Sophie

Sophie

distrib > Mandriva > mes5 > x86_64 > by-pkgid > 45723c51178a73df679c2a8284d8eeff > files > 48

shorewall-doc-4.0.15-0.2mdvmes5.noarch.rpm

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Simple way to set up Split DNS</title><link rel="stylesheet" href="html.css" type="text/css" /><meta name="generator" content="DocBook XSL Stylesheets V1.73.2" /></head><body><div class="article" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title"><a id="id257523"></a>Simple way to set up Split DNS</h2></div><div><div class="authorgroup"><div class="author"><h3 class="author"><span class="firstname">Tom</span> <span class="surname">Eastep</span></h3></div></div></div><div><p class="copyright">Copyright © 2008 Thomas M. Eastep</p></div><div><div class="legalnotice"><a id="id292634"></a><p>Permission is granted to copy, distribute and/or modify this
      document under the terms of the GNU Free Documentation License, Version
      1.2 or any later version published by the Free Software Foundation; with
      no Invariant Sections, with no Front-Cover, and with no Back-Cover
      Texts. A copy of the license is included in the section entitled
      “<span class="quote"><a class="ulink" href="GnuCopyright.htm" target="_self">GNU Free Documentation
      License</a></span>”.</p></div></div><div><p class="pubdate">2008/12/15</p></div></div><hr /></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="section"><a href="#id257928">What is Split DNS</a></span></dt><dt><span class="section"><a href="#id257944">Why would I want to use Split DNS?</a></span></dt><dt><span class="section"><a href="#id257958">Setting up Split DNS</a></span></dt></dl></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id257928"></a>What is Split DNS</h2></div></div></div><p><em class="firstterm">Split DNS</em> is simply a configuration in which
    the IP address to which a DNS name resolves is dependent on the location
    of the client. It is most often used in a NAT environment to insure that
    local clients resolve the DNS names of local servers to their RFC 1918
    addresses while external clients resolve the same server names to their
    public counterparts.</p></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id257944"></a>Why would I want to use Split DNS?</h2></div></div></div><p>See <a class="ulink" href="FAQ.htm#faq2" target="_self">Shorewall FAQ 2</a>.</p></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id257958"></a>Setting up Split DNS</h2></div></div></div><p>Setting up Split DNS is extremely simple:</p><div class="orderedlist"><ol type="1"><li><p>Be sure that your firewall/router can resolve external DNS
        names.</p></li><li><p>Install the <span class="bold"><strong>dnsmasq</strong></span> package
        (<a class="ulink" href="http://www.thekelleys.org.uk/dnsmasq/doc.html" target="_self">http://www.thekelleys.org.uk/dnsmasq/doc.htm</a>l)
        and arrange for it to start at boot time. There are many dnsmasq
        HOWTOs on the Internet.</p></li><li><p>Add your local hosts to <code class="filename">/etc/hosts</code> on the
        firewall/router using their local RFC 1918 addresses. Here's an
        example:</p><pre class="programlisting">#
# hosts         This file describes a number of hostname-to-address
#               mappings for the TCP/IP subsystem.  It is mostly
#               used at boot time, when no name servers are running.
#               On small systems, this file can be used instead of a
#               "named" name server.
# Syntax:
#    
# IP-Address  Full-Qualified-Hostname  Short-Hostname
#

127.0.0.1       localhost

# special IPv6 addresses
::1             localhost ipv6-localhost ipv6-loopback

fe00::0         ipv6-localnet

ff00::0         ipv6-mcastprefix
ff02::1         ipv6-allnodes
ff02::2         ipv6-allrouters
ff02::3         ipv6-allhosts
127.0.0.2       ursa.shorewall.net ursa
<span class="bold"><strong>172.20.1.1      linksys.shorewall.net     linksys
192.168.0.1     opensuse.shorewall.net    opensuse
192.168.0.2     debian.shorewall.net      debian
192.168.0.3     ubuntu.shorewall.net      ubuntu
192.168.0.4     fedora.shoreawll.net      fedora
192.168.0.5     opensuse11.shorewall.net  opensuse11
192.168.0.6     centos.shorewall.net      centos
192.168.0.7     debian32.shorewall.net    debian32
192.168.0.8     fedora9.shorewall.net     fedora9</strong></span>
206.124.146.254 blarg.shorewall.net       blarg
</pre></li><li><p>Configure your local network hosts to use the firewall/router as
        their DNS server. If your local hosts are configured using DHCP, that
        is a simple one-line change to the DHCP configuration.</p></li></ol></div><p><span class="bold"><strong>And that's it!</strong></span> Your local clients
    will resolve those names in the firewall/router's
    <code class="filename">/etc/hosts</code> file as defined in that file. All other
    names will be resolved using the firewall/router's Name Server as defined
    in <code class="filename">/etc/resolv.conf</code>.</p><p>Example:</p><p>From an Internet Host:</p><pre class="programlisting">gateway:~ # host linksys.shorewall.net
linksys.shorewall.net has address 206.124.146.180
gateway:~ # </pre><p>From ubuntu (192.168.0.3):</p><pre class="programlisting">teastep@ubuntu:~$ host linksys
linksys.shorewall.net has address 172.20.1.1
teastep@ubuntu:~$ </pre></div></div></body></html>

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional