Date: Fri, 21 Apr 2000 16:09:29 -0400 From: "Matthew B. Henniges" <matt@axl.net> To: "Joseph Scott" <joseph.scott@owp.csus.edu> Cc: <freebsd-stable@FreeBSD.ORG> Subject: RE: nat redirection Message-ID: <KBEAJDGMGMDNDPICHDNHIEONEFAA.matt@axl.net> In-Reply-To: <38FCE69F.23AEC923@owp.csus.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Split DNS worked great. Thanks guys! Matthew B. Henniges CoPresident Axl.net Communications http://www.axl.net (203) 552-1714 -----Original Message----- From: scottj@pebkac.owp.csus.edu [mailto:scottj@pebkac.owp.csus.edu]On Behalf Of Joseph Scott Sent: Tuesday, April 18, 2000 6:50 PM To: Matthew B. Henniges Cc: freebsd-stable@FreeBSD.ORG Subject: Re: nat redirection "Matthew B. Henniges" wrote: > > So far, so good. Heres the problem: > > there are various DNS entries that point to 216.66.11.90 and 91. > If one of the clients on 10.0.1.* tries to browse/ftp to one of these, it > can't connect because the natd redirection to those only listens on the > outside nic. > > What is the best way to solve this problem? > > My thoughts were: > > 1. using some ipfw fwd rules... This seems to me like it should work, > thought I was unable to get it working. > > or > > 2. give different replies to the 10.0.1 network than I give to everybody > else.. > > Anybody have any ideas? I'm far from an expert on such matters, but I've been faced with the same thing multiple times. After reading through various lists I believe that your "option 2" in generally considered the correct way to deal with it. That's how I've got one of our networks dealing with it. In case you are searching list archives or something I believe the term you want is "split dns". The idea is simply that you have an internal dns server resolving to your private 10.x.x.x network and an external dns resolving to your outside ips. The general feelings from people dealing with these issues seems to be that split dns is also usually the easiest way to deal with this, even though it does involve running another box and maintaining two sets of dns records. -- Joseph Scott joseph.scott@owp.csus.edu Office Of Water Programs - CSU Sacramento To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?KBEAJDGMGMDNDPICHDNHIEONEFAA.matt>