DNS and DMZ help needed
John C. Voigt
jcvoigt
Mon May 17 11:53:52 PDT 2004
On 09/18/2003 04:51 PM, burns wrote:
> On Thu, 2003-09-18 at 12:17, John C. Voigt wrote:
<snippage>
Sorry for the late reply.
> Why do you have a class C subnet address on the DNS box, anyway?
Actually, I don't, but I didn't see the point of splitting up a class C
for non-routable addresses.
> If it is in the the DMZ, it stands to reason that it is outside your
> protected subnet.Why not leave it with a routable IP and just point
> your private boxes at it through the gateway?
Yup, but the way the PIX is set up, it maps an externally valid address
to a DMZ address. We have no direct control over the PIX, unfortunately,
so we have to [mostly] live with what has been set up.
This situation has turned out to be not as big of a problem as it first
appeared, as when I checked things from my home account, everything
resolves correctly. It turns out that the firewall itself is mangling
things as they go thru. I need to have the firewall guy fix this, as it
makes network diagnostics rather, um, difficult.
It would have been much simpler, logistically anyway, if I were allowed
to build my own firewall.
Thanks all for the input!!
John V.
Hopefully to resubscribe with my new address soon.
--
_/- John Voigt - K9GBO -----|- Registered Linux User #38558 --_/
_/- System Administrator ----|- Valley Technology ------------_/
_/- jcvoigt at earthlink.net ----|- Terre Haute, IN -------------_/
If Fed Ex and UPS were to merge, would they call it Fed UP?
-- George Carlin
More information about the Linux-users
mailing list