Re: Overriding dns
http://wiki.debian.net/index.cgi?Firewalls
No, it isen't and it's one of your best options. You set bind up as if it
where the only dns server for that domain. You will also want to use the
forward option to enumerate the rest of the internet.
One problem you will run into is that client's can't have a backup DNS
server, unless you setup more than one internal DNS server. To combat
this and other [1]problems I allways run a DNS server/cache on every host.
For this dnsmasq is small, so it won't hurt your clients much) and easy
to setup.
1. GetHostBy""Ip"" is a blocking function call used by most
servers(telnet,ssh,smtp,pop3,imap,http,ect) that will BLOCK for 60 seconds
if your nameserver(s) are down. THIS IS NOT A BUG IT'S A GOOD DESIGN.
--- Pedro Corte-Real <typo@netcabo.pt> wrote:
> On Fri, 2004-07-09 at 15:25 -0700, Mike Mestnik wrote:
> > Ok, the server is in your house.? You can't get to it if your
> external
> > interface is down, there is no IP to dnat from.? This would be yet
> > another option/question to add to the DNAT FAQ.
> >
> > In this list there have been many disscusions on how to DNAT when it's
> not
> > needed, from A.Y to A.Z via X.1. Look for referances to dnsmasq or
> > /etc/hosts for a posibly better solution.
>
> It's simpler than that. I want to do something that has the same efect
> as sticking something like:
>
> 192.168.1.1 myexternal.dynamicdns.org
>
> in the /etc/hosts of every client that's inside my home network. I want
> to do that by having my bind internal dns server return that ip for that
> address. Is that hard to do?
>
> Pedro.
>
>
> ATTACHMENT part 2 application/pgp-signature name=signature.asc
__________________________________
Do you Yahoo!?
Yahoo! Mail - 50x more storage than other providers!
http://promotions.yahoo.com/new_mail
Reply to: