----- Original Message -----
From: "John Lederer" <[EMAIL PROTECTED]>
To: "'e-smith devinfo'" <[EMAIL PROTECTED]>
Sent: Monday, November 19, 2001 8:36 PM
Subject: [e-smith-devinfo] IPSEC implementation--DNS
> I am having a little trouble wrapping my mind around IPSEC and
> particulalry DNS once IPSEC is up.
>
> If I connect network A to network B using IPSEC , we would presumably
> like to be able to reach machines on B from machines on A using their
> internal network names. Presumably the DNS server on B holds these
> internal names , e.g. 1stfloorprinter.internal.net <==> 192.168.1.23.
> How does a workstaion on network A resolve an internal name on B? I
> assume that we only want to use B's DNS server to resolve names internal
> to B, so there must be some mechanism to send those queries to DNS on B,
> and all other queries out to the Internet.
>
I resolved the problem using the A's dns as "slave" of B one.
I had to modify the A and B dns config file.
I don't need a dns for A network, I only ave a DNS on b that
resolve names for the A and B (and C and D ) network.
The administrator only set the dns entries on B then
dns replicate the informations, because the dns daemon
is chrooted to /home/dns there is the file named-xfer
from /usr/bin to /home/dns/usr/bin .
Hope this help
Bye
Lorenzo
--
Please report bugs to [EMAIL PROTECTED]
Please mail [EMAIL PROTECTED] (only) to discuss security issues
Support for registered customers and partners to [EMAIL PROTECTED]
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
