DNS config help
Matthew Seaman
m.seaman at infracaninophile.co.uk
Thu Nov 3 07:51:19 UTC 2011
On 02/11/2011 20:52, AN wrote:
> I have a question about how to configure DNS. My local network is 10.x,
> and I sometimes need to connect to a remote VPN. My question is how do
> I configure BIND to forward queries to a different server only for a
> specific domain.
This sounds like a job for a static-stub domain. That's a fairly new
feature in BIND, so you may well need to install bind98 from ports. See
the documentation here:
http://ftp.isc.org/isc/bind9/cur/9.8/doc/arm/Bv9ARM.ch06.html#zone_statement_grammar
> When I am connected to the VPN, vpn.example.com, I want queries for
> anything going to example.com to go a specific DNS, and everything else
> on 10.x to go to my regular DNS. Please let me know if I need to
> provide more info. Thanks in advance for any help.
Hmmm.... I don't think you're going to have much fun at all if you try
and modify your named configuration depending on whether your VPN is up
or not. DNS TTLs are generally of the order of days -- that should be
taken as a measure of the minimum time that should go between restarts
of a recursive DNS (ideally, and as a long term average). Better to
just fail the lookup when the VPN is down.
Cheers,
Matthew
--
Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard
Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
JID: matthew at infracaninophile.co.uk Kent, CT11 9PW
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 267 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20111103/45ca7940/signature.pgp
More information about the freebsd-questions
mailing list