Internal DNS (was Re: W2k Question)

sjhiller-nflug at fireswamp.net sjhiller-nflug at fireswamp.net
Fri Dec 13 13:51:14 EST 2002 

I first sent this message a few hours ago but didn't see it come across the list. It came from a username that wasn't subscribed to this list, though, and I suspect that's the problem. You have my apologies if this is a duplicate.


I faced and resolved a similar issue on my own private network last
week.       
                                                                                
The problem was that from my internal network any connection made to a
host within within the private network referenced by it's FQDN would end
up connecting to the router rather than the private ip on the host in
question. 

My solution was relatively simple. I used the dnscache component of
djbdns (http://cr.yp.to/djbdns.html) to set up a local DNS cache (that's
a good idea anyway). Then I set up tinydns (another part of djbdns) to
handle fireswamp.net and 12.7.16.172.in-addr.arpa  (for reverse dns of
my private ip's). Told dnscache to reference tinydns for lookups of
those two domains, and it uses real dns servers for everything else.                                          
This kind of setup is sometimes referred to as 'split horizon' dns. It's 
worked out well for me so far and wasn't too hard to set up.                          
A good walkthrough for setting this up is at:                                   
http://homepages.tesco.net/~J.deBoynePollard/FGA/dns-split-horizon.html        
                                                                                
Hope that helps some of you.                                                    
                                                                                
Stan             

On Fri, Dec 13, 2002 at 10:29:36AM -0500, Justin Bennett wrote:
> I mentioned that he could do setup a DNS server on his internal network,
> the prob is he's have to host ods.org internally. If he did that, he'd run
> into greif if he wanted to visit other ods.org clients.
> 
> 
> John R. Ghidiu said:
> > because of the way the linksys is built, i dont think that you can get
> > away from the problem your friend is having (any internal computer, when
> > pointed to the router at port 80 HAS to get the config, otherwise, you
> > wouldnt be able to config the router). you should be able to just put an
> > entry in lmhosts:
> >
> > 192.168.120.40	HOSTNAME
> >
> > lmhosts does not (AFAIK) use FQN (fully qualified name) for its hosts -
> > it is more for hosts on the local network. i think that what your friend
> > really wants is an internal DNS server. that would be an overkill,
> > though.
> >
> > john
> >
> > On Fri, 13 Dec 2002, Justin Bennett wrote:
> >
> >> As usual, I can use a little pointing in the right direction for a w2k
> >> issue. My friend is running a netgear router on adelphia powerlink,
> >> your not supposed to host anything on powerlink, with that said, he
> >> wants to access port 80 on an internal linux box from outside. He has
> >> the port redirected and he can hit it fine from the outside. When he
> >> goes to connect from his w2k PC in his home network behind his router,
> >> dns lookup for his ods.org hostname gives him his 24.x.x.x adelphia
> >> address, and tries to connect to that, he winds up getting the login
> >> on the router admin page. Not his port 80 on his linux box. He can't
> >> seem to configure the router to allow this to pass through or turn off
> >> the web admin. I have a linux firewall, not a router, I have it
> >> allowing me to loop back in, so it works for me, he can't seem to get
> >> it to work with his router. What I suggested is to setup a host entry
> >> on the w2k client for his ODS.ORG hostname to his internal
> >> 192.168.120.40 address. Finally my question, I'm looking at his
> >> lmhosts file, how would I add an entry for: hostname.ods.org
> >> 192.168.120.40
> >>
> >> or would I do it in a different file?
> >>
> >> Thanks
> >> Justin
> >>
> >> --
> >> -------------------------------------------
> >> Justin Bennett
> >> Red Hat (Linux) Certified Engineer
> >> Network Administrator
> >> Dynabrade Inc.
> >> 8989 Sheridan Dr
> >> Clarence, NY 14031
> >> 716-631-0100 ext 215
> >>
> >>
> >>
> >
> > ----------------------------
> > John R. Ghidiu
> > john at rmdashrf.org
> >
> > "Just don't create a file called -rf. :-)"
> >   - Larry Wall in <11393 at jpl-devvax.JPL.NASA.GOV>
> >
> >
> >
> > --
> > This message has been scanned for viruses and
> > dangerous content by Dynabrade using Mailscanner,
> > and is believed to be clean.
> 
> 
> -- 
> -------------------------------------------
> Justin Bennett
> Red Hat (Linux) Certified Engineer
> Network Administrator
> Dynabrade Inc.
> 8989 Sheridan Dr
> Clarence, NY 14031
> 716-631-0100 ext 215
> 
>

More information about the nflug mailing list