From owner-freebsd-questions@FreeBSD.ORG Wed Jun 28 18:03:26 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D3F7F16A885 for ; Wed, 28 Jun 2006 18:03:26 +0000 (UTC) (envelope-from drew@mykitchentable.net) Received: from relay02.roc.ny.frontiernet.net (relay02.roc.ny.frontiernet.net [66.133.182.165]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0D2A644D31 for ; Wed, 28 Jun 2006 17:10:56 +0000 (GMT) (envelope-from drew@mykitchentable.net) X-Virus-Scanned: by amavisd-new-2.4.1 at filter09.roc.ny.frontiernet.net Received: from blacklamb.mykitchentable.net (67-137-238-101.dsl2.elk.ca.frontiernet.net [67.137.238.101]) by relay02.roc.ny.frontiernet.net (Postfix) with ESMTP id F0ADB370023; Wed, 28 Jun 2006 17:10:51 +0000 (UTC) Received: from [192.168.25.6] (unknown [192.168.25.6]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by blacklamb.mykitchentable.net (Postfix) with ESMTP id B3D2A1648C1; Wed, 28 Jun 2006 10:10:50 -0700 (PDT) Message-ID: <44A2B819.8070809@mykitchentable.net> Date: Wed, 28 Jun 2006 10:10:49 -0700 From: Drew Tomlinson User-Agent: Thunderbird 1.5.0.4 (Windows/20060516) MIME-Version: 1.0 To: Giorgos Keramidas References: <449C0711.3080803@mykitchentable.net> <20060623155433.GA30666@gothmog.pc> <449C5C69.1030702@mykitchentable.net> <20060628144302.GC1161@gothmog.pc> In-Reply-To: <20060628144302.GC1161@gothmog.pc> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-questions@freebsd.org Subject: Re: Simple DNS For Private LAN X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Jun 2006 18:03:27 -0000 On 6/28/2006 7:43 AM Giorgos Keramidas wrote: > On 2006-06-23 14:26, Drew Tomlinson wrote: > >>> If you use NAT, then I can guide you through setting up a local >>> ``master zone'' that is only visible inside your home network, and a >>> ``slave zone'' that pulls stuff from ZoneEdit for the >>> ``mykitchentable.net'' domain. I already have a similar setup at >>> home, to let my internal systems (workstation, laptop) see each other >>> with internal names and still use my ISP's name servers for >>> everything else. >>> >>> If you don't use NAT, things are going to be much easier, since you >>> only have to set up the names at ZoneEdit and pull the master zone >>> from there. >>> >> Thank you for your reply. >> > > You're welcome of course :-) > > >> I use NAT for my servers that are visible from the outside so I set >> ZoneEdit to return the same address for all servers at >> mykitchentable.net which is currently 67.137.238.101. >> > > Excellent! This is exactly what I was hoping the setup would be. > > >> Thus www.mykitchentable.net, drew.mykitchentable.net, >> mykitchentable.net, and whatever else. all return 67.137.238.101. >> Based up this, it seems that I should leave ZoneEdit alone and set up >> a local "master zone" visible only to my private LAN as you describe >> above. Being a slave and pulling from ZoneEdit wouldn't have any >> benefit as the public address won't equal the private address. >> > > Quite right. > > >> So assuming I understand correctly, yes, please guide me in setting up >> a local master zone. >> > > Assuming that your local home network uses addresses in the > 192.168.0.0/16 range, you have to set up a local name server which will > recognize and reply for the following zones: > > "drew." # "*.drew" are local home network names > 192.168.0.* # reverse IP address -> name for home hosts > 127.0.0.* # localhost zone (optional) > I use virtual servers with Apache. To access those from the inside, I have to use the same URL as is used on the outside. So from the Internet, I need drew.mykitchentable.net to resolve to my public IP but on the inside, I need it to resolve to 192.168.0.x. Thus it seems to me that the .drew zone won't work for my setup. Or am I missing something? Can I set up my server to be authoritative for .mykitchentable.net instead of .drew but only be visible from the inside? Obviously if it responded to queries from the Internet, I'd really have a mess. What do you recommend? Thanks again for your help! Drew [lots of useful step-by-step config info snipped] -- Be a Great Magician! Visit The Alchemist's Warehouse http://www.alchemistswarehouse.com