Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 2 Jan 2013 14:57:47 -0800
From:      Freddie Cash <fjwcash@gmail.com>
To:        Aryeh Friedman <aryeh.friedman@gmail.com>
Cc:        FreeBSD Mailing List <freebsd-hackers@freebsd.org>
Subject:   Re: OT: getting named to answer differently based on requester's IP
Message-ID:  <CAOjFWZ5rr24VJukQRu6CUhhtP0qfifQa89JUg3ccyeabebRcbw@mail.gmail.com>
In-Reply-To: <CAGBxaXn5BKgbUaOpX47LVXVp-imQMgpVPp5BBXKm%2BGGOfri5Ag@mail.gmail.com>
References:  <CAGBxaXn5BKgbUaOpX47LVXVp-imQMgpVPp5BBXKm%2BGGOfri5Ag@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
You want to set up views and IP-based ACLs.  There's lots of documentation
online about configuring views.  Basically, they work exactly how you want:
  - clients with IPs in 192.168.2.x subnet get 192.168.2.x replies
  - all other clients get public IP replies


On Wed, Jan 2, 2013 at 2:33 PM, Aryeh Friedman <aryeh.friedman@gmail.com>wrote:

> I have a local machine (say "foo.example.com") that is behind a very
> dumb firewall (it will not honor dmz/port forwarding if the connection
> originates from inside the firewall [192.168.2.X]).... specifically if
> I connect to the public IP from *OUTSIDE* of the lan it works but not
> from inside... I have a number of web services that depend on a
> specific DNS being set (specifically www/tomcat7 and the alike)...
> i.e. if I am at home I need to use "localhost" (changing it in
> /etc/hosts has no effect) if I am away I need to use
> "ack.example.com")... what I want to do is make it so I can use
> "ack.example.com" for all references... this means I need to make it
> so local requests to ack.example.com answer 192.168.2.2 and remote
> ones answer the public IP.. how do I configure named to do this (I
> have full control of all the nameservers in question)
> _______________________________________________
> freebsd-hackers@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"
>



-- 
Freddie Cash
fjwcash@gmail.com

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAOjFWZ5rr24VJukQRu6CUhhtP0qfifQa89JUg3ccyeabebRcbw>