Public IPs and nameservers on firewall

Joseph S D Yao jsdy at
Mon Nov 8 18:22:16 UTC 1999

> Barry Margolin wrote:
> > In article <382345C5.D7A372FB at>,
> > G. Roderick Singleton <gsingleton at> wrote:
> > >I have a situation where I have a firewall host that is a slave
> > >to my off-site nameserver.  For this one machine everything works
> > >like a charm. However, I'd like to include my hosts that use
> > >a public IP ( as part of the scenario. (i.e. I'm lazy and
> > >don't want to make internal roots et cetera for 5 hosts)
> > 
> > 192.168.x.x is private IP's, not public.
> I am trying another solution. I have entered all my PRIVATE addresses in
> my host file on my slave.  This appears to work so
> I shall leave it before trying Barry's subdomain idea. My system is
> SS20, Solaris 2.6(patched current) and the PCs seem happy.
> WRT, the first suggestion, I don't have access to the remote zone
> files and my hostmaster and I have decided that doing things locally is
> best for all.  Thanks as it is certainly a solution.

I thought you said you were lazy?  You have created more work for
yourself, if you are talking about your name server's zone file for the
enslaved domain.  Every time the zone updates, your work will be wiped
out and you must re-create it.

The hosts should be in a subdomain, anyway.

If you are talking about the /etc/hosts file, then only the server
itself sees that.  Unless there is a big bug in your version of BIND,
this information never gets sent out by the name server!

Joe Yao				jsdy at - Joseph S. D. Yao
COSPO/OSIS Computer Support					EMT-B
      This message is not an official statement of COSPO policies.

More information about the bind-users mailing list