Name service behind a firewall/NAT router
Bill McGonigle
bill at bfccomputing.com
Fri Jan 5 13:21:31 EST 2007
On Jan 5, 1007, at 12:53, Bill Freeman wrote:
> I have no desire to make these machines visible on the internet as
> a whole.
> While I have some throw away domains available, what I'd really
> like is to
> have single word (no "."s) hostnames resolved to IP addresses on
> the LAN,
> and everything else resolved by the ISP's nameserver.
This is roughly how I have my office network setup.
In /etc/named.conf, I have:
-----
zone "bfc" IN {
type master;
file "pz/bfc";
allow-update { none; };
};
-----
then I have a zone file, looks roughly like:
-----
$TTL 3600
@ IN SOA localhost. flowerpt.localhost. (
1006110801; Serial
7100; ; Refresh
3600 ; Retry
604800 ; Expire
86400 ) ; Minimum
bfc. IN NS foo.bfc.
bfc. IN MX 10 foo.bfc.
; network gear
bfc-gw.bfc. IN A 192.168.0.1
; servers
foo.bfc. IN A 192.168.0.101
bar.bfc. IN A 192.168.0.104
voip.bfc. IN A 192.168.0.106
; workstations
macbook.bfc. IN A 192.168.0.102
g3.bfc. IN A 192.168.0.103
; telephones
phones.bfc. IN A 192.168.0.110
; well-known services
smtp.bfc. IN CNAME foo.bfc.
imap.bfc. IN CNAME foo.bfc.
www.bfc. IN CNAME foo.bfc.
mrtg.bfc. IN CNAME foo.bfc.
asterisk.bfc. IN CNAME voip.bfc.
asterisk1.bfc. IN CNAME voip.bfc.
------
and in dhcpd.conf I have:
-----
option domain-name "bfc";
option domain-name-servers 10.0.0.101, 10.0.0.1;
-----
so, on the workstation, I can go:
http://foo/
and get what I (and I think you) want. Best of all, I can do
virtualhosts in the local IP space.
-Bill
-----
Bill McGonigle, Owner Work: 603.448.4440
BFC Computing, LLC Home: 603.448.1668
bill at bfccomputing.com Cell: 603.252.2606
http://www.bfccomputing.com/ Page: 603.442.1833
Blog: http://blog.bfccomputing.com/
VCard: http://bfccomputing.com/vcard/bill.vcf
More information about the gnhlug-discuss
mailing list