Host-level forwarding override

Barry Margolin barmar at
Sat Oct 14 01:29:26 UTC 2006

In article <ego7h4$21tt$1 at>,
 Jan Ceuleers <janspam.ceuleers at> wrote:

> First of all, I apologise if this is a FAQ. I have googled, 
> google-grouped and read the ISC BIND FAQ before coming here.
> I work for a company (let's say that it's called foo) and have a 
> foo-issued and managed laptop. What I'd like to be able to do is connect 
> this laptop either directly to the company network, or to the internet, 
> or to the company VPN, without changing its configuration. (Note that 
> none of this is contrary to company policy).
> The specific problem that I have is that both the browser's proxy 
> servers and the VPN servers are in zone foo.tld. However, since the 
> proxy servers are on the intranet they are not resolvable from the Internet.
> I had begun tackling this problem by creating a master zone on my home 
> DNS server for foo.tld, containing only the proxy servers (and in fact 
> with the same IP addresses as on the intranet; I simply configured my 
> firewall to reroute traffic to my own proxy server). The problem is that 
> with this setup my DNS server authoritatively states that the VPN 
> servers (or any other addresses in foo.tld) don't exist.

Create a master zone for instead of foo.tld.

Barry Margolin, barmar at
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***

More information about the bind-users mailing list