[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[no subject]
- <!--x-content-type: text/plain -->
- <!--x-date: Thu Nov 18 14:03:26 2004 -->
- <!--x-from-r13: xrivabfgbyy ng lnubb.pbz (Yriva A'@rvyy Egbyy) -->
- <!--x-message-id: [email protected] -->
- <!--x-reference: [email protected] --> "http://www.w3.org/TR/html4/loose.dtd">
- <!--x-subject: [ale] DNS Questions -->
- <li><em>date</em>: Thu Nov 18 14:03:26 2004</li>
- <li><em>from</em>: kevinostoll at yahoo.com (Kevin O'Neill Stoll)</li>
- <li><em>in-reply-to</em>: <<a href="msg00797.html">[email protected]</a>></li>
- <li><em>subject</em>: [ale] DNS Questions</li>
<a rel="nofollow" href="http://www.etherboy.com/dns/chrootdns.html";>http://www.etherboy.com/dns/chrootdns.html</a>
<a rel="nofollow" href="http://tldp.org/HOWTO/DNS-HOWTO-10.html";>http://tldp.org/HOWTO/DNS-HOWTO-10.html</a> - bottom of the
page, is where I found the link.
HTH
--- "Cordell, Ron" <ron.cordell at sipstorm.com> wrote:
> Jerald,
>
> Can you recommend a source for learning more about
> configuring a split
> DNS and other issues like that?
>
> Thanks for the response -
>
> -ronc
>
> -----Original Message-----
> From: ale-bounces at ale.org [<a rel="nofollow" href="mailto:ale-bounces";>mailto:ale-bounces</a> at ale.org] On
> Behalf Of
> Jerald Sheets
> Sent: Thursday, November 18, 2004 9:44 AM
> To: 'Atlanta Linux Enthusiasts'
> Subject: RE: [ale] DNS Questions
>
> You may already be in luck.
>
> FC2 came with BIND in a chroot jail already
> preconfigured. I haven't
> looked, but I think FC3 has followed suit.
>
> What you're probably looking for is what is called a
> "split DNS"
> configuration where your DMZ DNS server(s) are outward
> resolving/looking, and your internal is inward only.
>
> Having said that, keep in mind that you can still refer
> to www.blah.com
> from inside your private network, and if configured
> correctly, your
> router will route to the appropriate box, regardless of
> private
> interface.
>
> I have a nat box doing translation to my internal systems
> (all of which
> have private IP's), but I refer to them all by their
> public names. The
> NAT box sends my requests to the appropriate internal
> machines. I just
> keep up with their public IP designations on the DNS
> boxes (2) and
> everything works without having to fiddle with the
> private IP space.
>
> --Jerald
>
>
> > -----Original Message-----
> > From: ale-bounces at ale.org [<a rel="nofollow" href="mailto:ale-bounces";>mailto:ale-bounces</a> at ale.org]
> On Behalf Of
> > Cordell, Ron
> > Sent: Thursday, November 18, 2004 9:32 AM
> > To: ale at ale.org
> > Subject: [ale] DNS Questions
> >
> > Hi everyone,
> >
> > I'm new to the list, but not necessarily to the group
> :)
> >
> > I have a couple of DNS questions I was hoping people
> could help me out
>
> > with.
> >
> > The first question is network topology and where to
> deploy DNS
> > servers.
> > Let's say I have a segmented network, with a DMZ in
> front of a
> > firewall, and then two or three separate networks
> behind the firewall.
>
> > I need to set up DNS so that all these servers can
> resolve their
> > private, "internal" names, but also so that the
> machines in the DMZ
> > can use the DNS. Seems like I need a DNS
> primary/secondary pair in the
>
> > DMZ, and also another DNS in each network segment
> behind the firewall.
>
> > Can anyone steer me to a good place to get a good
> understanding of how
>
> > I should set this sort of thing up?
> >
> > The second questions is about how to secure bind. We
> are using Fedora
> > Core 3. I've been reading that bind should be in a
> chroot jail. This
> > sounds like a pretty good practice. What other
> suggestions do people
> > have for securing bind?
> >
> > Thanks in advance for pointing me in the right
> direction.
> >
> > Ron Cordell
> >
> >
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > <a rel="nofollow" href="http://www.ale.org/mailman/listinfo/ale";>http://www.ale.org/mailman/listinfo/ale</a>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> <a rel="nofollow" href="http://www.ale.org/mailman/listinfo/ale";>http://www.ale.org/mailman/listinfo/ale</a>
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> <a rel="nofollow" href="http://www.ale.org/mailman/listinfo/ale";>http://www.ale.org/mailman/listinfo/ale</a>
>
=====
Kevin Stoll
<a rel="nofollow" href="http://kevinstoll.com/";>http://kevinstoll.com/</a>
OpenSource Software...FREE!
Angering Bill Gates...priceless.
============================================================
__________________________________
Do you Yahoo!?
The all-new My Yahoo! - Get yours free!
<a rel="nofollow" href="http://my.yahoo.com";>http://my.yahoo.com</a>
</pre>
<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->
<hr>
<ul><li><strong>Follow-Ups</strong>:
<ul>
<li><strong><a name="00819" href="msg00819.html">[ale] DNS Questions</a></strong>
<ul><li><em>From:</em> kaboom at gatech.edu (Chris Ricker)</li></ul></li>
</ul></li></ul>
<!--X-Follow-Ups-End-->
<!--X-References-->
<ul><li><strong>References</strong>:
<ul>
<li><strong><a name="00797" href="msg00797.html">[ale] DNS Questions</a></strong>
<ul><li><em>From:</em> ron.cordell at sipstorm.com (Cordell, Ron)</li></ul></li>
</ul></li></ul>
<!--X-References-End-->
<!--X-BotPNI-->
<ul>
<li>Prev by Date:
<strong><a href="msg00815.html">[ale] Hoping someone can offer some advice</a></strong>
</li>
<li>Next by Date:
<strong><a href="msg00817.html">[ale] kppp & smartlink soft modem</a></strong>
</li>
<li>Previous by thread:
<strong><a href="msg00800.html">[ale] DNS Questions</a></strong>
</li>
<li>Next by thread:
<strong><a href="msg00819.html">[ale] DNS Questions</a></strong>
</li>
<li>Index(es):
<ul>
<li><a href="maillist.html#00816"><strong>Date</strong></a></li>
<li><a href="threads.html#00816"><strong>Thread</strong></a></li>
</ul>
</li>
</ul>
<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->
</body>
</html>