On Fri, Apr 18, 2008 at 3:55 PM, Howard Lowndes <[EMAIL PROTECTED]> wrote:
>
>
> Amos Shapira wrote:
>
> > On Fri, Apr 18, 2008 at 3:06 PM, Howard Lowndes <[EMAIL PROTECTED]>
> wrote:
> >
> > >
> > > > I did this and it was successful, both for internal and external
> domains
> > > >
> > > (tks Amos for that suggestion), and here are the lines from
> /etc/named.conf:
> > >
> >
> > And how does it work when the VPN is NOT connected? Is it smart enough
> > to figure out not to try 10.2.2.{1,41} when the VPN is down and go
> > directly to the external DNS?
> >
>
> Basically, yes. It obviously won't resolve internal fqdns because they are
> not reachable anyway, neither are the internal dns servers, but the resolver
> still tries the localhost dns server first (as it is the first nameserver in
> the /etc/resolv.conf file) to resolve an external address and the "forward
> first" clause causes the localhost dns server to try the (now inaccessible)
> forwarders just the once and then give up, and the resolver then goes on to
> try the other dhcp supplied name servers. Thus there is a small delay in dns
> resolution but I don't see it as a major problem. I guess if you used the
> "forward only" clause then it might knicker up.
I was hoping for something more along the lines of "when the VPN link
goes down - reconfigure:
1. Remove the "search soho.lannet.com.au" line from resolv.conf
2. Reconfigure local DNS server to forget about the "zone
soho.lannaet.com.au" part.
I'm sure it's doable. Will try to get to it over the weekend (need to
be outside the office to test this).
Maybe it's less relevant to you because you still want to use the same
name but get the "external view" when the VPN is disconnected, right?
Cheers,
--Amos
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
