Re: Bounce Utility
This is a discussion on Re: Bounce Utility within the IPFilter forums, part of the System Security and Security Related category; dan, the "views" feature of BIND 9 handles this problem nicely. jim see http://www.isc.org/products/...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
10-02-2003
|
|||
|
|||
Re: Bounce Utility
dan, the "views" feature of BIND 9 handles this problem nicely. jim see http://www.isc.org/products/BIND/bind9.html specifically http://www.nominum.com/content/documents/bind9arm.pdf 6.2.20. view Statement Definition and Usage The view statement is a powerful new feature of BIND 9 that lets a name server answer a DNS query differently depending on who is asking. It is particularly useful for implementing split DNS setups without having to run multiple servers. Each view statement defines a view of the DNS namespace that will be seen by a subset of clients. A client matches a view if its source IP address matches the address_match_list of the view’s match-clients clause and its destination IP address matches the address_match_list of the view’s match-destinations clause. If not specified, both match-clients and match-destinations default to matching all addresses. A view can also be specified as match-recursive-only, which means that only recursive requests from matching clients will match that view. The order of the view statements is significant — a client request will be resolved in the context of the first view that it matches. Zones defined within a view statement will be only be accessible to clients that match the view. By defining a zone of the same name in multiple views, different zone data can be given to different clients, for example, "internal" and "external" clients in a split DNS setup. Dan Sopher wrote: > You can use 2 separate domain names to manage this: > > foo.com public domain name > bar.com internal private domain name > > Hosts looking for www.foo.com will get a public IP > address returned (and then rdr'd via port 80 to the > web server or other ports to whatever server), while > hosts on the internal network access www.bar.com, > which returns the private IP address. > > Otherwise, you can use 2 separate DNS servers. > Configure internal hosts to use an internal dns > server, which will return private IP addresses, while > the world uses a publicly accessed dns server, which > returns public IP addresses. > > -Dan > > > > --- km <km@grogg.org> wrote: > >>On Thu, Sep 25, 2003 at 02:11:38PM -0500, David W. >>Chapman Jr. wrote: >> >>>I was looking for a bounce utility or something to >> >>solve the problem >> >>>listed in the FAQ(#8) >>> >>>http://www.phildev.net/ipf/IPFprob.html#8 >>> >>>-- >>>David W. Chapman Jr. >>>dwcjr@inethouston.net Raintree Network Services, >> >>Inc. <www.inethouston.net> >> >>Rinetd is a pretty popular tool for that with low >>resource costs. >> >>http://www.boutell.com/rinetd/ >> >>/km 
|
Linear Mode
