FreeBSD and DNS
robert schlotterbeck
robert at rs.tarrant.tx.us
Fri Sep 12 20:30:16 PDT 2003
You can use BIND's view options for this. It would require BIND 9
Info can be found at http://sysadmin.oreilly.com/news/views_0501.html
quick sample:
acl "local-addresses" { 10.0.0.0/8; 127.0.0.1/32; };
view "internal" {
match-clients { local-addresses; };
recursion yes;
zone "domain.tld" in {
type master;
file "domain.tld.internal";
};
};
view "external" {
match-clients { 0/0; };
recursion no;
zone "domain.tld" in {
type master;
file "domain.tld.external";
masters { 66.34.148.127; };
allow-transfer { secondary-nameservers; };
};
};
Robert
On Friday 12 September 2003 10:11 pm, Ronnie Clark wrote:
> Hello all,
>
> I have a questions that I just cannot get my brain
> around. I have a home network and use FreeBSD as my
> firewall using IPFW. It is also my internal DNS
> server, handling name resolution for inside the
> network and passing requests to the internet. I have
> my own domain, and use a free DNS service to point to
> my static IP from the outside. But as of late, the DNS
> service has come under DOS attack. So, if I want to
> host my own DNS records, so that people on the outside
> get my static, routable internet IP address, plus my
> reverse DNS record, can I still have the DNS service
> serve my internal requests? Can you have an A record
> point to the same machine, yet list two different IP
> addresses? Or do I need to move my internal DNS to
> another system to serve the inside? Please help, brain
> in knots over this one.
>
> Thanks,
> RC
>
More information about the freebsd-questions
mailing list