Expand Split DNS Article

This commit is contained in:
Tom Eastep 2010-03-22 19:56:45 -07:00
parent 9efb7bed29
commit e158509421

View File

@ -86,6 +86,46 @@
127.0.0.1 localhost
<emphasis role="bold">172.20.0.1 openvpn.shorewall.net openvpn
172.20.0.2 vpn02.shorewall.net vpn02
172.20.0.3 vpn03.shorewall.net vpn03
172.20.0.4 vpn04.shorewall.net vpn04
172.20.0.5 vpn05.shorewall.net vpn05
172.20.0.6 vpn06.shorewall.net vpn06
172.20.0.7 vpn07.shorewall.net vpn07
172.20.0.8 vpn08.shorewall.net vpn08
172.20.0.9 vpn09.shorewall.net vpn09
172.20.0.10 vpn10.shorewall.net vpn10
172.20.0.11 vpn11.shorewall.net vpn11
172.20.0.12 vpn12.shorewall.net vpn12
172.20.0.13 vpn13.shorewall.net vpn13
172.20.0.14 vpn14.shorewall.net vpn14
172.20.0.15 vpn15.shorewall.net vpn15
172.20.0.16 vpn16.shorewall.net vpn16
172.20.1.1 linksys.shorewall.net linksys
172.20.1.100 hp8500.shorewall.net hp8500
172.20.1.102 ursa.shorewall.net ursa
172.20.1.105 tarry.shorewall.net tarry
172.20.1.107 teastep.shorewall.net teastep
172.20.1.109 hpmini.shorewall.net hpmini
172.20.1.130 lanursa.shorewall.net lanursa
172.20.1.131 wookie.shorewall.net wookie
172.20.1.132 tipper.shorewall.net tipper
172.20.1.133 nasty.shorewall.net nasty
172.20.1.134 ursadog.shorewall.net ursadog
172.20.1.135 opensuse.shorewall.net opensuse
172.20.1.136 centos.shorewall.net centos
172.20.1.137 fedora.shorewall.net fedora
172.20.1.138 debian.shorewall.net debian
172.20.1.139 archlinux.shorewall.net archlinux
172.20.1.140 foobar.shorewall.net foobar
172.20.1.141 deblap.shorewall.net deblap
172.20.1.254 firewall.shorewall.net firewall
206.124.146.254 blarg.shorewall.net blarg
</emphasis>
# special IPv6 addresses
::1 localhost ipv6-localhost ipv6-loopback
@ -95,24 +135,18 @@ ff00::0 ipv6-mcastprefix
ff02::1 ipv6-allnodes
ff02::2 ipv6-allrouters
ff02::3 ipv6-allhosts
127.0.0.2 ursa.shorewall.net ursa
<emphasis role="bold">172.20.1.1 linksys.shorewall.net linksys
192.168.0.1 opensuse.shorewall.net opensuse
192.168.0.2 debian.shorewall.net debian
192.168.0.3 ubuntu.shorewall.net ubuntu
192.168.0.4 fedora.shoreawll.net fedora
192.168.0.5 opensuse11.shorewall.net opensuse11
192.168.0.6 centos.shorewall.net centos
192.168.0.7 debian32.shorewall.net debian32
192.168.0.8 fedora9.shorewall.net fedora9</emphasis>
206.124.146.254 blarg.shorewall.net blarg
<emphasis role="bold">2002:ce7c:92b4::1 gateway6.shorewall.net gateway6
2002:ce7c:92b4:1::2 mail6.shorewall.net mail6
2002:ce7c:92b4:1::2 lists6.shorewall.net lists6
2002:ce7c:92b4:2::2 server6.shorewall.net server6</emphasis>
</programlisting></para>
</listitem>
<listitem>
<para>Configure your local network hosts to use the firewall/router as
their DNS server. If your local hosts are configured using DHCP, that
is a simple one-line change to the DHCP configuration.</para>
<para> If your local hosts are configured using DHCP, that is a simple
one-line change to the DHCP configuration.</para>
</listitem>
</orderedlist>
@ -128,8 +162,45 @@ ff02::3 ipv6-allhosts
linksys.shorewall.net has address 206.124.146.180
gateway:~ # </programlisting></para>
<para>From ubuntu (192.168.0.3):<programlisting>teastep@ubuntu:~$ host linksys
<para>From Tipper (192.168.1.132):<programlisting>teastep@tipper:~$ host linksys
linksys.shorewall.net has address 172.20.1.1
teastep@ubuntu:~$ </programlisting></para>
teastep@tipper:~$ </programlisting></para>
<para>As a bonus, dnsmasq can also act as a DHCP server. Here are some
exerpts from the corresponding /etc/dnsmasq.conf:</para>
<programlisting>interface=eth1
dhcp-range=172.20.1.210,172.20.1.219,24h
dhcp-host=00:11:85:89:da:9b,172.20.1.220
dhcp-host=00:1A:73:DB:8C:35,172.20.1.102
dhcp-host=00:25:B3:9F:5B:FD,172.20.1.100
dhcp-host=00:1F:E1:07:53:CA,172.20.1.105
dhcp-host=00:1F:29:7B:04:04,172.20.1.107
dhcp-host=00:24:2b:59:96:e2,172.20.1.109
dhcp-host=00:1B:24:CB:2B:CC,172.20.1.130
dhcp-host=00:21:5a:22:ac:e0,172.20.1.131
dhcp-host=08:00:27:B1:46:a9,172.20.1.132
dhcp-host=08:00:27:31:45:83,172.20.1.133
dhcp-host=08:00:27:28:64:50,172.20.1.134
dhcp-host=08:00:27:4b:38:88,172.20.1.135
dhcp-host=08:00:27:f6:4d:65,172.20.1.136
dhcp-host=08:00:27:dc:cd:94,172.20.1.137
dhcp-host=08:00:27:0f:d3:8f,172.20.1.138
dhcp-host=08:00:27:42:9c:01,172.20.1.139
dhcp-host=08:00:27:5a:6c:d8,172.20.1.140
dhcp-host=08:00:27:da:96:78,172.20.1.141
dhcp-option=19,0 # option ip-forwarding off
dhcp-option=44,0.0.0.0 # set netbios-over-TCP/IP nameserver(s) aka WINS server(s)
dhcp-option=45,0.0.0.0 # netbios datagram distribution server
dhcp-option=46,8 # netbios node type
dhcp-option=47 # empty netbios scope.
dhcp-option=option:domain-search,shorewall.net
</programlisting>
</section>
</article>