Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 27 Mar 2001 14:48:22 +1000
From:      Murray Taylor <mtaylor@bytecraft.com.au>
To:        "'freebsd-net@freebsd.org'" <freebsd-net@freebsd.org>, "'freebsd-hackers@freebsd.org'" <freebsd-hackers@freebsd.org>
Subject:   DNS rules etc
Message-ID:  <710709BB8B02D311942E0060674418105442A8@MELEXC01>

next in thread | raw e-mail | index | archive | help
Help!!!!
I've got the frame relay working, and am waiting now for 
some network delegation stuff external to me to complete.
However I need to know if it is possible to use DNS
as detailed below to allow the host spyder be visible to the
Internet and our intranet, without polluting the nameservers.

Given


139.130.142.1  (Telstra end)
	|
	|
      |                  spyder
      | frame relay    +--------+
      | point to point |        |
      +----------------|ng0     |
        139.130.142.13 |        |
                       |        | 10.1.2.30
                       |    fxp0|---------------+
                       |        | 203.39.118.1  |
                       |FreeBSD |               |
                       |  4.3   |               |
                       +--------+               |
                                                |
                                                |
                                                |
           other 10.1.x.y hosts  ---------------+

10.1.x.y hosts area allocated addresses via DHCP from an NT server

Can I setup DNS rules (such as the commented out zones below)
so that hosts on the internal network can access spyder on
10.1.2.30, WITHOUT propagating 10. numbers out to the Internet
The two zones in question have their zone and reverse file at
the tail of this email

cheers
Murray Taylor
Project Engineer

Bytecraft P/L	+61 3 9587 2555
		+61 3 9587 1614 fax
		mtaylor@bytecraft.com.au

ps I will check the mail-list from home tonight, but
if there is a quick answer, please email directly also
mjt



== output of netstat -nr ======================================
Routing tables

Internet:
Destination        Gateway            Flags     Refs     Use     Netif
Expire
default            139.130.142.1      UGSc        7        0      ng0
10.0.0.2           10.0.0.1           UH          0        0     tun0
10.1/16            link#1             UC          0        0     fxp0 =>
10.1.2.3           0:0:f8:1e:ad:9e    UHLW        1       56     fxp0   1137
10.1.2.4           0:60:67:70:af:22   UHLW        0       91     fxp0    939
10.1.2.7           0:60:67:70:ac:4e   UHLW        0       75     fxp0   1142
10.1.2.30          0:50:8b:f1:de:df   UHLW        1   223687      lo0
10.1.2.46          0:10:a4:ff:b4:c6   UHLW        0        1     fxp0   1188
10.1.2.47          0:0:4c:33:d8:cd    UHLW        1       32     fxp0   1052
10.1.2.78          0:0:4c:ed:78:5e    UHLW        1      189     fxp0   1194
10.1.2.129         0:10:5a:81:b0:30   UHLW        1      136     fxp0   1037
10.1.255.255       ff:ff:ff:ff:ff:ff  UHLWb       2       60     fxp0
127.0.0.1          127.0.0.1          UH          1      495      lo0
139.130.142.1      139.130.142.13     UH          8      124      ng0
203.39.118/26      link#1             UC          0        0     fxp0 =>
203.39.118.1       0:50:8b:f1:de:df   UHLW        1    63909      lo0

== named.conf =================================================
//  bytecraft.au.com  etc
//  2001032701  mjt

options {
	directory "/etc/namedb";
};
// end of options


zone "bytecraft.au.com" in {
	type master;
	file "db.byte-au-com";
};

zone "bytecraftentertainment.com" in {
	type master;
	file "db.byteent-com";
};

zone "bytecraftsystems.com" in {
	type master;
	file "db.bytesys-com";
};

zone "118.39.203.in-addr.arpa" {
	type master;
	file "db.203.39.118";
};

// desired restricted zone
// dont allow outsiders to query it, or transfer it

//zone "2.1.10.in-addr.arpa" {
//	notify no;
//	type master;
//	file "db.10.1.2";
//	allow-query {
//		127.0.0.1/32; 10.1.0.0/16;
//	};
//	allow-transfer {
//		127.0.0.1/32; 10.1.0.0/16;
//	};
//};

//zone "byteinternal" in {
//	type master;
//	file "db.byteint";
//	allow-query {
//		127.0.0.1/32; 10.1.0.0/16;
//	};
//	allow-transfer {
//		127.0.0.1/32; 10.1.0.0/16;
//	};
//};



zone "." {
	type hint;
	file "named.root";
};

zone "0.0.127.IN-ADDR.ARPA" {
	type master;
	file "localhost.rev";
};

=== db.byte-au-com ================================================
$TTL  86400
bytecraft.au.com. IN SOA spyder.bytecraft.au.com.
root.spyder.bytecraft.au.com. (
	2001032701	; serial no
	10800		; refresh after 8 hours
	3600		; retry after 1 hour
	604800		; expire after 1 week
	86400 )		; minimum TTL of 1 day

; nameserver entry
bytecraft.au.com.		IN NS	spyder.bytecraft.au.com.
				IN NS	ns1.telstra.net.
; mail server entry
bytecraft.au.com.		IN	MX 5	mail.bytecraft.au.com.

; A records  -  Address mapping
localhost.bytecraft.com.au.	IN A	127.0.0.1
spyder.bytecraft.au.com.	IN A	203.39.118.1

; C records  -  Aliases
www.bytecraft.au.com.		IN CNAME	spyder.bytecraft.au.com.
entertainment.bytecraft.au.com.	IN CNAME 	spyder.bytecraft.au.com.
systems.bytecraft.au.com.	IN CNAME	spyder.bytecraft.au.com.
mail.bytecraft.au.com.		IN CNAME	spyder.bytecraft.au.com.

== db.byteent-com =================================================
$TTL  86400
bytecraftentertainment.com. IN SOA spyder.bytecraft.au.com.
root.spyder.bytecraft.au.com. (
	2001032701	; serial no
	10800		; refresh after 8 hours
	3600		; retry after 1 hour
	604800		; expire after 1 week
	86400 )		; minimum TTL of 1 day

; nameserver entry
bytecraftentertainment.com.	IN NS	spyder.bytecraft.au.com.
				IN NS	ns1.telstra.net.

; mail server entry
bytecraftentertainment.com.	IN MX 5	mail.bytecraft.au.com.

; A records  -  Address mapping
;www.bytecraftentertainment.com.	IN A	203.39.118.1

; C records  -  Aliases
www.bytecraftentertainment.com.  IN CNAME	spyder.bytecraft.au.com.

== db.bytesys-com =================================================
$TTL  86400
bytecraftsystems.com. IN SOA spyder.bytecraft.au.com.
root.spyder.bytecraft.au.com. (
	2001032701	; serial no
	10800		; refresh after 8 hours
	3600		; retry after 1 hour
	604800		; expire after 1 week
	86400 )		; minimum TTL of 1 day

; nameserver entry
bytecraftsystems.com.	IN NS	spyder.bytecraft.au.com.
			IN NS	ns1.telstra.net.

; mail server entry
bytecraftsystems.com.	IN	MX 5	mail.bytecraft.au.com.

; A records  -  Address mapping
;www.bytecraftsystems.com.	IN A	203.39.118.1

; C records  -  Aliases
www.bytecraftsystems.com.	IN CNAME	spyder.bytecraft.au.com.

== db.203.39.118 =================================================
$TTL 86400
118.39.203.in-addr.arpa. IN SOA spyder.bytecraft.au.com.
root.spyder.bytecraft.au.com. (
	2001032701	; serial no
	10800		; refresh after 8 hours
	3600		; retry after 1 hour
	604800		; expire after 1 week
	86400 )		; minimum TTL of 1 day

; nameservers
118.39.203.in-addr.arpa.		IN NS	spyder.bytecraft.au.com.

; address reverse mapping
1.118.39.203.in-addr.arpa.	IN PTR	spyder.bytecraft.au.com.

== localhost.rev =================================================
;	From: @(#)localhost.rev	5.1 (Berkeley) 6/30/90
; $FreeBSD: src/etc/namedb/PROTO.localhost.rev,v 1.6 2000/01/10 15:31:40
peter Exp $
;
; This file is automatically edited by the `make-localhost' script in
; the /etc/namedb directory.
;

$TTL	3600

@	IN	SOA	spyder.bytecraft.au.com.
root.spyder.bytecraft.au.com.  (
				20010223	; Serial
				3600	; Refresh
				900	; Retry
				3600000	; Expire
				3600 )	; Minimum
	IN	NS	spyder.bytecraft.au.com.
1	IN	PTR	localhost.bytecraft.au.com.

== db.10.1.2 ======= not called by named.conf ================
$TTL 86400
2.1.10.in-addr.arpa. IN SOA spyder.bytecraft.au.com.
root.spyder.bytecraft.au.com. (
	2001032102	; serial no
	10800		; refresh after 8 hours
	3600		; retry after 1 hour
	604800		; expire after 1 week
	86400 )		; minimum TTL of 1 day

; nameservers
2.1.10.in-addr.arpa.		IN NS	spyder.bytecraft.au.com.

; address reverse mapping
2.2.1.10.in-addr.arpa.		IN PTR  melcms01.bytecraft.au.com.
4.2.1.10.in-addr.arpa.		IN PTR  melcms02.bytecraft.au.com.
6.2.1.10.in-addr.arpa.		IN PTR  melcms03.bytecraft.au.com.
30.2.1.10.in-addr.arpa.		IN PTR	spyder.bytecraft.au.com.
32.2.1.10.in-addr.arpa.		IN PTR	grunt.bytecraft.au.com.
109.2.1.10.in-addr.arpa.	IN PTR  melcms04.bytecraft.au.com.
; there are a lot of others with DHCP addresses assigned
; ?????

== db.bytint ======= not called by named.conf ================
$TTL  86400
bytecraft.au.com. IN SOA spyder.bytecraft.au.com.
root.spyder.bytecraft.au.com. (
	2001032701	; serial no
	10800		; refresh after 8 hours
	3600		; retry after 1 hour
	604800		; expire after 1 week
	86400 )		; minimum TTL of 1 day

; nameserver entry
bytecraft.au.com.		IN NS	spyder.bytecraft.au.com.
				IN NS	ns1.telstra.net.
; mail server entry
bytecraft.au.com.		IN	MX 5	mail.bytecraft.au.com.

; A records  -  Address mapping
localhost.bytecraft.com.au.	IN A	127.0.0.1
spyder.bytecraft.au.com.	IN A	10.1.2.30
melcms01.bytecraft.au.com.	IN A	10.1.2.2
melcms02.bytecraft.au.com.	IN A	10.1.2.4
melcms03.bytecraft.au.com.	IN A	10.1.2.6
melcms04.bytecraft.au.com.	IN A	10.1.2.109
grunt.bytecraft.au.com.		IN A	10.1.2.32

; C records  -  Aliases
www.bytecraft.au.com.		IN CNAME	spyder.bytecraft.au.com.
entertainment.bytecraft.au.com.	IN CNAME 	spyder.bytecraft.au.com.
systems.bytecraft.au.com.	IN CNAME	spyder.bytecraft.au.com.
mail.bytecraft.au.com.		IN CNAME	spyder.bytecraft.au.com.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?710709BB8B02D311942E0060674418105442A8>