(no subject)
yomler.biz at m6net.fr
yomler.biz at m6net.fr
Tue Jun 19 07:40:54 UTC 2001
Hello all,
I have a internal DNS and an external DNS in a DMZ. Our policy is to only allow forward request from internal to external : there is no traffic comming from the DMZ into the internal LAN.
However, I am using proxy for every protocol (ftp, http, smtp, ...) which demand reverse lookups. All reverse lookup fail because of our policy.
On the best, the failed reverse lookup are cache for 3H (negative TTL), but every 3H, automatic robot or supervising tools send trap every 3H to tell us a service is down.
What can I do on the external DNS (bind 8.2.x) to fool the proxies in order to allow the proxies to succed the reverse lookup.
1) I can not disable the reverse lookup on all the proxies
2) I do not really want to maintain host files on the proxies.
3) I do not want to allow incoming traffic in the LAN from the DMZ
4) Is there any bind directive to fool the whole 10.* reverse lookup ?
Thanks.
------------------------
Gagnez jusqu'à 3 millions de francs en jouant au JEU DE LA BOURSE
sur http://www.jeudelabourse.com
More information about the bind-users
mailing list