From owner-freebsd-questions@FreeBSD.ORG Thu Jun 26 23:32:05 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8B54737B401 for ; Thu, 26 Jun 2003 23:32:05 -0700 (PDT) Received: from phoenix.gargantuan.com (rrcs-se-24-73-171-238.biz.rr.com [24.73.171.238]) by mx1.FreeBSD.org (Postfix) with ESMTP id C17F143FE9 for ; Thu, 26 Jun 2003 23:32:04 -0700 (PDT) (envelope-from michael@gargantuan.com) Received: from cyclops.gargantuan.com (cyclops.gargantuan.com [3ffe:c00:8034:a00::300]) by phoenix.gargantuan.com (Postfix) with ESMTP id F40A319B; Fri, 27 Jun 2003 02:32:03 -0400 (EDT) From: "Michael W. Oliver" To: Alfonso Romero , freebsd-questions Date: Fri, 27 Jun 2003 02:32:02 -0400 User-Agent: KMail/1.5.2 References: <00c101c3353c$4ecbe100$0100a8c0@ibacsoft.dynu.com> <3EFAAE2C.1000509@attbi.com> <00e801c33c07$3e920360$0100a8c0@ibacsoft.dynu.com> In-Reply-To: <00e801c33c07$3e920360$0100a8c0@ibacsoft.dynu.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Message-Id: <200306270232.02830.michael@gargantuan.com> Subject: Re: Two DNS servers with one IP address X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: michael@gargantuan.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Jun 2003 06:32:05 -0000 +--- On Thursday, June 26, 2003 13:20, | Alfonso Romero proclaimed: | | Thanks for your reply. The reason I wanted to have two DNS servers is | because I want to register several domains and don=B4t want to depend on = an | external DNS service, but I found out the two DNS servers required by | Internic must be physically separated also, so I=B4ll have to ask someone | else to host my secondary DNS server, or stick with the available DNS | options. I just wondered if it could be possible to have two DNS servers | inside a LAN, behind a FreeBSD box with NAT. | | Regards, | | Alfonso Romero Alfonso, If you are thinking of running named on serverA and serverB (both in RFC191= 8=20 space), and have them both use one globally routable IP address, there is a= =20 way. I did this for a while before getting external secondary services. =20 Here is what I did: 1) go to http://www.bsdshell.net/hut_fvrrpd.html and read about the HUT=20 project. Very interesting. 2) cd /usr/ports/net/freevrrpd && make install distclean 3) read the configuration stuff for vrrpd (if you are like me, read twice),= =20 and configure the daemon on both servers. Now, say serverA is 192.168.0.51, and serverB is 192.168.0.52, and your VRR= P=20 address will be 192.168.0.50. Just make sure that your VRRP configuration= =20 is correct, but that isn't all. When the VIP moves from the primary=20 machine to the backup machine, named won't give a crap. It won't listen on= =20 the new IP alias (in my case anyway, YMMV). I created a script that=20 triggers on a VRRP state change that would kill named and then restart it=20 once the new IP alias was installed (my script also installed a (V)IPv6=20 alias upon master election... not sure if that is important to you). Of=20 course, make sure that natd on your gateway is forwarding DNS stuff to=20 192.168.0.50. I work with cisco IOS constantly, and HSRP is easy to take for granted. It= =20 is beyond cool to be able to do the same thing with the servers themselves. Not saying that this is the best solution, but it worked for me. =2D-=20 +-------------------------------------+------------------------------+ | Michael W. Oliver, CCNP | "The tree of liberty must be | | IPv6 & FreeBSD mark | refreshed from time to time | | michael@gargantuan.com | with the blood of patriots | | http://michael.gargantuan.com/ | and tyrants." | | ASpath-tree, Looking Glass, etc. | - President Thomas Jefferson | | +------------------------------+ | gpg key - http://michael.gargantuan.com/gnupg/pubkey.asc | +--------------------------------------------------------------------+