DNS inside a firewall
David Allan
dave at dpallan.com
Sat Feb 17 15:54:45 EST 2001
You shouldn't need to forward a port to it just to cname other people's
boxes. Forwarding the port will allow the outside world to access it,
which may be something else you want to do, but I would argue is probably
a bad thing, given BIND's security record. (I speak here from personal
experience.) Just my $.02.
Dave
On Fri, 16 Feb 2001, Anthony J Gabrielson wrote:
> Hello all,
> I'm looking for a few pointers on how to set up my linux box to do
> DNS inside my firewall. I would like to forward a port to it so I can
> cname a few of my friends computers. So far I have it running, but I
> can't get the computers I put in to resolve if I do a dig -x 127.0.0.1
> the.boxiam.looking.for ? So I was wondering if anyone had any
> suggestions?
>
> This is my named.conf:
> options {
> directory "/var/named";
> };
>
> zone "." {
> type hint;
> file "root.cache";
> };
>
> zone "localhost" {
> type master;
> file "db.localhost";
> };
>
> zone "0.0.127.in-addr.arpa" {
> type master;
> file "db.127.0.0";
> };
>
> zone "home.tzo.org" {
> type stub;
> file "db.home.tzo.org";
> masters { 192.168.1.10; };
> };
>
> This is db.home.tzo.org
> 192.168.1.in-addr.arpa. IN SOA home.tzo.org. (
> 3 ;Serial
> 10800 ; Refresh 3 hours
> 3600 ; Refresh 3 hours
> 604800 ; Expire after 1 week
> 86400 ) ; Minimum TTL of 1 day
> IN NS home.tzo.org.
> ;
> amps IN CNAME amps.coe.neu.edu
>
> I am using a school computer as a test to see when it works. Does anyone
> see where I have gone wrong?
>
> Thanks,
> Anthony
>
>
> -
> Subcription/unsubscription/info requests: send e-mail with
> "subscribe", "unsubscribe", or "info" on the first line of the
> message body to discuss-request at blu.org (Subject line is ignored).
>
-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).
More information about the Discuss
mailing list