LINUX.IE, website of the Irish Linux Users' Group
Tux rules!

   
Home
New Users
Articles
Download
Projects
Community
Vendors

  Print Version
Email to...
 
Archives:


planetILUG

Recent News

News Archive


Join the
ILUG
on FaceBook


Join the
ILUG
on LinkedIn


Join the
ILUG SETI
Group



















 
 :: Mailing Lists

[ILUG] DNS question

[ILUG] DNS question

Cathal Garvey lists at cgarvey.com
Fri Mar 5 12:09:19 GMT 2004 

Jason Corcoran wrote:
> 
> I got myself a broadband connection and have set up a smoothwall 2.0 
> firewall, with a Green Red and Orange(DMZ). Say I have a domain 
> (example.com) can I set the DNS servers for example.com to my smoothwall 
>  Red zone ip and have smoothwall redirect it to a server in my DMZ zone?
> if so is it just a matter of modifying the hosts file on the smooth wall 
> to include to DMZ ip ..
> 
> i.e.
> 192.168.1.1    example.com

If the DNS server is in your orange zone, then just add that to your
resolv.conf. (You may want to explicitly add your ISP's DNS here too,
though I think they'll be catered for on connect .. but not 100% sure on
SmoothWall's inners).

The DNS server (assuming BIND) can be set up to use "Views" which will
allow you to serve different IPs for internal queries and external
queries. So www.example.com if queried from outside would return the IP
address of your BB connection, or 192.168.1.1 if queried from your LAN.
Its also useful if you want each machine to have
internal_name.example.com which you probably don't want to make public
in your DNS config. Google/mail me for sample config.

> and do I just the allow port forwarding on the smoothwall to the above 
> ip for the services I want to use ??
Yupe just forward 53 UDP and TCP to the orange zone DNS server IP. Set
the NS records for example.com to have one point to your external IP.

> I think I am over simplifying how this is done. I have goggled and most 
> of the returns are for setting up dynamic dns.
Yup, you're right about that alright!!

So DNS on orange zone .. add the port forwarding for Red>Orange (and
Green>Orange if needed). Strictly speaking you don't need to change your
Smoothie's resolv.conf (unless your LAN clients use it as a DNS server).
Finally look at BIND Views, but that's optional.

.cg

More information about the ILUG mailing list
Read this without the formatting.
                                                                                                    

  

Hosted by HEAnet


 Maintained by the ILUG website team. The aim of Linux.ie is to support and help commercial and private users of Linux in Ireland. You can display ILUG news in your own webpages, read backend information to find out how. Networking services kindly provided by HEAnet, server kindly donated by Dell. Linux is a trademark of Linus Torvalds, used with permission. No penguins were harmed in the production or maintenance of this highly praised website. Looking for the Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
RSS Version
Powered by Dell