DNS Question
Rich Burroughs
rich at paranoid.org
Fri Dec 17 21:41:33 UTC 2004
Nathaniel Hall wrote:
> Maybe an example will clear it up a bit.
>
> Our DNS resolves domain.com. I have system1.domain.com correctly
> resolving using the DMZ DNS.
> The ISP DNS also resolves system1.domain.com for users outside the
> firewalls. In addition to system1, system2.domain.com resolves on the
> ISP DNS from the outside.
>
> If I am on the inside and try to resolve system2.domain.com, it doesn't
> get resolved because it is not setup in the DMZ DNS. I want to be able
> to resolve system2.domain.com by passing the query from the DMZ DNS to
> the ISP DNS.
>
> I know it is confusing. If there are any questions, let me know.
Hi Nathaniel,
I didn't find your explanation confusing, I understand exactly what you
mean. I don't know if a way to do exactly what you're asking for,
though. As far as I know, you will need to update the DNS on the DMZ box
to match both what is in the ISP's zone and also whatever internal
entries you need.
Perhaps someone who knows more about DNS than I do will have a fix for
you, though :)
Another option would be to use a different domain for the internal
addresses, and then have the ISP resolve all the queries for the
external domain. So if you were using foo.com for the main, external
domain, you might grab foo.net and use that for the internal addresses.
Rich
More information about the fedora-list
mailing list