Mailing Lists: Apple Mailing Lists
Image of Mac OS face in stamp
 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: DNS Tutorial for OS X?

On 5/29/03 10:56 AM, "Stranathan, Dan" <email@hidden> wrote:

> I want to run an Internal (LAN) and external (Internet) DNS server on an OS
> X 10.2.6 box. I have the O'Reilly BIND (Unix) book, but I would really love
> to have a down-n-dirty guide to setting up BIND on OS X. Is there anything
> out there that can walk me through an OS X-specific install and config of
> BIND? A book, a manual? a guide? anything?
>

To the best of my knowledge, you have to be running BIND 9 to do this on a
single box, because BIND 9 implements views, which allows the server to hand
out different answers to the same query depending on the IP address of the
requester. In other words, when a machine inside your network (10.1.1.1)
queries for the address of "www.yourdomain.com" DNS will return 10.1.1.2.
On the other hand, when someone from the outside world asks for the same
host name, DNS returns the external address.

Unfortunately, Apple ships with BIND 8.2.x, so I believe you're stuck either
having to install BIND 9 yourself or using two separate boxes for internal
and external DNS. That's what we do at our district.

As for setting up this kind of arrangement, the key for me was to think
about each server in isolation, and set each up according to the
instructions found on the web or in "DNS & BIND". The only difference is
that the internal DNS is set up with a zone file for your domain containing
"A" records that use the *internal* IP addresses of named hosts, while the
external DNS has A records with the external addresses of those same hosts.
The two zone files *could* be identical except for the IP addresses, or they
could have some different entries, for example, if you have one or more
named hosts on the inside that are not accessible from the outside or
vice-versa.

The way to make it work is that clients on the inside need to be configured
in Network Preferences to use the *internal* DNS server alone. When an
internal client queries for the address of one of your hosts, the DNS
server, thinking it is authoritative for your domain, responds with the only
answer it knows, which is the internal IP address of that host. If the
server doesn't know the answer (meaning the query is for an external host)
it forwards the request "upstream" and eventually--assuming the external
host exists--the client gets the correct answer and goes on its merry way
out onto the Internet.

Clear as mud? I'm sure I'm missing details, but we have this set-up in our
district and it works just fine.

Tom

----------------------------------------------------------------------------
Tom Donovan Hawthorn School District 73
Coord. of Info. Systems, Webmaster Vernon Hills, IL
----------------------------------------------------------------------------
_______________________________________________
macos-x-server mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/macos-x-server
Do not post admin requests to the list. They will be ignored.
References: 
 >DNS Tutorial for OS X? (From: "Stranathan, Dan" <email@hidden>)



Visit the Apple Store online or at retail locations.
1-800-MY-APPLE

Contact Apple | Terms of Use | Privacy Policy

Copyright © 2007 Apple Inc. All rights reserved.