[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: iptables problem getting url's hosted inside

It's so varey easy to avoid in the first place.  There are bandwith and
CPU considerations for your router, note your *customers* will compete for
these resources.

Any type of DNS server hosted internaly that will correctly resolv
www.domain.com to it's internal IP.  In nat type setups it's proper to
have you router run a DNS cache for all it's clients.  Dnsmasq is
perticularly suted to this task including a build in DHCP server that will
correctly resolv DNS names based on DHCP data.

--- hanasaki <hanasaki@hanaden.com> wrote:
> What are the best reasons not to do this?  And, how do I give internal 
> users the ability to hit the web site with www.domain.com in the same 
> way that external users can.
> thanks
> Mike Mestnik wrote:
> > There are many reasons why you should not do this!  Setting up DNS is
> as
> > easy as nsmasq or running a full DNS server.  Posibly on another(your
> > server) system.
> > 
> > If you still have no clue, adding the dnat rule to the internal
> > interface(checking for the external IP) will do.
> > 
> > --- hanasaki <hanasaki@hanaden.com> wrote:
> > 
> >>I have a box hosted inside the firewall.  The firewall is passing 
> >>external traffic to it fine.  When an internal box tries to hit the 
> >>external ip, that should loop back inside, connections fail.  External
> >>sites can be loaded fine.
> >>
> >>What can cause this and how can it be resolved?
> >>
> >>thanks
> >>
> > 

Do you Yahoo!?
SBC Yahoo! - Internet access at a great low price.

Reply to: