

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: DNS for internal end external
  2003-07-02  8:26 ` Jessie Bryan
@ 2003-07-02 11:30   ` Murali Potla
  2003-07-03 15:35     ` Stephen Samuel
  0 siblings, 1 reply; 7+ messages in thread
From: Murali Potla @ 2003-07-02 11:30 UTC (permalink / raw)
  To: Murali Potla, Jessie Bryan; +Cc: linux-admin@vger.kernel.org

On Wed, 2003-07-02 at 13:56, Jessie Bryan wrote:
> On Tue, 2 Jul 2003, Murali Potla wrote:
> 
> >
> > Hi,
> >
> > How do i configure bind so that when a request comes from our LAN,
> > address should be resolved to local address and when the request is from
> > outside it should resolve it to a public address.
> 
> We do this in Bind 9 using "views"
> In the below example the "LAN" are clients that belong to 192.168.0/24
> and the "outside" is everything else.
> 
> example:
> 
> view "internal" {
>     match-clients { 192.168.0/24; };
>     recursion yes;
>     zone "domain.com" {
>         type master;
>         file "domain.com-internal";
>     };
> 
> };
> 
> view "external" {
>     match-clients { 0.0.0.0/0; };
>     recursion yes;
>     zone "domain.com" {
>         type master;
>         file "domain.com-external";
>     };
> };
> 
> HTH
> 

This is ok.
How can i use the same zone file for both internal and external 
clients ? Because here i need to maintain two files.

lets say for a domain.com i will have a zone file which will 
have both internal and external addresses. But when a query 
comes for abc.domain.com, it should be resolved to 192.168.1.10
if the request is from 192.168.1.5 and when a query comes for 
abc.domain.com from a public IP it should be resolved to the 
publicly addressable IP of abc.domain.com (lets say 
100.100.110.101). Is this setup possible with bind ?

Thanks 
Murali

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: DNS for internal end external
  2003-07-02  6:32 DNS for internal end external Murali Potla
  2003-07-02  8:17 ` Daniel Eugenin M.
  2003-07-02  8:26 ` Jessie Bryan
@ 2003-07-02 15:40 ` Scott Taylor
  2003-07-02 17:17 ` terry white
  3 siblings, 0 replies; 7+ messages in thread
From: Scott Taylor @ 2003-07-02 15:40 UTC (permalink / raw)
  To: linux-admin


Murali Potla said:

>
> Hi,
>
> How do i configure bind so that when a request comes from our LAN,
> address should be resolved to local address and when the request is
> from
> outside it should resolve it to a public address.

You will need two DNS servers: one listening on the LAN, and one on
the Internet, simple solution.  BIND 9 offers other configurations
allowing you to listen on multiple interfaces handling each
differently.

> I am using Red Hat Linux 7.2

That's good to know, but your question was about BIND.

Here is some very useful reading
http://tldp.org/HOWTO/DNS-HOWTO.html

> Thanks and Regards
> Murali
>
>
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-admin"
> in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
>


--
Scott
long .signature files are annoying

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: DNS for internal end external
  2003-07-02  6:32 DNS for internal end external Murali Potla
                   ` (2 preceding siblings ...)
  2003-07-02 15:40 ` Scott Taylor
@ 2003-07-02 17:17 ` terry white
  3 siblings, 0 replies; 7+ messages in thread
From: terry white @ 2003-07-02 17:17 UTC (permalink / raw)
  To: linux-admin

on "7-2-2003" "Murali Potla" writ:

: How do i configure bind so that when a request comes from our LAN,
: address should be resolved to local address and when the request is from
: outside it should resolve it to a public address.

... how about using 'etc/hosts' ...


-- 
... i'm a man, but i can change,
    if i have to , i guess ...


^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: DNS for internal end external
  2003-07-02 11:30   ` Murali Potla
@ 2003-07-03 15:35     ` Stephen Samuel
  0 siblings, 0 replies; 7+ messages in thread
From: Stephen Samuel @ 2003-07-03 15:35 UTC (permalink / raw)
  To: murali.potla; +Cc: Jessie Bryan, linux-admin@vger.kernel.org

It looks like the views would do what's wanted, but you will
have to have two files... one for internal one for external.

If what you want to do is avoid having two files for machines
which have the same address for both external and internal,
then you can actually have three files:

One file is for unique internal addresses
one file is for unique external addresses
One file is for machines which have the same address {ex,in}ternally.

The third file would be included from inside each of the first two.

If what you actually want is to have one file with addresses for
both internal and external, then you'll have to put together a
filter...

For this, I'm thinking of something like:

# hostname	internal	external
www	A	192.168.45.11	37.45.222.11
ftp	A	192.168.45.51	37.45.222.51
mail	MX`1	intmail		extmail
mail 	MX 3	.		remote.mx.com.
intservice A	192.168.45.51	/

A quick perl or aqk  script would do a good job of
Tturning this into two separate files.
(left as an exercise for the reader... or you can
pay me to do it..:-)

intonly.me.com	192.168.53.31	.

A quick awk or perl script would go from this to a real zone file.

Murali Potla wrote:
> On Wed, 2003-07-02 at 13:56, Jessie Bryan wrote:

> This is ok.
> How can i use the same zone file for both internal and external 
> clients ? Because here i need to maintain two files.
> 
> lets say for a domain.com i will have a zone file which will 
> have both internal and external addresses. But when a query 
> comes for abc.domain.com, it should be resolved to 192.168.1.10
> if the request is from 192.168.1.5 and when a query comes for 
> abc.domain.com from a public IP it should be resolved to the 
> publicly addressable IP of abc.domain.com (lets say 
> 100.100.110.101). Is this setup possible with bind ?

-- 
Stephen Samuel +1(604)876-0426                samuel@bcgreen.com
		   http://www.bcgreen.com/~samuel/
    Powerful committed communication. Transformation touching
        the jewel within each person and bring it to life.

^ permalink raw reply	[flat|nested] 7+ messages in thread

end of thread, other threads:[~2003-07-03 15:35 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-07-02  6:32 DNS for internal end external Murali Potla
2003-07-02  8:17 ` Daniel Eugenin M.
2003-07-02  8:26 ` Jessie Bryan
2003-07-02 11:30   ` Murali Potla
2003-07-03 15:35     ` Stephen Samuel
2003-07-02 15:40 ` Scott Taylor
2003-07-02 17:17 ` terry white

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).