Name Resolving WAN and LAN and Firewall Box

Kevin Darcy kcd at daimlerchrysler.com
Tue Oct 16 01:12:20 UTC 2001


This is exactly the kind of thing that BIND 9's "view" mechanism was
created for. Check out the documentation. Be aware, though, that you'll
have to maintain separate zonefiles for the "internal" versus
"external" views. But you may be able to ameliorate the maintenance
burden somewhat by using an $INCLUDE file for the entries which are
shared by both views.


- Kevin

andreas at netfuel.com wrote:

> Problem: We need to resolve for the same hostname different
> IP addresses, depending if queried from within the LAN or
> from outside.
>
> Details:
>
> We have a small LAN with mostly Laptops and a few work stations.
>
> We use a SOHO firewall box with NAT.  Our DHCP server is Windows
> 2000 and so is the intranet LAN name server.
>
> Our domain server is a linux box (NS1.NETFUEL.ORG).
>
> We have users working part time from home.
>
> I would like to achieve that users from outside as well as
> from inside the LAN can use the same URL for our project
> web servers.  If someone sends an email with an URL to one
> of our project servers, that regardless if the receiver of the
> email is withing the LAN or at home, the same URL should be
> resolved to the correct IP address (either 192.168.111.xsx or
> 64.172.3.xxx).
>
> So far I cannot solve this problem.  I entered in the official
> DNS server multiple entries for hosts, one with the 64. and one
> with the 192. address.  Strangely, that works for some addresses
> but not for all.  I thought it is a problem of which address
> is listed first, but having the 64. listed first and then the
> 192. did not solve the problem once the address was queried
> from outside the LAN.
>
> For some strange reasons ping returns a different IP than
> nslookup.  But unfortunately our browsers seem to retrieve the
> IP addresses in the same way as ping and not as nslookup, which
> contacts within the LAN correctly the W2K server.
>
> I have no idea how to solve this problem and would be happy
> if someone could point me to a solution.
>
> Thanks in advance.
>
> Andreas





More information about the bind-users mailing list