Topic: Public DNS (again!)

[NeilL]

This topic is a bit stale, I know, but I need to bring it up again.

Now that e-smith runs BIND in a "chroot jail", the templates seem to have changes substantially since these were written:
http://forums.contribs.org/index.php?topic=9682.msg36755#msg36755
and http://forums.contribs.org/index.php?topic=9682.msg36755#msg36755

I've been toying with the idea of trying to implement two incidents of named on one machine, as suggested in the above article, and am quite willing to do so if necessary.  

But is it possible to simply set up a machine (not e-smith) to run the "external" name server, having a single interface and a static IP and telling the internal e-smith version of named to use this machine as the forwarder?  The name of this machine would be the one submitted to networksolutions.

Any thoughts, or am I just trying to make a molehill out of a mountain?

NeilL

[Charles Steaderman]

I am having a similar problem with our DNS setup. I followed other posts regarding setting up multiple instances of named, one for the intenal network and on for the external (as primary). Unfortunately I seem to be having problems with external nameservers gaining access to my server. Part of the problem is that I am trying to act as the primary for 2 domains (poliac.com and poliac.net). Anyway, this is the message displayed in my messages file:
Feb 20 15:18:41 gw kernel: Packet log: denylog DENY eth1 PROTO=17 209.98.98.1:46249
208.42.114.1:53 L=56 S=0x00 I=35047 F=0x4000 T=252 (#1)

209.98.98.1 is the IP address of our ISP's nameserver which is acting as our secondary. Any thoughts anyone?

BTW: With the new script structure for DNS in 4.1, I tried, as a test, to simply use hardcoded named.conf and zone files which were working on 4.0, but I get the same results - no external queries for poliac.net are accepted, but queries for poliac.com are.