From 3802300d4b470103383ab97ceff7d24d2efea84f Mon Sep 17 00:00:00 2001 From: teastep Date: Sun, 13 Jul 2008 21:18:37 +0000 Subject: [PATCH] De-emphasize Bind 9 views in the FAQ git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8634 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- docs/FAQ.xml | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/docs/FAQ.xml b/docs/FAQ.xml index e5c56c582..a2d726dd6 100644 --- a/docs/FAQ.xml +++ b/docs/FAQ.xml @@ -546,12 +546,14 @@ eth0:66.249.93.111 0.0.0.0/0 206.124.146.176 tcp 993 - The accessibility problem is best solved using Bind Version 9 - views (or using a separate DNS server for - local clients) such that www.mydomain.com resolves to 130.141.100.69 - externally and 192.168.1.5 internally. That's what I do here at - shorewall.net for my local systems that use one-to-one NAT. + The accessibility problem is best solved using + Split DNS (either use a separate DNS server for local + clients or use Bind + Version 9 views on your main name server) + such that www.mydomain.com resolves to 130.141.100.69 externally and + 192.168.1.5 internally. That's what I do here at shorewall.net for + my local systems that use one-to-one NAT. @@ -559,8 +561,8 @@ eth0:66.249.93.111 0.0.0.0/0 206.124.146.176 tcp 993FAQ 2b. That way, your local systems are still safe if your server - gets hacked and you don't have to run a split DNS configuration (Bind 9 - views or separate server). + gets hacked and you don't have to run a split DNS configuration + (separate server or Bind 9 views). And before you complain "It's too hard to set up split DNS!", check