Subject: Re: Configuring server for internal network
From: darren david (darren@extension11.com)
Date: Mon Oct 23 2000 - 13:37:46 MDT
Darron-
Are domain names essential for functionality on an internal network?
What if I only ever want to refer to a machine by its IP address - is
there any way to just turn reverse DNS lookup off?
Darren
>on 10/19/00 5:46 PM, Gawain Reifsnyder at gawain@guitar.net wrote:
>
>> I may have to do some more reading on DNS setup before I can dive
>> into your solution... However, with a couple more hints I may be
>> able to figure it out. :-)
>>
>> In the $ORIGIN section of your zone file you have
>> machineX.internal.froese.org and darron.froese.org. How would this
>> work in my case, as I'm not running a local DNS server?
>
>It wouldn't work unless you run a local DNS server. NOTE: There's no reason
>why you can't run your own local dns server - you have the software for it.
>
>UNLESS
>
>Yhere's a way to put PTR records in your /etc/hosts file - I'm not sure if
>there is at this time.
>
>Does anyone else know of a way to do this?
>
>Here's some more hints anyways.
>
>The $ORIGIN lines in the db file would be correct if your internal network
>was 192.168.1.x - all $ORIGIN does is append itself to entries in the file
>that aren't fully qualified:
>
>$ORIGIN 1.168.192.in-addr.arpa.
>1 IN PTR machine1.internal.froese.org.
>15 IN PTR machine2.internal.froese.org.
>157 IN PTR machine3.internal.froese.org.
>36 IN PTR machine4.internal.froese.org.
>
>Is the same as:
>
>1.1.168.192.in-addr.arpa. IN PTR machine1.internal.froese.org.
>15.1.168.192.in-addr.arpa. IN PTR machine2.internal.froese.org.
>157.1.168.192.in-addr.arpa. IN PTR machine3.internal.froese.org.
>36.1.168.192.in-addr.arpa. IN PTR machine4.internal.froese.org.
>
>Notice the dots at the end of the domain names? That means: "This is fully
>qualified so don't append $ORIGIN to the end."
>
>$ORIGIN is a way to:
>
>1. Not type so much.
>2. Make it easier to make large changes without having to change a lot of
>records.
>
>Basically, this is what I think is happening:
>
>When one of your internal machines is trying to connect to ProFTPD - let's
>pretend that it's coming from 192.168.1.15.
>
>The machine your ftp server is running on attempts to find out the host name
>that 192.168.1.15 is supposed to have SO it asks the name server it's
>configured to speak to (from its /etc/resolv.con):
>
>"What does the PTR record for 15.1.168.192.in-addr.arpa. point to?"
>
>If it's asking your ISP (or whatever name server you have in your
>/etc/resolv.conf) for this information, their DNS server is going to say "I
>have no idea - that's not an IP I have the answers for because it's a
>private address."
>
>Along the same lines, when sendmail starts up, it looks up both the forward
>and reverse domain records for its hostname/ip address:
>
>OK, now, I know I'm at "hostname.computer.com" - what's my ip address? (It
>finds that answer in your /etc/hosts file because you don't have a dns
>server [at least that's what I'm lead to believe from your postings here].)
>
>OK, now that I've got the IP for "hostname.computer.com", what's the PTR
>record for that ip? Hello? Are you listening? What's the PTR record for that
>IP? Are you there? I'm going to try a few more times and wait a little
>longer.....OK - I'm giving up. There isn't a PTR record that I can find.
>
>Does that make any more sense? Obviously you'd need to use your own domain
>name instead of froese.org...
>--
>Darron
>darron@froese.org
--____________________________________________________________ Darren David | Managing Director, Engineering | 415.229.1135 ------------------------------------------------------------ -> | extension11 |||||||||||||||||||||||||||||||||
This archive was generated by hypermail 2a24 : Mon Oct 23 2000 - 13:45:35 MDT