|
Subject: |
NAT and DNS ? |
|
From: |
Joerg Kummer 41 61 68 88132 <JOERG .
KUMMER @
Roche .
COM> |
|
Date: |
Wed, 26 Feb 1997 08:32:05 +0100 (MET) |
|
To: |
firewalls @
greatcircle .
com |
|
A1-type: |
MAIL |
|
Alternate-recipient: |
prohibited |
|
Hop-count: |
1 |
|
Importance: |
normal |
|
Mr-received: |
by mta RBADD1; Relayed; Wed, 26 Feb 1997 08:32:07 +0100 |
|
Posting-date: |
Wed, 26 Feb 1997 08:32:06 +0100 (MET) |
|
Sensitivity: |
Company-Confidential |
|
Ua-content-id: |
E2073ISN1UI4G |
|
X400-mts-identifier: |
[;70238062207991/2788506 @
ROCBI] |
Can anybody point me to information/papers regarding NAT and DNS, split DNS
problems etc.
Problem: How is DNS set up to deal with a NAT fw which allows inbound
and outbound connections i.e. with internal hosts which have a local
AND (through the NAT) a global address.
Would it be the same as described in this list's FAQ ('How do I make DNS work
with a firewall?') with different A records for the specific hosts on the
internal/external servers ?
If yes:
Why does the FAQ method filter DNS requests - to prevent internal DNS
servers or DNS clients to learn about the public representation of the zone
(e.g. via named.cache hints or wrong resolv.conf entries) ?
Why does resolv.conf of the external DNS server have to point to the
internal server ?
thanks
joerg
|
|
