[ previous ] [ next ] [ threads ]
 
 From:  Gary Barclay <badimba at gmail dot com>
 To:  Joe Suhre <jsuhre at nullconcepts dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Re: dnsmasq. forwarding all request for a given domain to a spacific server.
 Date:  Fri, 24 Jun 2005 12:48:51 +0100
Could you provide details of this process Joe?
I would also like to have all requests for internal domain forwarded
to Internal DNS server.
Basically I have 1 laptop in the DMZ with net info provided by
m0n0wall, that needs to do ADS lookups on the internal dns server
rather than m0n0wall cache.  And I think this might be the solution...

Cheers
Gary

On 14/06/05, Joe Suhre <jsuhre at nullconcepts dot com> wrote:
> Well thanks for the replies. As Chris pointed out this setup makes our
> internal company domain fully available to remote site2site VPN users
> without making those users dependent on the VPN or company DNS servers
> for we access. Also in my orig post i described the ARG as
> --server=/domain_name/dns_cache_ip this is slightly incorrect. It should
> be --server=/domain_name/dns_auth_ip. The IP needs to be an
> authoritative DNS server not a cache. All that said I just submitted a
> patch to the dev list fully adding this functionality. So hopefully we
> will see this in a future release of m0n0wall!
> 
> enjoy!
>    Joe
> 
> Chris Buechler wrote:
> 
> >On 6/10/05, Ugo Bellavance <ugob at camo dash route dot com> wrote:
> >
> >
> >>If his internal server does recursive queries, wouldn't it be possible
> >>to use it as m0n0wall dns server, so that would be the one used by dnsmask?
> >>
> >>
> >>
> >
> >Yes, but then you still have a single point of failure for all your
> >DNS.  If you're doing that, you might as well just use the internal
> >server on all the machines.  With the mentioned modification, you
> >would only lose resolution to your domain if you lost that internal
> >DNS server; Internet would still work.
> >
> >-Chris
> >
> >---------------------------------------------------------------------
> >To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> >For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> >
> >
> >
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
>