Name Resolution Problem

[Kevin Darcy]

Doug Peterson wrote:

> You'll want to either A) setup views in bind 9, and have everyone
> internally see a view with the private class address. or B) setup a
> different nameserver completely. One for Internal queries, one for
> external.
> Setting up Views in BIND 9 is the cleanest, and most kosher way...
> However, if for some reason you cannot use BIND 9, then create another
> nameserver, which will answer internal queries only.
>

Note that this wouldn't necessarily have to be a separate nameserver *box*; it's
possible to run multiple nameserver instances on the same box.


- Kevin

> On 28 Nov 2001 23:33:45 -0800, sky at gosoakyourhead.com (Sky) wrote:
>
> >
> >I'm not sure this is the correct area to post, but I tried in
> >firewalls and received a response related to dns, so I thought to try
> >here next.
> >
> >I recently moved my e-mail and web server to an external hosting
> >provider. I switched my internal domain to a .net since the external
> >side is now .org.
> >
> >The problem I am experiencing is with internal web servers with
> >external nat'd ip addresses.
> >
> >From the inside if I attempt to web browse to the .org of this address
> >it doesn't allow me. ping is able to resolve the address correctly.
> >
> >If I do a traceroute the request stops at the gateway router.
> >
> >A guy on the firewall group told me that the firewall is doing its job
> >correctly because if it were to allow this to happen it could be
> >tricked into accepting spoofed network packets. Additionally he told
> >me that I should add the entry into my internal named server or hosts
> >file with the "real" ip address. doing so has no effect.
> >
> >I attempted to upgrade to bind9 and create a brand new environment but
> >to no avail.
> >
> >Anyone have any ideas on this?
> >
> >Thanks
>
> --
> Doug Peterson - remove .net from email
> Jedi Administrator - www.liveworld.com
> I feel a strong disturbance in the for.. /*Segmentation Fault*/ (core dumped)