> On Sun, May 05, 2002 at 10:48:32PM -0400, Jason Pappas wrote:
> > A few questions:
> > Is your DNS server run on your firewall or on another server?
>
> Didn't I just ask that?
Yes when looking back at the message you did. However, after being up 43
hours moving a company, I missed that question of yours..
>
> > Do you have reverse (in.addr.arpa) for all your interfaces? Each of your
> > machines IP addresses that the DNS server is running on (and NAT'd to)
needs
> > to be locally known to your DNS server
>
> No it doesn't, as long as the firewall can get an answer when it makes a
PTR
> lookup it'll be fine... and that depends if the original poster is
querying
> his own DNS or his/her ISP's DNS anyway. Running domains locally doesn't
> necessarily mean you'll be running your own reverse DNS, the ISP is
probably
> still doing that for all the Internet facing interfaces.
Same difference. The firewall just needs to be able to resolve its IP to a
hostname. If you have NAT/portforwarding, then it'll want the address the
client thinks its connecting to.
>
> > Do you let through both TCP and UDP?
>
> IIRC, the original poster is.... but we're still trying to find out if the
> DNS server is one the firewall or not.
>
> Please don't top-post, in threaded conversations like this it really makes
a
> mess of who said what.
Unfortunately, I am missing about 2-3 days of incoming mail due to a
misconfigured DNS/Mail gateways. One of the things, I had to fix in the 43
hours I've been up.
>
> <snip what I said cause I'm not re-aligning it all because I'm late for
work
> already :) >
>
> --
> FunkyJesus System Administration Team
>
>
>
