Different DNS responses depending on query source
yuri.pankov at gmail.com
Thu Oct 11 09:11:35 PDT 2007
Jeffrey Goldberg wrote:
> The host that runs my internal DNS server is down for the count (I've
> already replaced the power supply on it once, and I don't feel like
> doing it again). Although I had other uses planned for that machine,
> the only useful thing it was doing was DNS for a local net and DHCP, the
> latter I've moved to my firewall box (running m0n0wall).
> So, until I build a replacement machine, I'd like to run the DNS service
> on 6.2-RELENG machine on my DMZ. However I have a conflict between
> providing IPs for the outside world to see, eg
> n114.ewd.goldmark.org 184.108.40.206
> versus what I want when querying from the local network, eg,
> n114.ewd.goldmark.org 10.1.10.131
> Also there are some internal names (eg, fluffy.ewd.goldmark.org) which
> shouldn't be advertised to the outside world at all.
> The obvious answer would be to run two instances of bind, listening on
> different IPs (possibly using jails). But I don't have an IP address to
> spare on the DMZ. So is there a way to have bind listening on the only
> interface and IP address the host can have give different answers
> depending on where the query comes from?
You can use BIND's "view" statement:
More information about the freebsd-questions