Michael, Ray, Lynn,
What you are all saying makes sense. I have tried reversing the interfaces that
dnscache and tinydns bind to with no improvement. I believe Michael is correct that I
need 2 instances of tinydns but I have no idea how to accomplish this in a lrp
environment. i would guess that I add another /etc/rc2.d entry but how do I get it to
point to a different set of configs? Or would I just use the same confing files?
Alternatively I looked briefly at Maradns. It's documentation says it will bind to all
interfaces present. The only issue I see is I do nit understand the csv1{} syntax as
it relates to my setup. In other words I am not clear on how to add records to it so
it will resolve machines on both subnets.
I am surprised at the difficulty in this part of the setup. I was under the impression
that a lot of people were running dmz's behind LEAF systems. Are they all running full
distros on the dmz? How does that help. Would running the second version of tinydns on
the dmz be a good solution?
Thanks again,
Kory
>
>>21:25:30.591328 192.168.10.1.64715 > 192.168.1.254.53: 61116+ PTR?
>>1.10.168.192.in-addr.arpa. (43) (DF)
>>0x0000 4500 0047 f612 4000 4011 b743 c0a8 0a01 [EMAIL
>>PROTECTED]@..C....
>>0x0010 c0a8 01fe fccb 0035 0033 398e eebc 0100 .......5.39.....
>>0x0020 0001 0000 0000 0000 0131 0231 3003 3136 .........1.10.16
>>0x0030 3803 3139 3207 696e 2d61 6464 7204 6172 8.192.in-addr.ar
>>0x0040 7061 0000 0c00 01 pa.....
>>21:25:33.622390 192.168.10.1.59258 > 192.168.10.254.53: 28701+
>>PTR? 1.10.168.192.in-addr.arpa. (43) (DF)
>>0x0000 4500 0047 e557 4000 4011 befe c0a8 0a01 [EMAIL
>>PROTECTED]@.......
>>0x0010 c0a8 0afe e77a 0035 0033 c47e 701d 0100 .....z.5.3.~p...
>>0x0020 0001 0000 0000 0000 0131 0231 3003 3136 .........1.10.16
>>0x0030 3803 3139 3207 696e 2d61 6464 7204 6172 8.192.in-addr.ar
>>0x0040 7061 0000 0c00 01 pa.....
>>21:25:33.622624 192.168.10.254 > 192.168.10.1: icmp: 192.168.10.254
>>udp port 53 unreachable [tos 0xc0]
>>0x0000 45c0 0063 dc44 0000 4001 0746 c0a8 0afe [EMAIL PROTECTED]
>>0x0010 c0a8 0a01 0303 9391 0000 0000 4500 0047 ............E..G
>>0x0020 e557 4000 4011 befe c0a8 0a01 c0a8 0afe [EMAIL
>>PROTECTED]@...........
>>0x0030 e77a 0035 0033 c47e 701d 0100 0001 0000 .z.5.3.~p.......
>>0x0040 0000 0000 0131 0231 3003 3136 3803 3139 .....1.10.168.19
>>0x0050 3207 696e 2d61 6464 7204 6172 7061 0000 2.in-addr.arpa..
>>0x0060 0c00 01 ...
><snip />
>
>Clearly, 192.168.10/24 is not resolvable via dns.
>
>As Lynn points out, dnscache on your router may function best at
>127.0.0.0, and tinydns at 192.168.1.254 _and_ 192.168.10.254.
>However,
>as you undoubtedly know, tinydns can bind to only one (1) interface.
>Therefore, you will need to run a _second_ instance of tinydns, one
>authoritative for 192.168.1/24 and the other authoritative for
>192.168.10/24.
>
>hth
-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills. Sign up for IBM's
Free Linux Tutorials. Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id�78&alloc_id371&op=click
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
