Delegating to a zone not Internet connected
phn at icke-reklam.ipsec.nu
phn at icke-reklam.ipsec.nu
Wed Nov 6 12:13:18 UTC 2002
Marco Masotti <masotti at mclink.it> wrote:
> Hello,
> I'm joining two independent and separate network structures, one of
> which is the Internet.
> Of course, the private network has its own naming scheme and routing.
> Such private network is connected to the Internet using Nat.
> My goal is to allow a client host, which is a Win2k Pc inside the
> private newtork structure, to query a managed, granular name server
> process, placed at a public external IP. Such name server would resolve
> all the public Internet names, plus a give set of private ones, in the
> form of delegation.
Sound to me that you describe the 'view' feature of bind-9
> In fact, these additional private names would be inside a zone which
> would be delegated by the name server in question.
> That delegated zone would be configured by the usual relevant
> authoritative NS rr, but the IP of such NS would be not Internet
> contactable, although actually public and IANA registered: this is the
> assumption.
Maybe you would be better off with a separate nameserver on the inside
of NAT holding all the private domains, forwarding to the outer one
when an Internet name is queried for.
> Best regards
> Marco M.
--
Peter Håkanson
IPSec Sverige ( At Gothenburg Riverside )
Sorry about my e-mail address, but i'm trying to keep spam out,
remove "icke-reklam" if you feel for mailing me. Thanx.
More information about the bind-users
mailing list