But mostly only because I don't fully understand it. What I want to do
is set up to do as Brent and others recommend: bastion host lies like
hell, but is authoritative for the domain; establishes MX records to
forward everything for the domain to the "inside"; provides bogus, but
sufficient, information for A and PTR records (so I can still use e.g.,
ftp.uu.net). Does anyone have a template they can mail to me, or is
there an example available via ftp somewhere?!?
Marty Shannon | SunOS System Administrator | You can't borrow
TIAA-CREF 3rd Floor | SVR3 System Administrator | enough to make
730 3rd Avenue | UUCP Guru (Don't Tell!) | me do Windows!
New York City, NY 10017 | Solaris System Administrator, too! | NYAH!
Grab the O'reiley book on DNS, and BIND. What I did was build a table of all
possible hosts (class b network=write a program to generate it):
host-0.0 IN A 220.127.116.11
host-0.1 IN A 18.104.22.168
host-0.2 IN A 22.214.171.124
host-0.3 IN A 126.96.36.199
host-0.4 IN A 188.8.131.52
host-0.5 IN A 184.108.40.206
host-0.6 IN A 220.127.116.11
host-0.7 IN A 18.104.22.168
host-0.8 IN A 22.214.171.124
host-0.9 IN A 126.96.36.199
These are basically bugus answers, we have different host names for these
address inside, but the world doesn't know that, and wouldn't care.
Hope it helps. -Ken.
Quarterdeck Office Systems