Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 11 Oct 2007 08:58:45 -0700
From:      "Michael K. Smith - Adhost" <mksmith@adhost.com>
To:        "Jeffrey Goldberg" <jeffrey@goldmark.org>, <freebsd-questions@freebsd.org>
Subject:   RE: Different DNS responses depending on query source
Message-ID:  <17838240D9A5544AAA5FF95F8D5203160297F1C4@ad-exh01.adhost.lan>
In-Reply-To: <82158399-7871-4582-984C-61BC2462543C@goldmark.org>
References:  <82158399-7871-4582-984C-61BC2462543C@goldmark.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
Hello Jeff:

> -----Original Message-----
> From: owner-freebsd-questions@freebsd.org [mailto:owner-freebsd-
> questions@freebsd.org] On Behalf Of Jeffrey Goldberg
> Sent: Thursday, October 11, 2007 8:55 AM
> To: freebsd-questions@freebsd.org
> Subject: Different DNS responses depending on query source
>=20
> The host that runs my internal DNS server is down for the count (I've
> already replaced the power supply on it once, and I don't feel like
> doing it again).  Although I had other uses planned for that machine,
> the only useful thing it was doing was DNS for a local net and DHCP,
> the latter I've moved to my firewall box (running m0n0wall).
>=20
> So, until I build a replacement machine, I'd like to run the DNS
> service on 6.2-RELENG machine on my DMZ.  However I have a conflict
> between providing IPs for the outside world to see, eg
>=20
>     n114.ewd.goldmark.org	172.64.118.114
>=20
> versus what I want when querying from the local network, eg,
>=20
>     n114.ewd.goldmark.org	10.1.10.131
>=20
> Also there are some internal names (eg, fluffy.ewd.goldmark.org)
> which shouldn't be advertised to the outside world at all.
>=20
> The obvious answer would be to run two instances of bind, listening
> on different IPs (possibly using jails).  But I don't have an IP
> address to spare on the DMZ.  So is there a way to have bind
> listening on the only interface and IP address the host can have give
> different answers depending on where the query comes from?
>=20
> Cheers,
>=20
> -j
>=20
>=20
>=20
> --
> Jeffrey Goldberg                        http://www.goldmark.org/jeff/
>=20

I think what you're looking for is Bind Views.  Check out:

http://www.isc.org/sw/bind/arm93/Bv9ARM.ch06.html#id2562349

Regards,

Mike

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?17838240D9A5544AAA5FF95F8D5203160297F1C4>