private network internals

[Kevin Darcy]

Bernd Prager wrote:

>I might embarrass myself by asking some trivial questions but I've been
>trying to search online for weeks now
>without finding a decent answer. Here I go:
>
>I'm using Linux Debian/kernel 2.6.8 and bind9 9.3.1 connected via DSL to
>the outside world.
>I have one static IP address and bind is currently used as "cache only"
>my provider's name servers.
>
I don't understand what you mean by that. If it is "cache only", then it 
should resolve Internet names from whatever nameservers host those 
names, rather than preferring or relying exclusively on your provider's 
nameservers. I suspect you have some forwarding defined in named.conf, 
in which case it's a forwarding configuration, not "cache only".

You're probably better off without forwarding, by the way, unless your 
provider blocks your ability to query Internet nameservers directly.

>All my internal boxes are running Windows provided with IP address and
>host-name via DHCP 2.0 .
>All internal boxes can properly resolve all external names. Now I have
>one problem and one question:
>
>The problem:
>- My internal computer can't resolve any internal addresses e.g. stored
>in /etc/hosts.
>
That's perfectly normal. DNS and /etc/hosts are separate sources of name 
information. If you want to continue to use /etc/hosts, then you'll have 
to develop/implement a way to distribute it to all of the machines that 
need it. Far better, in my opinion, to define a DNS domain and use that 
*instead* of /etc/hosts.

>  Is this how a pure DNS cache is supposed to work? How do I fix that?
>My question:
>- How do I get DHCP provided host names for my internal computers in
>DNS? I have no authority for my provider DNS
>
Define your own domain for internal use and then use the DDNS 
capabilities of your DHCP server (I assume DHCP 2.0 has DDNS 
capabilities). Or, if you have a relatively-small number of hosts and/or 
they don't move around too much, just define them statically, which is 
easier.

>  (and I don't want my internal boxes to be exposed). This is entirely
>for internal use only.
>I read about dynamic DDNS and assume that's the way to go.
>But I don't know how to mix read-only external zones with read-write
>internal zones.
>
Hmmm... You've said nothing up until this point about actually *hosting* 
DNS data to the Internet. Either use a completely separate domain on 
your internal network (e.g. foo.internal), or, if you insist on using 
the same domain internally and externally, you're going to have to do 
double maintenance for some of the entries, e.g. foo.example.com might 
need to be defined in both the internal and external versions of the 
example.com zone.

                                                                         
                                                - Kevin