Newbie ... Firewall ... Bind ... RedHat

Marc.Thach at radianz.com Marc.Thach at radianz.com
Mon Nov 19 14:56:58 UTC 2001



Hi triple
Why do you want to use NAT at all?  With a /29 network at your disposal,
you will only need to do this if you wish to have more than five hosts.
Marc TXK



                                                                                                                          
                    <triplecrownthreat at sbcg                                                                               
                    lobal.net>                     To:     comp-protocols-dns-bind at moderators.isc.org                     
                    Sent by:                       cc:                                                                    
                    bind-users-bounce at isc.o        Subject:     Newbie ... Firewall ... Bind ... RedHat                   
                    rg                                                                                                    
                                                                                                                          
                                                                                                                          
                    17/11/2001 20:00                                                                                      
                                                                                                                          
                                                                                                                          




Hello all,

Here is my current setup:

5 static assigned IP addresses from my ADSL provider (ex. 73.184.111.114 -
118 ... 255.255.255.248 subnet).

I have a linksys 8 port switch/hub/router acting as a firewall ... it is
assigned the first ip 73.184.111.114.  It is capable of port based
protocol(tcp/udp specific) forwarding.  I plan on forwarding port 53 to my
internal dns servers ip address.

All my internal addresses are in the range 10.10.10.114 and up

My RedHat box (dreams of one day being a dns server) has 2 nic's. eth0 is
assigned 10.10.10.115  ... eth1 is not active at the moment.

My question is ..
When I begin editing the forward, reverse, etc files ... will I be using
10.10.10.in-addr.arpa or 114.111.184.in-addr.arpa for the ip's ??

If I use the external IP's then my box will basically not communicate with
anyone internally right?.. because it will think itself to be on a
different
network?

I dont want to put my box on the public side of the firewall, so I imagine
I
will be using the 10. convention... but will outside dns servers be able to
resolve name queries to my box.

I have the DNS and BIND book.. and have been particularly focusing on Chap
11.. the section dealing with BIND behind a firewall.

Is there something else I should be looking into before I start going full
steam ahead?? NAT?..

thank you..

if i am too vague in my questions/descriptions please let me know.











More information about the bind-users mailing list