Moving DNS behind NAT
Daniel Ström
daniel at shift.se
Mon May 15 21:02:04 UTC 2006
On May 15, 2006, at 4:38 PM, tsar.peter at gmail.com wrote:
> Depends on who is asking your nameservers
External clients, nothing is coming from the LAN.
> If the clients are withing 1918 address space you should change
> A records to the real 1918-adresses.
>
> If the clients are on Internet and accessing Internet stuff you should
> use the real addresses.
I belive this is the case, no lookups will be done from the LAN.
> If the clients are on Internet and accesses resources behind your
> NAT (
> 1918 adresses) you should use the Internet-visible address.
>
> If you combine these you should need to implement views.
Since i dont have any LAN-clients this is not nescessary, right?
> Also there is a number of issues where NAT is problematic for
> DNS-traffic, the best location for bind is probably on your NAT-box.
My NAT-box in this case is a firewall/router Linksys RV082.
More information about the bind-users
mailing list