* Ramon Acedo (ramon.acedo@upcnet.es) [020210 14:43]: > I just want that when someone try to access to host1.mydomain.net from the > internet my firewall (and dns server) > forward the request to host1.local which has the private ip 192.168.1.20. I've thought about this problem, but I don't think there's a clean solution for it on a general case. You may be able to get this working for specific services (like www, for instance) by using virtual hosting and proxying. The reason I don't think it will work in the general case is really caching. To make that clearer, let me explain how I thought the solution would have to be set up: All of the names would have to resolve to the external address. The nameserver would have to pay attention to who looked up what names and make sure that the kernel could recognize incoming connections from those folks as RELATED and DNAT them to the internal hosts. The reasons I don't think it will work: generally, a client will ask a nearby nameserver to resolve a name instead of doing it itself. This means that the initial request to your nameserver will come from the client's nameserver, not the client itself. Furthermore, this result could get cached so that other clients would never be seen by your nameserver. Also, you probably (hopefully) have secondary nameservers, so they'd have to somehow forward the information to your primary host. I think you'll see once you start to think about it some more that this way just really will not work. (Or maybe I've entirely misunderstood your question ;) Let me know if you come up with anything useful. If you decide to scope it down and want help with just an apache setup, I'm sure you can get help on the list. good times, Vineet -- Currently seeking opportunities in the SF Bay Area Please see http://www.doorstop.net/resume/ -- Satan laughs when we kill each other. Peace is the only way.
Attachment:
pgpxViiWliS3E.pgp
Description: PGP signature