[Dshield] OT dynamic IP
kabal at ev01.net
Tue Mar 23 18:03:49 GMT 2004
On Tue, 23 Mar 2004, Alan Frayer wrote:
> On Mon, 2004-03-22 at 20:12, Al Reust wrote:
> > The one that I purchased is by RhinoSoft, DNS4me
> > http://www.dns4me.com/
> > It has been running for over a year now with no problems.
> > For those that do not know the client program does, a trace back to the
> > server and registers the IP on the exterior of your network (DHCP address
> > on my router). Their service then host DNS for the "chosen name/IP." In my
> > case my IIS box is one Nat'd IP and my FTP server is on another Nat'd IP.
> > Should I desire I could register a domain name and allow them to host the
> > first DNS server. So with the correct Dynamic DNS service you could host
> > your own domain as mentioned above.
> That's actually an interesting idea, but doesn't it cost you the
> firewall benefits of NATting? I mean, if the DNS record now shows hosts
> in the private side of the router (and this is what you're suggesting,
> right?), can't someone access those hosts by their DNS name? Or does the
> fact that the addresses attached to those DNS names are still unroutable
> addresses leave them protected?
> I had wondered how I might apply proper host names to PCs in my private
> network when the domain name, web server, and e-mail server I use is
> hosted outside the network.
This is where you would do NAT. Say I have web server at 10.1.1.10 in my
internal net, but I want to server web pages from it. I would set a dns
record for one of my external IPs to www.foobar.com and forward all
requests to the 10.1.1.10 server. You could also do PAT here as well.
There is only one rule -- innovate
More information about the list