HPE Community
Operating System - HP-UX
1837968 Members
3013 Online
110124 Solutions
New Discussion

2 IPs for the same URL using BIND

 
SOLVED
Go to solution
Guilherme Belinelo
Occasional Advisor

‎05-14-2001 01:17 PM

‎05-14-2001 01:17 PM

2 IPs for the same URL using BIND

Hi,

I know it sounds strange, but I access my web site using 2 different IPs because of network security layers. I have a "hot" IP open to the web and an internal IP used inside the company (not valid for web, eg. 10.X.X.X).

What I need to do is to resolve the same address to 2 different IPs, depending on the querie source IP. It means that I want to resolve the address (eg.) www.test.com to 200.245.364.98 if the querie is coming from outside and for 10.0.9.8 if the querie comes from my internal network.
0 Kudos
Reply
3 REPLIES 3
Kevin Wright
Honored Contributor

‎05-14-2001 01:41 PM

‎05-14-2001 01:41 PM

Re: 2 IPs for the same URL using BIND

Never tried it, but I think you can do this using the allow-query directive..set up two different zones in named.conf and use the allow-query directive for each one.one for inside and one for outside.
If not, you can have two instances of named running..one to answer inside queries and one for external queries..this may be your best bet..you can use the 'listen on' directive to specific IP's or ports.
Reply
John Love_3
Regular Advisor

‎05-15-2001 07:41 AM

‎05-15-2001 07:41 AM

Re: 2 IPs for the same URL using BIND

Well, you could do it internally without using BIND. You can setup a static WINS address if you're using WinNT or 9X clients internally.

That's what we've done here. BIND is used for external addresses, and then we setup a static WINS address in our Win2K WINS server to point the internal address to the URL.

It works great for us and will likely be a better solution to your problem.

Hope this helps,

John
Reply
Jordan Bean
Honored Contributor

‎05-15-2001 08:05 AM

‎05-15-2001 08:05 AM

Solution

Re: 2 IPs for the same URL using BIND

Use split DNS: two sets of DNS zones, internal and external. this is the best approach if you have a firewall. Put all of your internet accessible names and IPs in the external dns server (be very deliberate with the NS and MX records). Protect your internal names and IPs in a internal server, secured from the internet. You will have to register your external server (and hopefully secondary slave) with your domain registrar as quickly as possible.

If you don't have a firewall, or you don't have another machine for the external zones, this can still be done with two named processes running, each with a different zone directory and configuration file, on the same machine with two network interfaces or IP aliasing, and binding each named to its appropriate IP (internal should also bind to loopback/localhost). If the web server happens to run on this machine, make sure the resolver points to the internal named on 127.0.0.1, not the external IP, since only the internal named will have forwarding enabled.
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.