DNS and DMZ help needed

John C. Voigt jcvoigt
Mon May 17 11:53:49 PDT 2004 

Thanks for the reply!

I'm not sure what exactly is going on. Here's what I get:

#nslookup
> server source.isd.state.in.us
Default Server: source.isd.state.in.us
Address: 199.8.63.5#53
> set type=any
> poplar.reclamation.dnr.state.in.us
Server:  source.isd.state.in.us
Address: poplar.reclamation.dnr.state.in.us

Name:  poplar.reclamation.dnr.state.in.us
Address: 192.168.100.2

Or if I try Earthlink for the domain:

> server ns1.earthlink.net
Default server: ns1.earthlink.net
Address: 207.217.126.41#53
> set type=any
> reclamation.dnr.state.in.us
Server:         ns1.earthlink.net
Address:        207.217.126.41#53

Non-authoritative answer:
reclamation.dnr.state.in.us     mail exchanger = 10 mail.reclamation.dnr.state.in.us.
reclamation.dnr.state.in.us     nameserver = source.isd.state.in.us.
reclamation.dnr.state.in.us     nameserver = ns.reclamation.dnr.state.in.us.
Name:   reclamation.dnr.state.in.us
Address: 192.168.100.2

Authoritative answers can be found from:
reclamation.dnr.state.in.us     nameserver = source.isd.state.in.us.
reclamation.dnr.state.in.us     nameserver = ns.reclamation.dnr.state.in.us.
ns.reclamation.dnr.state.in.us  internet address = 192.168.100.2

This is driving me nuts.

Thanks!

-----Original Message-----
From: Wil McGilvery <wmcgilvery at lynch.ca>
Sent: Sep 18, 2003 11:44 AM
To: linux-users at linux-sxs.org
Subject: RE: DNS and DMZ help needed

When I resolve your name - poplar.reclamation.dnr.state.in.us using source.isd.state.in.us as the DNS server, I get 68.72.56.147.

Is this the server that is giving you trouble?

Regards,

Wil McGilvery
Manager
Lynch Digital Media Inc

416-744-7949
416-716-3964 (cell)
1-866-314-4678
416-744-0406??? FAX
www.LynchDigital.com



-----Original Message-----
From: John C. Voigt [mailto:jcvoigt at earthlink.net] 
Sent: Thursday, September 18, 2003 12:18 PM
To: linux-users at linux-sxs.org

Hi,

I'm in the process of setting up our network at work, as the Feds unplugged our old one. We have a Cisco PIX 515 firewall (not ours) between the router and our LAN with a DMZ port. 

I have a DNS server in the DMZ to answer external queries. DNS is NATted from an external IP (68.72.56.147) to the DMZ (192.168.100.0/24). The DNS is supposed to answer queries from the outside address, and allow zone transfers to our off-site secondary. The strange thing is that a query to the DNS server from itself (poplar.reclamation.dnr.state.in.us) gives it's correct address (68.72.56.147). From our secondary and other nameservers "out there", it resolves to it's DMZ address, which of course,  is non-routable.

Any help to point me in the right direction on how to correct this would be most appreciated.

TIA,

John V.

John Voigt - K9GBO
Valley Technology
Terre Haute, IN
jcvoigt at earthlink.net



John Voigt - K9GBO
Valley Technology
Terre Haute, IN
jcvoigt at earthlink.net

More information about the Linux-users mailing list