----- Original Message ----- From: "John Lederer" <[EMAIL PROTECTED]> To: "'e-smith devinfo'" <[EMAIL PROTECTED]> Sent: Monday, November 19, 2001 8:36 PM Subject: [e-smith-devinfo] IPSEC implementation--DNS
> I am having a little trouble wrapping my mind around IPSEC and > particulalry DNS once IPSEC is up. > > If I connect network A to network B using IPSEC , we would presumably > like to be able to reach machines on B from machines on A using their > internal network names. Presumably the DNS server on B holds these > internal names , e.g. 1stfloorprinter.internal.net <==> 192.168.1.23. > How does a workstaion on network A resolve an internal name on B? I > assume that we only want to use B's DNS server to resolve names internal > to B, so there must be some mechanism to send those queries to DNS on B, > and all other queries out to the Internet. > I resolved the problem using the A's dns as "slave" of B one. I had to modify the A and B dns config file. I don't need a dns for A network, I only ave a DNS on b that resolve names for the A and B (and C and D ) network. The administrator only set the dns entries on B then dns replicate the informations, because the dns daemon is chrooted to /home/dns there is the file named-xfer from /usr/bin to /home/dns/usr/bin . Hope this help Bye Lorenzo -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org