Mike:
> What about DNS servers? They are best referred to by IP.
> Especially if they belong to your ISP.
Hmm. I was working with the model that the firewall
would be giving out DHCP leases to the clients on the LAN,
and acting as their DNS forwarder. As to what the firewall
forwards to...if it gets its external IP from a DHCP lease
from an ISP (or bootp or even PPPoE), then DNS info is part
of that exchange isn't it?
If the user is setting up a machine behind the firewall
as a DNS server, and they want to portfw to it (maybe it's
a co-located suite of servers they're setting up), the firewall
can still be setup to work using the 3-piece script model I've
described. It'd would just be up to the user to configure their
internal DNS server with a static IP#. This, I think, is beyond
the scope of a LEAF-based firewall appliance.
Of course, if something on the LAN has a static IP#, it's
much less work to make everything, errr, work. The EchoWall stuff
I've been describing was meant to solve for the sticker problem
of portfw'ding reliability to a *internal* server that was (for
whatever reason) setup to get it's IP dynamically.
Please correct me if I'm off base here, of course.
-Scott
_______________________________________________
Leaf-devel mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/mailman/listinfo/leaf-devel
