Private in-house domain

Paul Lussier p.lussier at comcast.net
Fri May 18 15:17:21 EDT 2007


"Tech Writer" <TechWtr at handspun.com> writes:

> My task (as a technical writer) was to take a DNS and mailserver sample, and 
> implement it on some test machines. 
[...]
> The problem is that the customer's lab has a "real" DNS server, IP 
> addresses, etc.  The machines I will be allocated are currently in the lab, 
> and have pre-defined addresses in the 192.168.1.0/24 range.  I can not mess 
> around with these addresses, nor can I allocate new ones, etc.  However, I 
> DO need to set up a DNS server.  So, since I can't control the addresses 
> that are already there, the simplest thing seemed to be to just grab my own 
> set of addresses (that aren't being used in that lab) and have my DNS server 
> control this alternate set of addresses.
>
> So, I gave my DNS server, and its client addresses in the 10.25.1.0/24 
> range.  That was fine, except that they couldn't get out to the rest of the 
> world.  When I added the alias for eth0 (so it could also use 192.168.1.30) 
> and set the gateway to 192.168.1.1, then everything seemed to work fine.
>
> I did this in my own home network environment.  But when it's working, I 
> will be duplicating it on a couple of machines in the training lab.  If 
> someone can think of a better way that this could have been implemented, I'm 
> always open to suggestions.

A much simpler way of accomplishing this would be, as already stated,
to build your DNS server using the existing IP address scheme in the
lab, but provide alternate names.

Change the lab machines to point at your DNS server first, then the
real, already existing DNS server.  To be save, have *your* DNS server
be a forwarding DNS server pointing to the real DNS server.

So, assuming machine 'fred' in the lab has IP 192.168.1.20, on *your*
DNS server, map 192.168.1.20 to 'barney'.  Point machine 'wilma' at
your DNS server and resolve hostname 'fred' then 'barney'.  They IP
returned should be the same.  Then reverse-resolve the IP address.  If
pointing at your DNS server, the return name should be 'barney', but
the real DNS server should still resolve back to 'fred'.

You can easily verify all this is working using 'host', 'nslookup',
and 'dig'.  Additionally, there's absolutely no mucking around with
individual systems network configuration files, *including* the
/etc/resolv.conf files, since all of the above commands allow you to
specify the hostname/IP address of the system you want to be your DNS
server.

Once it all works, you can then change all the clients to point at
your new DNS server simply by changing their /etc/resolv.conf file,
and access to the rest of the world should remain unchanged, since
your DNS server will simply forward all requests on to wherever you
told it to.
-- 
Seeya,
Paul


More information about the gnhlug-discuss mailing list