At 12:14 09/05/01 +0100, John Hallam wrote:
> Is there any mileage in setting up ipchains rules to rewrite
>packets coming from one interface so they appear to come from the other?
Not on a 2.0.36 kernel :(
Actually, I decided to take the bull by the horns and mapped the external
_name_ to the _internal_ address on the _internal_ DNS server.
from my original post....
>>>That leaves the option of telling the local DNS that server.mynet.com is
>>>really at 10.1.1.86, but what happens when a program tries to check the
>>>name of 196.169.10.2 ? Obviously, my DNS doesn't know - if it goes away and
>>>checks on the internet, it will find server.mynet.com - but it already
>>>knows that server.mynet.com is 10.1.1.86.....
>>>
>>>So I suppose my question is, how does Bind cope with hosts which have
>>>multiple addresses?
So far it seems to be working as I'd hoped: The reverse lookups on the
external interface return the external name, but named does not attempt to
change the address record for the internal address/external name record.
I was going to RTFM for Bind, but RedHat do not seem to have included it on
the distro. I guess I'll have to go and download it.
Anyway, Netscape Navigator now happily accepts the SSL certificate from the
server. MSIE still baulks at it, although the name matches it insists that
I've not chosen to trust the CA - but I can't seem to convince it that I
would like to trust them! I've tried 'importing' the certificate but it
doesn't seem to work.
Confused? You will be. In next week's episode Colin tries to get squid to
authenticate users for sessions using redirection to generate per-user
redirection schemes and discovers that Arlene is secretly in love with
Jerry. Disk space is running out fast, and so is Bubba after JD discovers
an unlicensed copy of Microsoft Office. And who is Arlene's real father
anyway? Can a recent Linux distro be installed on an 8Mb 386? Are shoulder
pads really coming back?
Tune into the next exciting episode of "Network!" to find out.....
Colin
--------------------------------------------------------------------
http://www.lug.org.uk http://www.linuxportal.co.uk
http://www.linuxjob.co.uk http://www.linuxshop.co.uk
--------------------------------------------------------------------
