From owner-freebsd-questions@FreeBSD.ORG Tue Jul 29 16:34:57 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 05A9737B407 for ; Tue, 29 Jul 2003 16:34:57 -0700 (PDT) Received: from services.homebass.ca (216.126.94.86 [216.126.94.86]) by mx1.FreeBSD.org (Postfix) with ESMTP id 23E6043FB1 for ; Tue, 29 Jul 2003 16:34:54 -0700 (PDT) (envelope-from liquid@homebass.ca) Received: (qmail 58519 invoked by uid 0); 29 Jul 2003 23:00:31 -0000 Received: from unknown (HELO windows) (liquid@homebass.ca@192.168.0.100) by services.homebass.ca with SMTP; 29 Jul 2003 23:00:31 -0000 From: "liquid" To: Date: Tue, 29 Jul 2003 18:56:59 -0400 Message-ID: <000e01c35624$b79a25d0$6400a8c0@windows> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.3416 Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 In-Reply-To: <20030729220936.GA9310@sylvester.dsj.net> Subject: RE: named.conf et al and home network segments X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Jul 2003 23:34:57 -0000 > -----Original Message----- > From: owner-freebsd-questions@freebsd.org [mailto:owner-freebsd- > questions@freebsd.org] On Behalf Of David S. Jackson > Sent: July 29, 2003 6:10 PM > To: freebsd-questions@freebsd.org > Subject: named.conf et al and home network segments >=20 > Hi, >=20 > I'm trying to setup dns for my two home network segments, > 192.168.0/24 and 192.168.1/24. I just need internal dns access, > no outside access. >=20 > It sounds like a relatively simple problem, but I'm just not sure > how to go about it. Do I just set up 2 reverse zones, > 0.168.192.in-addr.arpa and 1.168.192.in-addr.arpa in named.conf? > Then put all the A records for both segments in the db.dsj.net > zone file? >=20 > Or should I create a separate name server for each segment? >=20 > I'd like the internal (192.168.1/24) segment to be able to access > all servers on the external segment (192.168.0/24), but not allow > any of the external services to query the internal. Does that > mean I need two dns servers? >=20 You don't need to setup two servers. You can simply create two reverse zones for each of those networks. Something like this (I just did a quick copy paste, so most of this will not apply to you, be warned!) zone "0.168.192.in-addr.arpa" in { type master; file "db.192.168.0"; allow-query { 192.168.0.1/16; }; }; followed by... zone "1.168.192.in-addr.arpa" in { type master; file "db.192.168.1"; allow-query { 192.168.0.1/16; }; }; Of course, replace db.192.168.x with whatever you named your files.=20 Also look at http://www.freebsd.org/cgi/man.cgi?query=3Dnamed.conf&apropos=3D0&sektion= =3D0& manpath=3DFreeBSD+4.8-RELEASE&format=3Dhtml#ADDRESS+MATCH for more on "allow-query" Hope this helps you, Sandro > David S. Jackson dsj@dsj.net > = =3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D= -=3D-=3D-=3D-=3D-=3D-=3D-=3D > I don't deserve this award, but I have arthritis and > I don't deserve that either. > -- Jack Benny > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions- > unsubscribe@freebsd.org"