Name service behind a firewall/NAT router
aluminumsulfate at earthlink.net
aluminumsulfate at earthlink.net
Fri Jan 5 13:24:07 EST 2007
Well, if you have several layers of private NAT, you may have trouble
routing packets to boot. And, when failing over to your ISP's
nameserver, you will also encounter problems resolving local names,
because your ISP's DNS server will have no information about your LAN
names. But those issues aside...
You could configure your local DNS server to serve names for your LAN
and turn on DNS proxy on your WAN router. Then configure each host to
use those two addresses as nameservers. I suspect this might not be
how DNS was designed to operate, but it ought to work if your local
nameserver is on a separate box from your gateway. If your ISP's
nameserver addresses ever change, they will be noticed by the gateway,
and be used automatically by the proxy. So you shouldn't have to
propagate any information manually. However, you might not want to
rely on availability of both your primary and secondary DNS servers.
Just a seed for the idea farm...
More information about the gnhlug-discuss
mailing list