2 dns records for same server
dhottinger at harrisonburg.k12.va.us
Sun Aug 19 23:37:39 UTC 2012
My problem lies in the way my dns/dhcp is setup. My internal wan is
setup with each site in its own zone. I have an internal dns server (10.)
that is authoritive for its zones. When I add the internal ip of the
server in question to internal it works great. Comes back with correct ip
and webpages load. I need the box in question to also have an external ip.
SO Im natting its external public ip through my firewall. Add the server
to my external dns servers (which are authoritive to my external ip's),
resolve fine with external and internal. My hosts get the ip's of all 3
dns servers when they recieve dhcp information. Also, my internal dns
sends updates to my external. Some clients inside will connect fine
everytime to the right ip. Some try to connect to the public ip everytime.
My firewall doesnt know what to do with traffic coming from inside to the
ip that it is natting to an inside address.
Essentially what I need is for my inside clients to only see the 10. when
querying, and outsides to only see outside, not both. It was mentioned I
needed to look at views. I think that and a rework of my dns/dhcp in
general would solve the issue.
However, I do have a dmz setup for my public ip's. I essentially dodged
this issue by putting the server in the dmz and giving it the ip I was
trying to nat, and only have one dns entry.
I appreciate all the insite and nudging in the right direction that this
overworked sysadmin got from the list. As always very, very grateful.
On Sun, Aug 19, 2012 at 6:21 PM, Doug Barton <dougb at dougbarton.us> wrote:
> On 08/18/2012 05:49, Dwayne Hottinger wrote:
> > I need to have 2 seperate dns records for the same servername.
> You're focusing on what you think the solution should be. What I'd like
> to do is to look more closely at the problem.
> > My dns is setup with a dns server inside my network (serving the 10) and
> > 2 dns servers for my public ip's. My lan is setup that each of my
> > sites (schools) are in a different dns zone. What I want to happen is
> > the url or name of the server to be the same regardless of where the
> > user is either inside or outside my network.
> What do you mean when you say that the servers are "serving" either the
> 10 net, or the public addresses? Do you mean that they are
> authoritative-only name servers that have different views of the same
> zones? Or are they recursive?
> > So far I have tried setting up a seperate zone file for my internal dns
> > and adding the entry to my external like I normally do.
> I don't understand what you did here. Can you show the actual text you
> put in the files?
> Given that I'm not sure what you are trying to accomplish, take this
> suggestion with a grain of salt. But it sounds to me like you could
> solve your problem by making the resolving name server(s) for the
> internal network authoritative for the 10-net versions of your zones.
> That way you don't have to give the name server in question an A record
> in the 10-net at all.
> I am only one, but I am one. I cannot do everything, but I can do
> something. And I will not let what I cannot do interfere with what
> I can do.
> -- Edward Everett Hale, (1822 - 1909)
Harrisonburg City Public Schools
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the bind-users