Yes, to do a full implementation usable in an enterprise you are correct, but what I am looking for is a small demo with only 10 machines or so. I believe your comment about IPv5 is correct too, but I am limited for this trial.
/bill On Wednesday 04 November 2015 15:30, Mark Andrews wrote: > If you want this sort of behaviour you are going to have to pay > someone someone lots of money to add this sort of functionality to > a nameserver and then pay them more money to maintain it. This > sort of thing does not exist in normal nameservers. > > Nameservers don't normally do other things on DNS lookups. > > Normally what one does is configure port forwarding in the NAT / > open a hole in the firewall. Some NATs can update the DNS when > their external address changes other wise you need a NAT that > modifies DNS payloads and that is problematical in lots of ways. > > NATs really are not something anyone sane wants in their network. > Anyone who says they do really doesn't understand IP security. They > are a necessary evil with IPv4 as we long ago ran out of addresses > to number every device uniquely. > > Mark > > In message <201511041050.51346.boobe...@rogers.com>, Bill writes: > > See my last posting on what I am trying to achieve, I think in the > > interest o f > > brevity I may have overly simplified my goal. > > > > What I want is for the DNS query to automatically configure the NAT to > > permit > > > > the outside connection. In other words it should, after the DNS query, > > look as if the named device had initiated the connection from inside that > > NAT. My > > > > last post explains the use case a bit better, I hope. > > > > /bill _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
