Internal & external DNS setup with firewall
Tang Ho Yim
tanghoyim at yahoo.com
Fri Sep 3 11:29:48 UTC 2004
Hi,
First of all, here is the network configuration:
Internet ------------------ [real IP] packet filter firewall / NAT [10.0.0.1/8] -------------- internal
I have 1 real IP with internet domain name eg.com. And the external DNS hold by ISP.
Internal DNS in the local host with the domain name eg.com, same as the internet one.
Internal DNS is set to forward all internet query to external DNS which hold by ISP.
All host include firewall, the default nameserver is point to internal DNS.
Of course, firewall will let DNS traffic pass.
My question is :
When I sitting at the firewall host, ping firewall, it will return 10.0.0.1. It seem ok since the default nameserver is internal DNS. If I set the nameserver to external DNS, ping firewall will return "real IP". But I can't ping the local network anymore.
So, which one should I set ?
Should I need the different domain name between external & internal ?
Can I nslookup firewall that will give two IP result ?
Did the local DNS need the root.cache file ?
Anyone can suggest a better solution ?
Thanks !
---------------------------------
Do you Yahoo!?
Yahoo! Mail - 50x more storage than other providers!
More information about the bind-users
mailing list