|
||||||||
Well thanks for the replies. As Chris pointed out this setup makes our internal company domain fully available to remote site2site VPN users without making those users dependent on the VPN or company DNS servers for we access. Also in my orig post i described the ARG as --server=/domain_name/dns_cache_ip this is slightly incorrect. It should be --server=/domain_name/dns_auth_ip. The IP needs to be an authoritative DNS server not a cache. All that said I just submitted a patch to the dev list fully adding this functionality. So hopefully we will see this in a future release of m0n0wall! enjoy! Joe Chris Buechler wrote: >On 6/10/05, Ugo Bellavance <ugob at camo dash route dot com> wrote: > > >>If his internal server does recursive queries, wouldn't it be possible >>to use it as m0n0wall dns server, so that would be the one used by dnsmask? >> >> >> > >Yes, but then you still have a single point of failure for all your >DNS. If you're doing that, you might as well just use the internal >server on all the machines. With the mentioned modification, you >would only lose resolution to your domain if you lost that internal >DNS server; Internet would still work. > >-Chris > >--------------------------------------------------------------------- >To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch >For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch > > > |