Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

What do I handle DNS if I have a NATed LAN?

DNS LAN NAT'ed
0
Posted

What do I handle DNS if I have a NATed LAN?

0 CommentsAdd a Comment

1 Answer

0

If you want to use DNS in the LAN, you need a separate DNS server for the LAN addresses. This server should not be visible outside the LAN. It’s possible to run the DNS on the firewall itself, but you need to be very careful with the configuration of both the DNS server itself (e.g. BIND) and ipfilter in order to prevent a hole big enough to drive through. A few things to remember. Do not allow zone transfers across the firewall; instead, set up the DNS server as a master for your internal hosts (e.g. 192.168.x.x) and as a forwarder (and forward only mode) for external names which can not be resolved. RTFM on your DNS server. • I don’t run DNS, but see a lot of tcp/53 packets with the SA flags set in my logs. Is this an attack on my machine? It might be, but if the packets come in periodic bursts from only a few machines, it is probably nothing more than a misconfigured Cisco distributed content director trying to find the shortest routes to your machine. You can eliminate the log clut

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123