Subj : Re: CVS commit web/html/i
To   : Belly
From : Poindexter Fortran
Date : Fri Apr 08 2005 11:10 am

-=> Belly wrote to Angus Mcleod <=-

 Be> Yes. I often use a 'fake' internal DNS zone to handle that. On a DMZ, a
 Be> properly crafted prerouting chain can take care of that without any DNS
 Be> tomfoolery. (are they even called 'chains' anymore? 'Table' just
 Be> doesn't sound right.)

Depends on your router, too. Some routers will bounce LAN requests to
forwarded ports on the outside IP back to the inside machine. My old
SMC Barricade 7004BR did this, which made configuring my laptop easy -
I could leave it pointed to services on the outside of the firewall,
and whether I was on my office LAN or outside my LAN at a client,
everything would work.

I've resorted to pointing my home DNS as primary DNS from my DHCP
server, and putting private IP info in there. I never got around to
setting up independent views on DNS to make separate zones for
internal/external requests.

--pF

 
--- MultiMail/Win32 v0.46
 þ Synchronet þ realitycheckBBS -- since 1991, more or less...

.