At 2003-02-17T16:05:48Z, Jerome "Lacoste (Frisurf)" <[EMAIL PROTECTED]> writes:
> - from my LAN I want that the address xxx.mydomain.com resolves directly
> to our server (192.168.1.2).
Let's see if I have this straight.
For clients on the LAN, `xxx.mydomain.com' should resolve to 192.168.1.2.
For clients on the Internet, `xxx.mydomain.com' should resolve to your
public IP.
Is this correct? Sorry if I'm having a bit of trouble understanding; this
cold medicine is not greatly conducive to lucidity.
If I understood, correctly, you'll probably want to install BIND 9 and
configure seperate `views' for the internal and external networks.
Here are some excerpts from my named.conf that does exactly this:
acl "lan" {
10.0.0.0/8;
};
view "private" {
match-clients { "lan"; };
recursion yes;
zone "honeypot.net" {
type master;
file "internal/db.honeypot.net";
};
};
view "public" {
match-clients { any; };
recursion no;
zone "honeypot.net" {
type master;
file "external/db.honeypot.net";
};
};
The syntax is pretty straightforward. Clients that match the "lan" acl get
results from "internal/db.honeypot.net", but everyone else gets results from
"external/db.honeypot.net". I've used BIND's `$INCLUDE' directive to
simplify those zone files quite a bit. Both start with:
$TTL 86400
@ IN SOA ( <snip> )
$INCLUDE common/db.honeypot.net
which includes a file that has records that both internal and external
clients should get. In your case, "common/db.mydomain.com" would have all
of the "shared" records. It would resemble:
$ORIGIN mydomain.com.
www IN A my.isp.public.ip
"internal/db.mydomain.com" would look like:
$TTL 86400
@ IN SOA ( <snip> )
$INCLUDE common/db.mydomain.com
xxx IN A 192.168.1.2
and "external/db.mydomain.com" would be similar to:
$TTL 86400
@ IN SOA ( <snip> )
$INCLUDE common/db.mydomain.com
xxx IN A aaa.bbb.ccc.ddd
I hope this makes sense. If it doesn't, please blame Alka Seltzer Cold &
Flu and don't think too harshly of me.
--
Kirk Strauser
In Googlis non est, ergo non est.
msg31340/pgp00000.pgp
Description: PGP signature
