setting up an internal TLD

Lesley B lesley_b_linux at yahoo.co.uk
Wed Oct 18 04:39:34 PDT 2006 

--- Mike Taylor <miketaylor at operamail.com> wrote:

> Hello,
> 
> I've installed 3.9 on a system connected to a cable
> modem to act as a firewall.  I'm trying to make a
> TLD for my internal network.  The domain I'm trying
> to use is "localnet.dot".
> 
> Below are the files I'm using, but the system keeps
> using the ISP's DNS servers.  Here's the output I
> get when I use dig:
> 
> # dig @homebox www.yahoo.com
> ; <<>> DiG 9.3.1 <<>> @homebox www.yahoo.com
> ; (1 server found)
> ;; global options:  printcmd
> ;; connection timed out; no servers could be reached
> 
> 
> What am I doing wrong?
> 
> 
> thanks,
> Mike

<snipped lots of config detail>

Mike

I'm interested on setting up something similar - an
internal TLD with all references to that TLD being
directed internally.  

However if I want to dig for yahoo.com I would want my
DNS situation to go outside and collect the
information for me.  

As far as I understand DNS if you go to a local DNS
server which is able to deliver some content - i.e.
the local TLD then it will deliver it.

Yahoo is not in my local content so I would then
expect my local DNS server to go outside to my ISP's
DNS servers to query them - because that's where I
direct my DNS queries to go. Those DNS servers would
then either return a non-authorative (probably cached)
response or go find another DNS server that might be
able to tell them either an authorative or
non-authorative response if the TTL for that record
has expired.

Efecctively there is a face from your DNS server to
the outside world via your ISP's DNS and what I
haven't worked out yet is whether that means the local
DNS server's name (complete with a 'dodgy' TLD) is
'out there' to receive the response.

If it is then I think what would happen with another
DNS server trying to reply to localnet.dot is that the
DNS query to get back to you would be referred up the
DNS tree to the root servers - who know where the
.com's .uk .edu .gov .tv servers are - but have no way
of referring back to your .dot DNS server.

If you have a fixed IP address on the Internet there
may be some way of tying the responses expected back
to that IP address but I am not up at that level yet.

This may of course be entirely wrong and I will be
following this thread with interest.

Regards

Lesley Binks

Send instant messages to your online friends http://uk.messenger.yahoo.com

More information about the Openbsd-newbies mailing list