From owner-freebsd-questions  Fri Feb 23 13:51:23 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from dsl-64-193-218-89.telocity.com (dsl-64-193-218-89.telocity.com [64.193.218.89])
	by hub.freebsd.org (Postfix) with SMTP id C85FC37B503
	for <freebsd-questions@freebsd.org>; Fri, 23 Feb 2001 13:51:11 -0800 (PST)
	(envelope-from lucas@slb.to)
Received: (qmail 20510 invoked by uid 1000); 23 Feb 2001 21:51:31 -0000
Date: Fri, 23 Feb 2001 15:51:31 -0600
From: Lucas Bergman <lucas@slb.to>
To: "G. Jason Middleton" <gmiddl1@gl.umbc.edu>
Cc: freebsd-questions@freebsd.org
Subject: Re: setting up a firewall (Was: dual homed host)
Message-ID: <20010223155131.A28591@billygoat.slb.to>
Reply-To: lucas@slb.to
References: <20010223141221.D28130@billygoat.slb.to> <Pine.SGI.4.31L.02.0102231523400.377791-100000@irix1.gl.umbc.edu>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <Pine.SGI.4.31L.02.0102231523400.377791-100000@irix1.gl.umbc.edu>; from gmiddl1@gl.umbc.edu on Fri, Feb 23, 2001 at 03:40:12PM -0500
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

> > > SO when i am setting up dc0 what should i set the dns entry to?
> >
> > I'm not sure what you mean.  Do you mean that you have your own
> > DNS server and you want to give the address on dc0 an entry (an
> > "A" record)?  Do you mean to ask what address you should give as
> > your DNS server?
>
> de0 is set up with no problems (static from cable ISP) dc0 is set to
> 192.168.0.1 like you said and i wanted to know what DNS number to
> use for this interface.  I do not have a DNS server set up yet that
> is my next goal after setting up the firewall.

I think I've got you now.  The way DNS is resolved is per _machine_,
not per _interface_.  So, for now, just put nameserver line(s) in
/etc/resolv.conf corresponding to some public DNS server, probably
your ISP gave you one.  The same DNS server information is used to
resolve names and addresses regardless of the ingress/egress interface
of a given set of packets.  Make sense?

For now, tell all your computers to look at your ISP's DNS server for
name resolution.  When you get your own set up, point them all at
that.

> In addition to my question about DNS was what should i set the
> gateway too?

Same deal:  Only one default route (gateway) gets set per machine.
That's the place a packet goes if it doesn't appear destined for the
subnet attached to either interface.

Lucas

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message