I have read several articles on DNS on the firewall. One suggestion is to
return fake addresses for queries instead of returning UNKNOWN in which
cross-checks fail. In making special-format host names, do you need to
make one for each IP node ? Do you return real IP addresses ? What does the
PTR records look like ? Any help would be greatly appreciated or if you can
direct me to a ftp site for more information .
----
We've just had Brent Chapman of Great Circle here at our site, and I'm doing
the same thing that you're trying.
Basically, yes, you need to make one for each IP node. I had to unscramble
various bits of C programming out of the darker areas of the grey matter in my
head, and managed to do it for a class B net. I will be returning the real
addresses because anyone will know what they are from our registration info,
but I'm assigning them to fake names, i.e host1.23 for "a" machine, on subnet
1, node 23.
I haven't done the ptr records yet. That's tomorrow morning.
-Ken.
Ken Beames
Sr. Network Analyst
Network Operations Group
Quarterdeck Office Systems
beames @
qdeck .
com
|
|
