[ previous ] [ next ] [ threads ]
 
 From:  scott dot k at facilitywiz dot com (Scott Karch)
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Help with layout....
 Date:  Fri, 30 Jun 2006 13:03:05 -0500 
Chris,

Thanks. After posting I realized a /29 would be much cleaner as well. It
also helps with my backup situation as well. As only the /24 is BGPd

As for DNS. I'm open to any program on any platform as long as it has a GUI.
The project managers get/have to assign their own DNS names as new clients
come in. We're currently using SimpleDNS on Windows, but I'd switch to
anything if it handled the split horizon DNS. Mac, Linux, Windows..
anything.

For those unfamiliar, split horizon DNS is one term for handling DNS
differently for internal and external users. Users on the internet might get
www.fwiz.com resolving to 64.1.127.144  but once we get all the 1:1 NAT
done, we need internal users have www.fwiz.com resolve to 10.0.1.144. It can
be done with 2 DNS servers and duplicate sets of records, but we add and
change records so often I'm really hoping we can find a solution that can
resolve internal and external requests differently depending on the source
IP. Does that explanation sound correct to you Chris?


-----Original Message-----
From: Chris Buechler [mailto:cbuechler at gmail dot com] 
Sent: Friday, June 30, 2006 11:57 AM
Cc: m0n0wall at lists dot m0n0 dot ch
Subject: Re: [m0n0wall] Help with layout....

On 6/30/06, Scott Karch <scott dot k at facilitywiz dot com> wrote:
>
> Man, that' what I was afraid of. I'll try and get 4 /30s to be safe. You
> never know what you might need on the outside of the firewall.
>

You don't need four /30's.  If you think you may need to add devices
outside the firewall in the future, get a /29.  That leaves you with 6
total usable IP's, 4 extras.  There's no reason to burn all those
small subnets in this situation when a single /29 would serve you
equally well and actually better since it's cleaner.



> Anyone know of the easiest way to do a ( I think this is the right term )
> split horizon DNS without 2 different servers?

What DNS server software?

-Chris

---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch