[clue-tech] Critical BIND issues behind firewall
Chris Schock
black at clapthreetimes.com
Mon Jan 17 12:42:06 MST 2005
> BTW, I think I have the issue figured out - the problem comes from using
> Split DNS. I had my first config using split dns, and during the AXFR
> zone transfers, all of them were getting transferred the local zone
> files... so even the external zone files were being filled with 10.0.0
> ip addresses... causing the problem. I'm not sure how to get around
> this... mainly because the reason I need split dns is because when
> you're behind a PIX, you can't address the remote IP address, only the
> internal one.
And I suppose you could use the
query-source address 80.80.80.80 port 53;
to force your DNS server to answer with a specific IP address.
You PIX is doing static NAT for your DNS servers right?
More information about the clue-tech
mailing list