First off, you really want to get the Cricket Liu book (DNS and BIND,
O'Reilly et al) if you're going to be managing DNS; it is the bible.
Generally, when you're using NAT, you will need two DNS's, one for
your internal that maps names to the private ip addresses and one for
external which maps them to the routable ip's. Generally, you will
want your DMZ machines to use your external DNS servers unless they
need to talk to your internal. (BIND 9 allows you to use on daemon and
return different addresses depending on the ip address of the
requester, but I haven't used it yet, so. . .).
As for ports, email me if you need them; I have them in my config
files but I gather that isn't the nature of your question.
Henry
> -----Original Message-----
> From: Jamy Klein [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, September 20, 2000 2:45 PM
> To: Firewall list (E-mail)
> Subject: dns from behind a firewall
>
>
> Can someone give me a short lesson on DNS through a firewall
> using NAT. I
> am in the process of setting up a firewall with nat on our
> company network,
> and I would like to know what I need to do to have DNS
> function from behind
> the firewall on the dmz network.
>
> Thanks
>
> Jamy Klein
>
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
