RE: [Nolug] company dns on internet / not linux but...

From: John Souvestre <johns_at_sstar.com>
Date: Thu, 2 Feb 2006 15:37:37 -0600
Message-ID: <011101c62840$e34b78f0$6401a8c0@JohnS>

Hi John.

Public. I believe that you stipulated that you didn't want DNS traffic over
your VPN. I'd recommend restricting access to just your branch offices just
to keep the load down. However, I don't think that anyone knowing your
private IPs hurts, however. Perhaps Joey knows something that I don't
however. :-)

Also, as Joey recommended, set up a secondary/slave DNS server somewhere else,
too.

John

    John Souvestre - Southern Star - (504) 888-3348 - www.sstar.com

-----Original Message-----
From: owner-nolug@redfishnetworks.com [mailto:owner-nolug@redfishnetworks.com]
On Behalf Of John Kosta
Sent: Thursday, February 02, 2006 3:21 PM
To: nolug@nolug.org
Subject: Re: [Nolug] company dns on internet / not linux but...

John Souvestre wrote:
> Hi John.
>
> How about putting a DNS Server at your Hub office and just pointing the
branch
> offices to it?
>
> John

Via internet (open DNS up to the public?) Or private network?

If Private:

If I put it in the hub only, then the problem is if that connection is
down, my clients in other offices can't see anything (private or
internet locations), nor can they get to my back-door external internet
access point, since they won't be able to find the server (no DNS to
give them the answer).

Their Internet backup connection doesn't do them any good.

Right?

If via internet, then yes, I could do that. I just don't want another
server to maintain and worry about.

>
> John Souvestre - Southern Star - (504) 888-3348 - www.sstar.com
>
> -----Original Message-----
> From: owner-nolug@redfishnetworks.com
[mailto:owner-nolug@redfishnetworks.com]
> On Behalf Of John Kosta
> Sent: Thursday, February 02, 2006 1:50 PM
> To: nolug@nolug.org
> Subject: [Nolug] company dns on internet / not linux but...
>
> Guys and Gals,
>
> how would you tackle this?
>
> Hub office = New Orleans
> Spoke offices = all over the place
>
> Remote offices connect to New Orleans via Point to Point T1s, and have
> internet backup.
>
> I don't want to put DNS servers in the remote offices, and I don't want
> to pass DNS traffic over the T1s. If the T1s go down, I want my users
> to access New Orleans hub via the internet.
>
> Do you know of/can you recommend /is this a horrible/good idea?: Is
> there a DNS company/service that will allow me to export my DNS settings
> from New Orleans hub to the internet that I can point all my clients to
> that will have both my company specific DNS answers, and world wide DNS
> answers?
>
> So, I set all clients to get their DNS answers from:
>
> ns1.someisp.com
>
> They want yahoo, they get yahoo's public IP address.
>
> They ask for privatemailserver.atmycomany.com they get the private
> internal ip address.
>
> How do other people handle this type of situation?
>
> Thanks for any advise.
>
> --John
>
>
>
>
> ___________________
> Nolug mailing list
> nolug@nolug.org
>
> ___________________
> Nolug mailing list
> nolug@nolug.org
>

___________________
Nolug mailing list
nolug@nolug.org

___________________
Nolug mailing list
nolug@nolug.org
Received on 02/02/06

This archive was generated by hypermail 2.2.0 : 12/19/08 EST