Jeffrey Goldberg wrote:
The host that runs my internal DNS server is down for the count (I've
already replaced the power supply on it once, and I don't feel like
doing it again). Although I had other uses planned for that machine,
the only useful thing it was doing was DNS for a local net and DHCP, the
latter I've moved to my firewall box (running m0n0wall).
So, until I build a replacement machine, I'd like to run the DNS service
on 6.2-RELENG machine on my DMZ. However I have a conflict between
providing IPs for the outside world to see, eg
n114.ewd.goldmark.org 172.64.118.114
versus what I want when querying from the local network, eg,
n114.ewd.goldmark.org 10.1.10.131
Also there are some internal names (eg, fluffy.ewd.goldmark.org) which
shouldn't be advertised to the outside world at all.
The obvious answer would be to run two instances of bind, listening on
different IPs (possibly using jails). But I don't have an IP address to
spare on the DMZ. So is there a way to have bind listening on the only
interface and IP address the host can have give different answers
depending on where the query comes from?
Cheers,
-j
You can use BIND's "view" statement:
http://www.isc.org/sw/bind/arm94/Bv9ARM.ch06.html#view_statement_grammar
HTH,
Yuri
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
