[3815] in linux-net channel archive
DNS & firewall & sendmail
daemon@ATHENA.MIT.EDU (Jacek Bochenek)
Tue Jul 23 00:44:42 1996
Date: Mon, 22 Jul 1996 11:59:34 +0200
From: Jacek Bochenek <jacek@coig.katowice.pl>
To: linux-net@vger.rutgers.edu
Hello,
Even though this is not Linux specific question, maybe someone will be able to give me
and advice on how to do the following setup. Here is the situation. We have a private
network, which unfortunately uses ip addresses that are valid internet addresses but we
can't register them (they are already in use). We also have a linux box that is connected
to the internet. I would like to do the following:
- Configure DNS so it resolves local as well as internet names
- Configure DNS/sendmail so it's possible to send/receive email to/from internet to
our local computers.
Here's is our current setup:
* The linux box also acts as a firewall
[INTERNET]------194.183.36.2[LINUX BOX]204.191.2.100---OUR NETWORK--[LOCAL DNS]
| |
| |
DNS [coig.katowice.pl] [coig.com]
The linux box resolves all internet names, Local DNS resolves all local names and
forwards queries about Internet names to our DNS on Linux. I've setup wildcard MX
records on our Local DNS so all outgoing mail goes through our LINUX BOX. Now comes the
part that I would like get some ideas. Right now I setup aliases on the LINUX BOX for
people who wants to receive mail to our local machines from the internet. One more thing.
All (right now only some, as I test it) machines have domain coig.com (which is only for
our local use, and will not be registered). Let's say there is a user inet at
machine1.coig.com. In order for him to receive email from the internet I setup an
sendmail alias on the linux box as follows:
inet: inet@machine1.coig.com
So people who wants to send imail to inet@machine1.coig.com must send it to
inet@coig.katowice.pl, then sendmail forwards it to our local machine behind the
firewall. The only trouble is that when people send mail to the internet the have to use
the Reply-To: header since normally the user who received the email would try to reply to
inet@machine1.coig.com and this isn't a valid domain.
Renumbering of machines isn't a consideration. The network has been set up way before I
came here, so please do not flame me for using such addresses.. :).
Is there a simpler way to accomplish what I want to do? Or maybe the current setup is the
way (ONLY way) to go? Are there any modifications that I could do to make the setup
easier and more reliable? Do I really need to have two domains? Any suggestions, pointers
criticism will be welcome.
Jacek.
---
Jacek Bochenek | jacek@coig.katowice.pl | "Smile, tomorrow will be worse!"
