Re: Internal DNS Zone ...

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MSnyder, Alexander J via PLUG-discuss at <-
 
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: Ed via PLUG-discuss
Date:  
To: Main PLUG discussion list
CC: Ed
Subject: Re: Internal DNS Zone ...
you may be trying to do this - see section "Dnsspoof or 'Split
horizon' with Unbound DNS". It's the last one on
https://calomel.org/unbound_dns.html
sorry - can't help with AD

On Wed, Aug 11, 2021 at 1:53 PM Snyder, Alexander J via PLUG-discuss
<> wrote:
>
> Hi Folks --
>
> Looking for some guidance on setting up an internal DNS zone, on an externally resolvable domain.
>
> I own: snyderfamily.co
>
> I have set up "int.snyderfamily.co" to be a CNAME record that is set to "internalzone.ddns.net", so that when you ping "int.snyderfamily.co" you get my firewall "98.165.64.38"
>
> I have set up a NAT so that all external port 53/853 queries that hit my WAN are redirected to my internal active directory server (10.0.10.3:53).
>
> If I were to then create a record for say "plex.int.snyderfamily.co" -- I should get "10.20.0.3", as the response (just the information, not the IP, which is non-routable) .... right?
>
> I need someone to help validate my logic or fill in the gap where I'm missing.
>
> Right now, things are set up under "snyderfamily.int" ... but I'm not understanding .... do I change my FW hostname to be "int.snyderfamily.co" since that is where the Public IP resolves?
>
> Would I then reconfigure AD to be "ns1.int.snyderfamily.co" where the NAT is sending the DNS queries (or at least should be sending them)?
>
> This is where it all breaks down in my mind and I get a whomping of anxiety -- because I don't want to fubar my existing (working) "snyderfamily.int" setup.
>
> Your perspective, insight, and guidance on this are appreciated!
>
> Thank you!!!
>
> --
> Thanks,
> Alex.
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list -
> To subscribe, unsubscribe, or to change your mail settings:
> https://lists.phxlinux.org/mailman/listinfo/plug-discuss
---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change your mail settings:
https://lists.phxlinux.org/mailman/listinfo/plug-discuss
This message was posted to the following mailing lists:
Plug Discuss
Mailing List Info | Nearby Messages		<-Re: Adding myself into the Sudo-ers file...Re: Adding myself into the Sudo-ers file...->
Some Mailing List Archive administrated by UnconfiguredLurker (version 2.3)