HPE Community
Operating System - HP-UX
1827702 Members
3245 Online
109967 Solutions
New Discussion

Trying to run DNS with a Firewall

 
Troy Blangin
Advisor

‎07-10-2000 02:13 PM

‎07-10-2000 02:13 PM

Trying to run DNS with a Firewall

I am trying to run a DNS server with a firewall up. We thought we needed to just telnet to the firewall and login to the firewall then run the DNS server on the HP machine. When we move in the resolv.conf in the /etc directory and bring up the DNS server we are bringing down the performance of the production machine. How to we get DNS to run through the firewall? Hopefully someone can help me. Thanks.
0 Kudos
Reply
5 REPLIES 5
Albert E. Whale, CISSP
Honored Contributor

‎07-10-2000 02:59 PM

‎07-10-2000 02:59 PM

Re: Trying to run DNS with a Firewall

Troy,

Are you attempting to run DNS through the Firewall? - In which case you'll need to open a Port for it.

Are you trying to run DNS independently? - In which case your DNS Masters will not know of an outsie universe and will become the Root Master Servers to the . domain.

Hope this helps.

Sr. Systems Consultant @ ABS Computer Technology, Inc. http://www.abs-comptech.com/aewhale.html & http://www.ancegroup.com
0 Kudos
Reply
Mike McKinlay
Honored Contributor

‎07-10-2000 03:06 PM

‎07-10-2000 03:06 PM

Re: Trying to run DNS with a Firewall

When you say run DNS through the firewall, do you mean you want DNS lookups from internal systems to be performed against an external DNS, such as your ISP?

Or do you want to run DNS on your firewall to serve out internal addresses (those few you want to publish to the web) and to provide lookup services to both sides of the firewall?
"Hope springs eternal."
0 Kudos
Reply
David Rodman
Frequent Advisor

‎07-11-2000 04:13 AM

‎07-11-2000 04:13 AM

Re: Trying to run DNS with a Firewall

You have three options with a firewall and DNS ( maybe more on variations)
It depends on how paranoid and what functionality you want.
You can open a hole (port) for DNS as suggested earlier. Any one outside
can query your server directly. - with associated risks.

You can run your Domain on the firewall (make it the master) - then the outside
and inside point to the firewall for resolv(s) -

You can run a caching server on the firewall and your master domain on an inside
machine. This way you can resolve outside addresses, but no one can get your
inside addresses.

Other variations exist - esp if you have a DMZ.
0 Kudos
Reply
Troy Blangin
Advisor

‎07-11-2000 05:06 AM

‎07-11-2000 05:06 AM

Re: Trying to run DNS with a Firewall

Thanks David. I will try one of those three options. If I need any more assistance I will let you know. OK. Thanks again.
0 Kudos
Reply
alberto vasquez
Trusted Contributor

‎07-11-2000 04:38 PM

‎07-11-2000 04:38 PM

Re: Trying to run DNS with a Firewall

Troy,
If you do need additional advice, try
posting this to the network forums also.


0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.