[SATLUG] Network Design: Firewall, BIND, Apache, SAMBA, Qmail
Philip J Beyer
post+satlug at paladin-its.com
Wed Aug 21 10:34:01 CDT 2002
> (1) It seems that local networks addresses are
> different from internet addresses, so that local
> networks stay invisible/insulated from the internet.
> I'm assuming that services such as those offered by
> ZoneEdit.com only apply to those computers which have an
> internet-wide IP address. (rather than a 192.xx.xx.xx
> address) Am I on the right track here?
yep... you're on the right track... RFC 1918 describes the private IP
> (2) If #1 is true and I'm using ZoneEdit to direct
> internet clients to my servers, what can I do to
> computers on my local network to "talk with" the
> servers on my network? I'm assuming the IP addresses
> will be way different (i.e. 208.xxx.xxx.xx versus 192.xxx.xxx.xx).
you have two options...
-1- put your local hostname-to-ip mappings in /etc/hosts
-2- use a DNS server like BIND on your local network
option 1 is simple and quick, but not useful if you are either always
changing the mappings or if you want to learn more about DNS
option 2 is not a security risk as long as you set BIND up correctly
(plenty of docs via google), but it is overkill (not always bad ;-P)
> (3) The reason I learned to use BIND is b/c of #2. I've
> been trying to figure out how to set-up and manage
> computers with different root IP addresses (208.xx...
> versus 192.xx...). Is there ever a reason when I'd want
> to use BIND?
i'm not sure what you're asking here... if you want to serve different
ip addresses for the same dns name request, then your question does not
have a trivial answer... i'll wait to find out more about what you want
More information about the Satlug