Hello! I'm using Bering 1.0 stable with a tinydns installed on it to do internal host name resolution.
I registered a free DNS subdomain with one of the free DNS providers (dyndns.org). However I want to be able to access the machine's web server internally with the DN. Let's call the external DN "www.mydomain.com". The server, internally, is known as "server". Currently if I try to access the name "www.mydomain.com", then I get the Bering Weblet. The server's obviously up, because I can access it using "server". The Shorewall FAQ's recommenation to get around this is to have your DNS internally resolve the name 'www.mydomain.com' to 192.168.1.1, and to have the external hosts resolve it to the external IP. (I don't have a public DNS so the last part isn't applicable to me... right?) If I use tinyDNS and add the following like: +writers.name.external:192.168.1.1 there is no effect: I still get routed back to the host. This is important because I use cookies and sessions on the site and they seem to want to use the real host name rather than the IP or the internal name. If anyone has any help, thank you. -- -- Arcana Shorewall Excerpt Below: Note from the Shorewall FAQ: 2. I port forward www requests to www.mydomain.com (IP 130.151.100.69) to system 192.168.1.5 in my local network. External clients can browse http://www.mydomain.com but internal clients can't. I have two objections to this setup. Having an internet-accessible server in your local network is like raising foxes in the corner of your hen house. If the server is compromised, there's nothing between that server and your other internal systems. For the cost of another NIC and a cross-over cable, you can put your server in a DMZ such that it is isolated from your local systems - assuming that the Server can be located near the Firewall, of course :-) The accessibility problem is best solved using Bind Version 9 "views" such that www.mydomain.com resolves to 130.141.100.69 externally and 192.168.1.5 internally. That's what I do here at shorewall.net for my local systems that use static NAT. ------------------------------------------------------- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
