Primary DNS with private IP?

Mark Damrose mdamrose at elgin.cc.il.us
Wed Sep 4 16:50:45 UTC 2002


"Elmar Hoenig" <the.guardian at gmx.net> wrote in message
news:al5c81$aqv8$1 at isrv4.isc.org...
>
> Hi,
>
> is it possible to set up a primary DNS Server behind a firewall in a
> DMZ, where I don't have official IP addresses but only a private
> address like 172.16.10.1/24?

Of course.

>
> I will be using Linux with Bind9.
>
> Please, let us not discuss about sense or nonsense of this solution; I
> know it is not nice.

Whether or not it makes sense or is "nice" depends on what you plan to do
with it.

If it's a recursive server reachable only by your own clients, there is no
problem.

If if is an authoritative server - use NAT, publish the public IP, and make
sure there are no private IPs in any zones which can be resolved from the
public Internet.

>
> Thankx, Elmar..
>




More information about the bind-users mailing list