problem with notifies to secondary when both servers have internal IPs
Mark Andrews
Mark_Andrews at isc.org
Thu Sep 18 00:27:30 UTC 2008
In message <262d94fe0809171111h7378ff09ncf250db97ee98bd8 at mail.gmail.com>, "Mich
ael Varre" writes:
> I used to have my servers setup with views to handle internal queries and
> external queries respectively. I've since gotten rid of the internal view,
> and setup to new internal ONLY bind server that works beautifually and
> answers only to internal devices. no public access is available to this
> server and it primarily answers with private 172/192 addresses.
> All my servers are benind a firewall and are accessed from the outside using
> static nat routes. so the public IP is on the FW, and all servers,
> including all bind servers have 172 addresses.
>
> I'm now trying to button up my new ns1/ns2 bind servers that will be
> answering queries from the outside world. answers from this box will be
> public IPs, not the 172/192's.
>
> My problem is, because my nameserver name resolves to one ip from the
> outside (public ip), and another ip from the inside (private ip), how am i
> supposed to get notifies working as it is attempting to use the resolved
> name it already hosts....and in the case of the ns1/ns2 for public use, it
> resolves to the public address, for which it of course cannot communicate
> with because they are each on the same private lan.
>
> I hope i explained this in a way that everyone can understand.
>
> Thanks!
Use a NAT box that handles this situation and just use the
external addesses. This is one of the reasons NAT is evil
as there is no standard so none of the corner cases are
written down so that everyone handles them.
Use also-notify.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users
mailing list