From owner-freebsd-questions@FreeBSD.ORG Mon Dec 10 01:11:36 2007 Return-Path: Delivered-To: questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A7A0616A417 for ; Mon, 10 Dec 2007 01:11:36 +0000 (UTC) (envelope-from mksmith@adhost.com) Received: from mail-in08.adhost.com (mail-in08.adhost.com [216.211.128.141]) by mx1.freebsd.org (Postfix) with ESMTP id 8B80713C459 for ; Mon, 10 Dec 2007 01:11:36 +0000 (UTC) (envelope-from mksmith@adhost.com) Received: from ad-exh01.adhost.lan (unknown [216.211.143.69]) by mail-in08.adhost.com (Postfix) with ESMTP id 6D5DE8FC37; Sun, 9 Dec 2007 17:11:35 -0800 (PST) (envelope-from mksmith@adhost.com) Received: from [192.168.0.101] ([10.142.3.36]) by ad-exh01.adhost.lan with Microsoft SMTPSVC(6.0.3790.3959); Sun, 9 Dec 2007 17:11:35 -0800 Message-Id: <2C799BA1-729E-4990-A80F-1C840AD53D9B@adhost.com> From: Michael Smith To: Erik Norgaard In-Reply-To: <475C7B8A.5000908@locolomo.org> Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v915) Date: Sun, 9 Dec 2007 17:11:34 -0800 References: <475C7B8A.5000908@locolomo.org> X-Mailer: Apple Mail (2.915) X-OriginalArrivalTime: 10 Dec 2007 01:11:35.0043 (UTC) FILETIME=[9B6BCD30:01C83AC9] X-TM-AS-Product-Ver: SMEX-7.5.0.1243-5.0.1023-15594.003 X-TM-AS-Result: No--9.787600-5.000000-2 X-TM-AS-User-Approved-Sender: No X-TM-AS-User-Blocked-Sender: No Cc: questions@freebsd.org Subject: Re: Problem with NAT/RDR in PF X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 10 Dec 2007 01:11:36 -0000 On Dec 9, 2007, at 3:34 PM, Erik Norgaard wrote: > Michael Smith wrote: >> Hello All: >> I am trying to configure a round-robin group of Name Servers that >> respond on to and from a single address. >> I want the following to occur: >> 1) DNS query from 10.211.128.1 to 10.212.1.1 is redirected to a >> pool of name servers >> 2) One of the name servers responds to the query >> 3) The response shows a source address of 10.212.1.1, not the >> actual name server > > I know this does not answer your question, but, what's the point? > DNS isn't exactly the kind of task that knocks over a server. If you > want redundancy, then the correct way to do it is to add NS entries > to your zone files. > > I simply let my register transfer the zone file daily, works fine. > If you need to update the zone file regularly just reduce the max > age of the zone. Hello Erik: Well, aside from doing a *lot* of queries, it's nice to have a single IP address fronting a set of servers so I can pull one out for maintenance at any time and it doesn't affect name resolution for the clients. Mike