> I have lazy client that doesn't want to change 3 letters.
>
> The situation is they have laptop clients that need to check their email
> in the office and remotely. In the office the serve is mail.domain.loc.
> Outside the office it is mail.domain.com. The firewall (Cisco) doesn't
> allow the request to go out and back in.
>
> How do I change named so mail.domain.com works in the office too? I
> tried this line but no joy.
> mail.domain.com. IN A 192.168.1.10
>
> I don't care if it's an A record or cname.
Typically the way this is handled is via "split-horizon" (aka
"split-brain") DNS. You maintain one version of the domain.com zone
that you publish externally and a second version only for the
consumption of internal people. Usually this means running two
separate sets of name servers, though BIND on Unix does allow you to
use "views" so that a single name server can provide both versions of
the zone (though I actually don't recommend it in practice because of
the potential of accidentally leaking information due to
misconfiguration).
I believe the O'Reilly DNS and BIND book has some words of wisdom
on setting up split-horizon, and you could probably Google and find
lots of hits, including the talk I gave for EUGLUG many moons ago:
http://www.deer-run.com/~hal/EUGLUGBINDTalk.pdf
--
Hal Pomeranz, Founder/CEO Deer Run Associates [EMAIL PROTECTED]
Network Connectivity and Security, Systems Management, Training
_______________________________________________
EUGLUG mailing list
[email protected]
http://www.euglug.org/mailman/listinfo/euglug
