> -----Original Message-----
> From: Tally [SMTP:[EMAIL PROTECTED]]
> Sent: Tuesday, August 24, 1999 2:52 AM
> To: [EMAIL PROTECTED]
> Subject: DNS ..where to put..DMZ or ...
>
> This question has been asked n number of times on
> this list. but after searching through the archives
> it has confused us more as there are numerous
> threads and its difficult to follow multiple
> threads
>
> I N T E R N E T
> |
> Firewall---Webserver(aka dmz)
> |
> Internal Network
>
> A typical set up. The internal network has its own
> "internal" DNS but the hosts have 10.x.x.x
> addresses.
> now the question. where do I place the DNS server.
> what if I place it on the same host as Webserver on
> the DMZ. This DNS server would be the name server
> for the domain hosted by the firewall... correct..
> ?
[Myllym�ki Sakari]
You can put your external DNS on the same machine with the
www-server, I've had no problem with that.
>
> and next , is there a way so that sitting on the
> web server one could access hosts in the internal
> network by name... how can this be achieved... ?
> this is the hard part.
>
[Myllym�ki Sakari]
First: I would think twice before allowing access from the host
in the DMZ to hosts in the internal network. If you are doing some
serious beb commerce or such like it may be necessary.
So: There is a file named .hosts in your /etc directory (or
somewhere else if you are running NT) the internet protocol will check
this file when resolving names, so you can add here any names you need
to reference, but don't want to have in your external DNS.
Just put an entry like
10.0.0.23 host.internal.net
in the file. there should allways be at least the "127.0.0.1
localhost" entry.
Sakari
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
