[ previous ] [ next ] [ threads ]
 From:  Joe Suhre <jsuhre at nullconcepts dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Re: dnsmasq. forwarding all request for a given domain to a spacific server.
 Date:  Tue, 14 Jun 2005 18:07:04 -0400
Well thanks for the replies. As Chris pointed out this setup makes our 
internal company domain fully available to remote site2site VPN users 
without making those users dependent on the VPN or company DNS servers 
for we access. Also in my orig post i described the ARG as 
--server=/domain_name/dns_cache_ip this is slightly incorrect. It should 
be --server=/domain_name/dns_auth_ip. The IP needs to be an 
authoritative DNS server not a cache. All that said I just submitted a 
patch to the dev list fully adding this functionality. So hopefully we 
will see this in a future release of m0n0wall!


Chris Buechler wrote:

>On 6/10/05, Ugo Bellavance <ugob at camo dash route dot com> wrote:
>>If his internal server does recursive queries, wouldn't it be possible
>>to use it as m0n0wall dns server, so that would be the one used by dnsmask?
>Yes, but then you still have a single point of failure for all your
>DNS.  If you're doing that, you might as well just use the internal
>server on all the machines.  With the mentioned modification, you
>would only lose resolution to your domain if you lost that internal
>DNS server; Internet would still work.
>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch