Date: Mon, 18 Mar 96 12:28 MET From: me@tartufo.muc.ditec.de (Michael Elbel) To: peter@taronga.com Cc: hackers@freebsd.org Subject: Re: An ISP's Wishlist... Message-ID: <m0tyd6f-000Pa6C@tartufo.muc.ditec.de> References: <199602192116.WAA20624@keltia.freenix.fr> <199603140812.CAA03540@bonkers.taronga.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In lists.freebsd.hackers you write: >Michael Elbel <me@tartufo.muc.ditec.de> wrote: >>The bastion is special in that it needs to know about *both* the inside [...] >>as well as the rest of the world, [...] You cannot use the external >>server or you wouldn't know about the internal part [...]. Nor >>can you use the internal server, because it knows zilch about the rest >>of the world [...]. >I have no problem with this. >I have the inside namesrver with all of named.ca/named.root commented out. >I have the outside name server. >I have resolv.conf on the firewall look at the inside nameserver then the >outside nameserver. >Is this not supposed to work? >Because it does. Of course it does work, the extra NS query probably doesn't cost much. It only has one drawback - I can't put my beloved wildcard MX-records, pointing to the mail gateway, on the internal server. I'd again have to reconfigure every single inside mail installation to forward mail not inside our internal domain to the mail gateway (how do you do this under UCX anyways?), spending even more time on the phone answering people's questions who have newly set up their machine than I now :( Michael -- Michael Elbel, DITEC, Muenchen, Germany - me@muc.ditec.de Fermentation fault (coors dumped)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?m0tyd6f-000Pa6C>